Volume 7, Issue 7 Atari Online News, Etc. February 11, 2005 Published and Copyright (c) 1999 - 2005 All Rights Reserved Atari Online News, Etc. A-ONE Online Magazine Dana P. Jacobson, Publisher/Managing Editor Joseph Mirando, Managing Editor Rob Mahlert, Associate Editor Atari Online News, Etc. Staff Dana P. Jacobson -- Editor Joe Mirando -- "People Are Talking" Michael Burkley -- "Unabashed Atariophile" Albert Dayes -- "CC: Classic Chips" Rob Mahlert -- Web site Thomas J. Andrews -- "Keeper of the Flame" With Contributions by: Mark Duckworth Kevin Savetz Paul Caillet To subscribe to A-ONE, change e-mail addresses, or unsubscribe, log on to our website at: www.atarinews.org and click on "Subscriptions". OR subscribe to A-ONE by sending a message to: dpj@atarinews.org and your address will be added to the distribution list. To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE Please make sure that you include the same address that you used to subscribe from. To download A-ONE, set your browser bookmarks to one of the following sites: http://people.delphiforums.com/dpj/a-one.htm http://www.icwhen.com/aone/ http://a1mag.atari.org Now available: http://www.atarinews.org Visit the Atari Advantage Forum on Delphi! http://forums.delphiforums.com/atari/ =~=~=~= A-ONE #0707 02/11/05 ~ HP Bounces CEO Fiorina ~ People Are Talking! ~ New SainT News! ~ eBay Reduces Some Fees ~ Bid To Name Arena! ~ New AOL Browser! ~ Parents Fight ID Tags! ~ Browser Spoofing Flaw! ~ New GIM Alpha Out! ~ EU Steps Up Spam Fight ~ Viagra Spammers Sued! ~ eBay Growth Over? -* Browser Feature Security Leak *- -* New Falcon Demos Out On Atari.org! *- -* Microsoft Releases Slew of Security Fixes! *- =~=~=~= ->From the Editor's Keyboard "Saying it like it is!" """""""""""""""""""""""""" Although not as bad as recent weeks, this week ranked up there in the top 10 of weeks of hell. I don't know about you, but this new year hasn't been going all that well yet. I can't blame it on the weather this week, as it hasn't been all that bad (he said as the sleet and snow has just started within the past hour!). Too much to do, not enough time. Pulled in many directions at once, and can only move in one direction at a time. You know the drill. Interesting thing happened to me this week. A few weeks ago, I received a letter from the jury commission. You know the drill - you are hereby required to appear for jury duty - blah, blah, blah. However, this wasn't a letter to report, but a letter telling me that I was now on a delinquent list - that I hadn't reported for jury duty back in 2000. Well, I knew it had to be a mistake because I always report when required. I checked my records - I save my past letters. I had two from that year: routine jury duty as well as federal. In both cases, I was on stand-by status. This means that on the evening prior to your scheduled report date, you're required to call to see if you need to report. Since that time was the first time that I was on stand-by status, not only did I call, but I had my wife call. Both of us heard the recording tell us that I didn't have to report. I didn't. Now, over four years later, I get a delinquency letter. Report for jury duty within 30 days or face a huge fine, and loss of driver's license. I had the option to dispute, and I did - twice. There's no way to prove what the recording had stated. And, I was told that there were people who did report. But, there were also four other people from my panel who did not report. Still, it made no difference. So, I reported for jury duty this past week. Now, Joe will tell you that it's everyone's civic duty to appear for jury duty. But, I really have no interest in being part of a jury! I understand what it's all about, and its importance - it's just not something that I feel comfortable. Anyway, I made it into the big city, found my way around and made it to the courthouse. I survived the obligatory video, and the quick quips from one of the Superior Court judges. And then waited, and waited, and waited some more. It must have been a slow day because only a few panels were called. After lunch, we were sent home. So, I managed to "survive" another day of jury duty. I didn't make it to the jury room or court room. I didn't get challenged for the third time in a row. I went home, exhausted. They really should do something about those uncomfortable chairs! On a positive note, I actually managed to do some more research of my archives to find some old AtariFest reports. I didn't get an opportunity to check many out, and put them together for this week, but I should have that and more ready in an upcoming issue. So, I'm getting there. In the meantime, I guess I had better check out how much sleet and snow has dropped so I can get out in the morning. Until next time... =~=~=~= GIM v0.3 Released! Hello everyone, I really tried to get this done by Xmas but I failed. Oh well. Anyway, now you have a little bit of after xmas fun! Gim version 0.3 has been released. This is still alpha quality but is approaching beta quality. It shouldn't destroy your machine or anything. This software is licensed under the GNU GPL and the source code is available. For those that don't know, GIM is short for GEM Instant Messenger. It is an increasingly full featured AOL Instant Messenger client for Atari compatible machines. It currently and for the foreseeable future only works under MiNT on XaAES or N.Aes but assuming someone wants to do the work, Magic support is possible. It also requires MiNTNet networking rather than STiK. For those who haven't used a CVS edition of GIM since version 0.2, there's quite a few surprises in this release. GIM is much more stable, staying online for days and days subject to the stability of aim servers and your network connection. Now, here's a list of all of the changes since version 0.2. This list may be missing some things that were actually done. * Bugfix in the preferences dialog * Disclaimer removed. It looked awful anyway. The logon dialog was changed. * Killed all the debug messages in the release version. * Click on a buddy in your list to start a new conversation! * Full configuration system stores buddy list modifications inside acct1.blt, and stores full font and window configuration in gim.cnf. Your window size and position is remembered! I wish all programs did this :) * XaAES fixes (some menubar bug yet to be addressed) * Wordwrapped scrollable buddy info. * Set your own Buddy info. * Beginnings of Away message implementation. * Proportional fonts in conversations, user configurable mono-spaced fonts everywhere else. * Several key stability improvements Upgrading? Copy the new gim.prg and gim.rsc into your current gim directory. Keep your current acct1.blt or use the included one (xevaporated and nsxwolf are me.. Say hi :) ), DELETE your current gim.cnf. It won't work and this new version will create a config file for you. The config file is user editable if you don't change ANY line or word spacing. The GIM config parser is VERY dumb :) It's intended only to be adequate. If users would like MagiC support, some nice person with some time and expertise must convert libfaim to be working under MagiC. This means depending on mintlib and the other dependent libs to not require the mint kernel. This could be some work! After GIM works in MagiC with MagiCNet, I would be willing to do the work to make GIM work with STiK. Download at http://gim.atari-source.com under the downloads section. Good luck! Thanks, Mark http://www.atari-source.org Atari.Org Opens Falcon Demos Anders Eriksson has announced: After a couple of years of talk and no action, Atari.Org has now published a rather large (but yet far from complete) collection of Falcon demos and intros. We're nowhere near a complete collection yet, but the launch offers over three hundred demos and intros to download. Looking around the files, one will find many common demos from the well known crews like Lazer, Avena and E.K.O. but also some lesser known ones. If you look carefully you'll find a very rare Carebears demo which is a conversion of their most famous Union demo screen - but in glorious Falcon overscan and with a cool house soundtrack. http://falcdemos.atari.org/ SainT 1.99b * Upper border line counting in NTSC fixed ( "Best Part Of The Creation" by Delta Force) * Medium resolution detection fixed for screenshot ( "Best Part Of The Creation" by Delta Force) * Screenshot file name is derived from the floppy disk name * BUS Error stack frame improved ( Many original protections are working such as PYM, SyntaxTerror, DarkSide) * Crash recover (sometimes when SainT crash, you can't run it again. Should be fixed now) * Another upper border "60hz" fixed ( multicolor music display by Level16 in Syntax Terror) Web: http://leonard.oxg.free.fr/SainT/saint.html Download: http://leonard.oxg.free.fr/SainT/SainT199bSelfExtract.exe -- Best regards, Paul =~=~=~= PEOPLE ARE TALKING compiled by Joe Mirando joe@atarinews.org Hidi ho friends and neighbors. I know that there's only a very slim chance that you care about this, but we dodged a bullet where our weather is concerned. We were supposed to have gotten up to 12 inches of snow today, but the weather system formed farther north than anticipated, so we got rain. It's funny how much difference a few miles can make, ain't it? The main thing I want to mention this week is a short article I read this week about teaching the theory of evolution in schools. Now, I firmly believe in evolution. It's the theory that makes the most sense and fits most of the facts we have access to these days. The problem is that theories can be tough to prove, especially when you have people who believe in something else as firmly as I believe in evolution. The article I read took the position that teaching evolution was necessary to keep our edge in technology and innovation. Perhaps that's true, but as well thought out as the article was, the author forgot one important point. Evolution may be the best theory we have, but it is still just a theory. While a majority of the scientific community is of the same opinion as I am, there are others who find evolution to be less compelling for whatever reasons. The author even went so far as to apply Darwinian evolution to the life of the Universe. While there are interesting parallels, I have a problem with a model of the way that biological systems progress fitting something so completely different as the cosmos... basically everything that is. For the Universe, I prefer the "Inflationary Big Bang" theory. Of course, there again not everyone agrees. A large portion of those who don't support some form of The Big Bang theory aren't opposed to it on religious grounds. Now isn't THAT refreshing? Well, let's get to the news, hints, tips and info from the UseNet. From the comp.sys.atari.st NewsGroup ==================================== Someone calling themselves Egon Spengler asks about which TOS version to put into a machine along with 2.06 for compatibility: "Just bludgeoned TOS 2.06 into my Mega ST and am wondering if it's worth putting another TOS in there to aid compatibility for old games etc? If it is worth doing, which other TOS would the panel recommend? Seeing as there's another 4 spare sockets, i could switch another 2 TOSs in I guess, but that seems a little overkill." Rodolphe Czuba tells Egon: "TOS 2.06 will never work on a MEGA ST !! It will on a MEGA STE ! MEGA ST, like ST/STF use ROM addresses at $FC0000 to $FEFFFF = 192 KB MEGA STE + STE + TT030 + FALCON use ROM addresses at $E00000 to E7FFFF To use TOS 2.06 on MEGA ST, you need to decode the addresses and chip select the 2 EPROMS of your TOS 2.06 ! The 'mode 2.6' was the name of a such chip I did in 1993!" Egon replies: "It's in my MEGA ST and running fine. It's a slight variation of tos206up.txt, I can put the mod on a web page if it's of any interest to others? One IC and two diodes and there she was a bootin'." Mark Bedingfield tells Egon: "Please post that, it sounds interesting." Egon agrees: "OK, will do. I'll throw the TOS 1.02 in and make sure it swaps ok, then I'll put the whole shebang on a web page." Egon now asks: "Are there any 1.44 [floppy] drives that fit into a Mega ST case without the need to hack the front of the case?" 'Tim' tells Egon: "Yes the Epson SMD-300 or 340 is a perfect exact fit. All you need is a Mega STE/TT front face so it matches the case, you can use the old one from the one in your computer now. I have lots of these drives available for sale if you want one. These are 1.44MB drives." Mario Koezema adds: "Yes, there are original HD drives for the Atari ST. It seems that Epson has made some drives. I don't know if a pc-floppy drive works in an Atari ST. Maybe the frontplate of a old Atari drive can use on an pc-drive. You can't use the old Atari floppy controller. There must be an Ajax floppy controller." Sam F. asks about sound on his CT60: "I plug a new set of speakers into the headphone jack on the Falcon.....nothing. I plug the speakers into the headphone jack on the Falcon's ide cd drive, I get sound. Question: which chip is the sound chip and where can I get a new/replacement chip?" Ronald Hall tells Sam: "You've got a CT60, so make sure you have the floppy power connector hooked to the CT60. This *has* to be done to get sound. I did the same thing, using a power connector from a 3.5" IDE adaptor board instead, and couldn't figure out why I did not have sound." Steve Sweet adds: "If you've not left off the cable that others have mention then you'll find the Audio amp's in 2 surface mounted 8 pin chips near the sockets." Sam continues: "Thanks to everyone for your responses but... I think the sound chip(s) are toasted. The floppy drive power connector is in fact plugged to the CT60 but no sound comes out the headphones jack to the external speakers. Is it very difficult to purchase the correct chip(s) and replace them myself? All advice, tips, etc. are welcome!!!" Steve tells Sam: "Check you sound CPX to make sure they aren't just muted! I had no trouble getting hold of some, its a standard part as opposed to an Atari special, fitting difficulty is dependent on personal skills. They are 8 pin surface mounted device, about 5mm by 7 mm." Ronald Hall asks for help with his Falcon's video: "Well, I guess I've gone and done it now - I've tweaked until I broke something on my Falcon. I was trying to get extended video with Centscreen last night, and after I thought I had a 800x592x256 color mode laid out, I rebooted. Except it won't. My monitor immediately starts flashing all lights on the display (bad video signal received). Black screen. I tried booting into straight TOS, same problem. I turned the CT60 off, same problem. I turned the MB mod (jumper on the CT60) off, same problem. I disconnected the hard drive, and tried to boot up using HDdriver via the floppy only - same problem. I tried using the keyboard combinations to bypass booting up with a HD, same problem. I hooked up a different monitor to see if by some odd coincidence, that monitor decided to go belly-up. Same problem. Its not the monitor. I took the cover off my Wizztronics case and tried to find anything shorted or burnt - nothing obvious. I checked the cable from the monitor to the Falcon. Nothing there. Anyone have any ideas, or suggestions? Thoughts on what in the world I did wrong?" Mark Duckworth tells Ronald: "Assuming that you didn't move stuff around too much. Sounds awfully coincidental to be the J20 repairs that I've done gone flaky. But that was the symptom too. The falcon starts with a bad video mode of some sort. (but doesn't actually do anything). Do you hear it booting up? Hard drive or fdd access still?" Ronald replies: "Well, I did have to put it back together in my Wizztronics case, but I don't think I moved anything more than would ordinarily be moved for this. It was working just fine, I had the whole kit 'n kaboodle completely sealed back up. It was right after I used Centscreen that this happened. Some further info, I hooked it up to my (much) newer 19" monitor on my Mandrake Linux box, and the monitor said: Frequency out of range: Try other resolutions(s) However, in case, as Rodolphe and others suggested, NVRAM was corrupt, or I inadvertently set it to some bizarre and incompatible video mode, I did try booting up from floppy, using a program that is supposed to reset NVRAM in the AUTO folder on the floppy. Except that I've got zero response from the floppy as well. I mean, no lights come on to it at all. I tried running a different power lead to it, still no power. I then took a spare FD from my other Falcon and hooked it up. It does the same thing. So at this point in time, I can NOT boot from a floppy to reset NVRAM. It does sound like the hard drive boots up, and the CDRW does get power and spin up. I tried the other suggestion that Derryck and Rodolphe made, using keyboard combinations, but I'm flying blind here. I tried it when the Falcon first booted up, I a few seconds after boot up, etc, etc, etc,. I've not had any success with this yet. Any suggestions on what I can do here to sort this out?" Derryck Croker adds: "Mark's follow-up seems likely to be the root cause, but if anyone else has really corrupted NVRAM I have witnessed a Falcon being booted WITHOUT the NVRAM chip being inserted, and then plugged in and the correct settings applied whilst the Falcon was still powered up. Extreme measures, and it does depend on a socket being fitted - which brings its own problems if you're keeping the standard case." Rodolphe Czuba adds his thoughts: "Maybe a crash of the NVRAM parameters ! Your falcon is now booting in SM124 MONO ST mode ...eh eh You have to reset the NVRAM ! You can't because you see nothing ??? eh, you should have used one time in your life CBOOT (software from centek like Centscreen) and create a boot disk that is able to reset NVRAM when booting the Falcon. Other solution : find a ST MONO monitor ! As I remember there is a keyboard solution to reset NVRAM : Control + UNDO or Control + left Shift + UNDO when powering ON the falcon..." Well folks, that's it for this week. Tune in again next week, same time, same station, and be ready to listen to what they are saying when... PEOPLE ARE TALKING =~=~=~= A-ONE's Headline News The Latest in Computer Technology News Compiled by: Dana P. Jacobson EBay Says It Will Reduce Some Fees Less than a month after announcing a price hike that enraged small business owners, eBay Inc. said it would reduce some fees and promised to improve customer service. The online auction giant said in a Web posting Sunday it would credit $15.95 - the cost of a one-month subscription - to small business owners who operate "eBay Stores" in April. EBay also announced it would reduce the minimum fee for inexpensive auction items from 30 cents to 25 cents, starting Monday morning. Bill Cobb, who became president of eBay North America in December, said in an e-mail to eBay buyers and sellers that the company would provide more pricing details in upcoming weeks. Although the company isn't backing off price hikes announced in mid-January, the missive - posted to a popular eBay community site Sunday morning - struck a conciliatory tone and might repair bruised relations with small business owners. "There's a lot on your minds right now. I've been taking it all in and thinking hard about how we can make sure eBay remains a fun, safe place to trade, and a prosperous home for our many dedicated sellers," Cobb wrote. "We're listening to everything you have to say." In mid-January, eBay warned sellers in a terse e-mail that the monthly subscription fee for people who operate "Basic eBay Stores" would increase from $9.95 to $15.95, and the fee for a standard listing of 10 days would double, from 20 cents to 40 cents. The price hikes - which could dent profits for thousands of small business owners who hawk clothing, electronics and other low-margin commodities on eBay - are still expected to go into effect Feb. 18. For the past three weeks, eBay sellers have peppered executives with angry e-mails, threatening to increase the prices that buyers pay, close their stores or defect to auctions hosted by Yahoo.com or plucky startups. The price hike, combined with eBay's dominance in the auction and online payment sectors, prompted some members to ask whether the government or a fair-business consortium should regulate fee structures so small-scale entrepreneurs don't get gouged. Cobb's letter appeared to mollify some sellers, including Lynn Parker of Beaverton, Ore., who designs and sells custom Renaissance, Napoleonic, Baroque, Halloween and bridal costumes on eBay. Although she had never previously been involved in eBay sellers' chat groups, she spearheaded a letter-writing campaign to eBay executives to complain about the price hike. "I feel this is a good faith effort to retrieve confidence lost," Parker said of the credit and minimum fee decrease. "There has to be a time for healing, as many people have had their livelihoods affected by what seemed to be dictated by corporate greed." Cobb also announced Sunday that the San Jose, Calif.-based company would improve customer support services in the United States and Canada. Within the next 90 days, eBay will stop sending automated e-mail responses to buyers and sellers who send questions to customer service representatives. Instead, Cobb promised, people will "hear from a human being who will try to help you with your problem or question right off the bat." The company will only use automated responses to acknowledge receipt of spam or policy violation reports. Ebay also expanded the number of sellers who may call a telephone line for live help. Phone support is now only available to high-volume "PowerSellers," but starting April 1 it will be available to all eBay Stores owners. Analysts Wonder if EBay's Easy Growth Days Over Are eBay's days of cheap and easy growth behind it? Expanding at a rapid clip since its initial public offering in 1998, the online marketplace also stayed ahead of Wall Street's expectations - until a profit miss last month cost eBay a fifth of its market value. EBay also failed to raise its targets, bucking its usual trend and forcing analysts and investors to reset assumptions about the dot-com star, whose 2004 net income was nearly 900 times what it was in 1997. "The underlying question is, has growth for eBay fundamentally become more expensive to generate than in the past?" American Technology Research analyst Mark Mahaney said. Much of eBay's early growth came via word of mouth, but now the company is having to pay to grow. It has increased advertising in Germany and the United States, where some sellers are grousing about rising fees and raising fears that sellers could abandon eBay altogether or seek alternatives to the site, which has a virtual lock in the U.S. market. Meanwhile, the company is plowing investment into Europe and Asia, where competitors are more likely to await. Eighteen months ago, Wall Street estimated long-term earnings growth of 42 percent. But such expectations have steadily cooled to current estimates for 33 percent growth, according to Reuters Estimates. Before eBay issued its new 2005 forecast on Jan. 19, shares had traded at more than 60 times analysts' estimates for per share earnings excluding items. Shares are now trading at around 50 times analysts' 2005 earnings target. "It comes down to numbers ... Do you own the stock now based on the belief that growth will materialize and that 2006 is the start of the good times?" said Janco Partners analyst Martin Pyykkonen, referring to eBay's overseas growth plans. He himself is one of those waiting. Conceived as a platform for trading Pez candy dispensers and other trinkets, eBay sellers now peddle everything from tractors and trading cards to vintage cars and clothes. Last month, eBay raised 2005 investment goals to $300 million from $200 million. Roughly $200 million of that will go to expand PayPal, eBay's online payment service. The remaining $100 million is earmarked for China, where the online auction market is young - and brutally competitive. EBay landed too late in Japan, trailing rival Yahoo Inc., and the company says it will not make that mistake again. "In many ways China represents one of the most important opportunities this company faces today," eBay Chief Financial Officer Rajiv Dutta said during a recent conference call. EBay in July 2003 bought early China market leader EachNet, which holds a slim lead over local site TaoBao and a big lead over Yahoo's joint venture with Sina.com. China's online auction market was about $435 million in 2004 and is expected to grow to $725 million in 2005, according to Shanghai iResearch. EBay EachNet claimed just over half of that business. By 2006 investors should know how eBay's new investments in Europe and Asia are faring, and if eBay EachNet can deliver high profit margins like eBay has enjoyed in the U.S. and Germany, analysts said. "China is just much more of a free-for-all," said Pyykkonen. "The investments in China are something of an urgent nature. You need to invest sooner rather than later." Microsoft Releases Several Security Fixes Microsoft Corp. released eight security fixes Tuesday that carry its highest threat rating and urged computer users to install them quickly because all the vulnerabilities they address could let attackers take complete control of systems. Seven of the security vulnerabilities Microsoft marked "critical" affect the Windows operating system and related software, including the Internet Explorer browser, media player and instant messaging program. The eighth is with the Redmond software maker's Office XP business software. Microsoft also released four security fixes that carry lesser threat levels, but the problems could still let attackers gain some control of a system. "This is a month that has a significant number of updates for customers to deploy," conceded Stephen Toulouse, a Microsoft security program manager. But he said the company works to make fixes available as soon as it has them. Toulouse said anyone running any version of Windows will need to install at least one of the updates. Many of the fixes also apply to Service Pack 2, the massive security upgrade for Windows XP that was released this summer. Among the fixes is a particularly important cumulative update for the Internet Explorer browser. It includes patches for vulnerabilities that have already been made public. Toulouse said some people have figured out how to exploit some of those security holes, though the company hasn't seen widespread attacks yet. Nonetheless, he said, attackers have a head start, so these flaws could be exploited much more quickly than others. Another critical vulnerability could let an attacker take control of a computer by tricking the user into viewing a particular image, perhaps through the company's MSN or Windows Messenger or its Windows Media Player. The flaw takes advantage of imaging technology called "PNG Processing." Vincent Gullotto, a vice president with security software maker McAfee Inc., said his researchers were especially concerned about a critical flaw in some Windows server software because that problem could create a worm-like attack that spreads with little interaction from users. The large number of security updates could cause problems for big businesses, which must rush to secure their employees' computers while making sure that the updates don't harm regular business operations. Toulouse said Microsoft would offer extra support for business customers to deal with the mass of fixes. The monthly fixes came as Microsoft announced plans to acquire security software maker Sybari Software Inc. as part of efforts to produce and sell its own security products. Microsoft's software is a frequent and popular target for Internet-based attackers, and the company has made security a priority amid increasing hassles for business and consumer users. Carly Fiorina Out as HP Chief Carly Fiorina has stepped down as chairman and chief executive of Hewlett-Packard, effective immediately. Fiorina points to differences with the company's board as the primary factor for her departure in a statement, although she notes that she respects the board. She also says that HP is a great company, and she wishes it success in the future. HP has named Robert P. Wayman, the company's chief financial officer, as an interim chief executive and will seek a permanent replacement. Fiorina joined HP in July 1999 as chief executive, and was named chairman a year later. One of the few women to lead a Fortune 500 company, Fiorina caused contention within HP when she pushed through its acquisition of Compaq in 2002. At the time, many shareholders and directors fought the decision publicly, causing an acrimonious and extended internal battle. Friction continued after the acquisition, although Fiorina recently denied that there was still any disconnect between her and the board. Although the official HP line is that Fiorina has stepped down, it is unclear from statements whether she resigned willingly or was forced out. Given her recent squabbles with the board, some believe that Fiorina's departure is not entirely voluntary. "If you look at the wording of her statement, talking about how she respects the board's decision, that basically tells you they gave her the boot," Yankee Group analyst Laura DiDio told NewsFactor. Where HP goes from here, without Fiorina as its head, remains to be seen, but DiDio noted that the board may look at undoing some of Fiorina's work. However, there may be a limit to how much can be redone. "No matter how much some board members might not have liked the Compaq decision, they can't go back and divest themselves of Compaq at this point," she said. Instead, it is likely that HP will focus on increasing its services and building on its strengths in the printer and PC divisions. "Fiorina did make advancements for the company," said DiDio. "But it'll be interesting to see where they go from here without her." Browser Feature Could Make Scams Easier An Internet browser feature meant to permit Web addresses in Chinese, Arabic and other languages could encourage online fraudsters by making scam Web sites look legitimate to visitors. For once, the affected browser is not the industry-leading Internet Explorer from Microsoft Corp. but rather several of its more robust competitors. That's because the aging IE lacks support for internationalized domain names - at least without a plug-in, which would then make IE vulnerable. "It's kind of ironic that it affects some of the supposedly safer browsers," said Neel Mehta, a research engineer at the Internet Security Systems Inc. A fix won't be easy because the vulnerability, publicized at a weekend hacker conference, that enables so-called "phishing" scams involves a feature, not a coding error. Engineers at the Mozilla Foundation, developer of the No. 2. Firefox browser, said they were reviewing options and should have more to say within a few days. The maker of the Opera browser said in a statement that although a fix is possible, "it's extremely hard to find a balance between making the fix too comprehensive or too limited. Even though you limit yourself you can create problems for valid domains." Officially, the Internet's Domain Name System supports only 37 characters - the 26 letters, 10 numerals and a hyphen. But in recent years, in response to a growing Internet population worldwide, engineers have been working on ways to trick the system into understanding other languages. Engineers have rallied around a character system called Unicode. The newly discovered exploit takes advantage of the fact that characters that look alike can have two separate codes in Unicode and thus appear to the computer as different. For example, Unicode for "a" is 97 under the Latin alphabet, but 1072 in Cyrillic. Subbing one for the other can allow a scammer to register a domain name that looks to the human as "paypal.com," tricking users into giving passwords and other sensitive information at what looks like a legitimate site. Some browsers, including Firefox, let users deactivate the other character sets but doing so is complicated and would cut off access to the relatively few sites that use non-English characters in their addresses. A better solution is to always manually type Web address directly into a browser rather than clicking on a link sent via e-mail or even copying and pasting that link. The potential for the vulnerability has been known for awhile, but it has only recently gained the attention of security experts as non-English domain names become a reality. Eric Johanson, an independent security consultant in Seattle, publicized it on Sunday, saying he wanted to pressure vendors to act. Dan Hubbard, director of security at Websense Inc., which monitors phishing scams, said he knew of no e-mails circulating on the Internet that take advantage of the vulnerability, but he expects scammers to start using it soon to target non-IE browsers. Hubbard said plenty of flaws already exist with IE because users don't keep up with security updates. "Attackers will check to see what browser you're using and then use vulnerability A if it's Internet Explorer and B if it's Mozilla Firefox," Hubbard said. But Johannes Ullrich, chief technology office with the SANS Institute's Internet Storm Center, said scammers may focus on exploiting other flaws because IE remains dominant. "Right now the one thing that will likely prevent them from using it is that Internet Explorer users will not be able to see the page at all," he said. EU Steps Up Fight Against Spam The European Union head office called for closer coordination Monday among all member governments to hunt down and prosecute those illegally spreading unsolicited e-mails across the 25-nation bloc. Viviane Reding, the EU commissioner in charge of new media and information society, also announced that "anti-spam enforcement authorities" in 13 EU countries agreed to cooperate in investigating complaints against spammers. "Enforcement authorities in member states must be able to deal effectively with spam from other EU countries," Reding said in a statement. The deal reached among the 13 national agencies in charge of combatting unsolicited e-mails is voluntary but "establishes a common procedure for handling cross-border complaints on spam" and closes loopholes "exploited by spammers and data thieves," the Commission said. Coordination among the 13 agencies from Austria, Belgium, Cyprus, the Czech Republic, Denmark, France, Ireland, Italy, Greece, Lithuania, Malta, the Netherlands and Spain will be carried out through an existing EU contact network set up last year. EU laws requiring companies to get consent before sending e-mail, tracking personal data on Web sites or pinpointing callers' locations via satellite-linked mobile phones have been in place since 2003, though some in the 25-nation bloc were slow to enact legislation against spammers. The anti-spam rules are part of tough privacy regulations adopted in 2003 on electronic communications. The majority of unsolicited e-mails to Europeans originates from outside the EU. About 80 percent of all e-mails sent last year were unsolicited commercial bulk e-mail, according to U.S.-based e-mail filtering company MessageLabs, and the vast majority of those e-mails originated in the United States, where for a year national anti-spam laws have been in effect. Under U.S. law, no prior permission is required for sending commercial messages as long as the recipient is given a chance to "opt out" of receiving future messages from the same sender. Browsers Hit by Spoofing Flaw A security hole has been reported for nearly every browser in use - including Firefox, Safari, OmniWeb, Mozilla, Opera and Netscape - with the notable exception of Internet Explorer, which is not among the crop of browsers directly affected by the flaw. Security firm Secunia has issued an advisory warning users that a problem related to domain name implementation could be used to carry out phishing scams through Web address spoofing. The vulnerability has been ranked as "moderately critical." The spoofing flaw arises from the way that browsers handle Web addresses that include international characters in International Domain Name URLs. The flaw can be exploited by registering domain names with international characters that resemble more commonly used characters. For example, a zero can be put in place of the letter "O" leading to the registration of "Micr0s0ft.com." The flaw affects a broad range of browsers that use the open-source Gecko browser kernel, according to Secunia. Anyone using Firefox, Safari, or the like, could be visiting spoofed sites without realizing it. Since some phishing scams rely on fake sites to collect personal information, users could be opening themselves up to identity theft. Because there is not yet a patch, Secunia researcher Thomas Kristensen told NewsFactor that the most effective way to avoid the flaw is to surf responsibly. "The best thing you can do is not to follow links that you don't trust," he said. "Type the URL into the address line, rather than just clicking from one link to another." The fact that IE is not struck by the flaw is ironic to some, considering that the browser often garners security advisories. Some universities have grown so tired of IE security problems that they have encouraged students to switch to Firefox. The reason IE is given a clean bill of health in this latest security round is not due to tighter security measures, Kristensen said. Rather, it is because of the browser's age. "The functionality at play here is a rather new thing," he noted. "IE doesn't have it. Some users have downloaded it via a plug-in from Verisign, though, so they'll be affected." Secunia and others in the security community are eager for ICANN and the browser vendors to address the problem soon. "This is a serious security issue," Kristensen said. "We hope something can be done before many more people acquire these domain names." AOL Releases Standalone Browser In Beta America Online Inc. on Tuesday made available in beta a standalone browser that includes desktop search, a feature already offered by rivals Google Inc., Microsoft Corp. and Yahoo Inc. The AOL Browser is separate from the Netscape browser AOL is also testing. The latter browser does not include desktop search, but allows users to switch from the Mozilla rendering engine to Internet Explorer with the click of a button. The new AOL Browser, which is available for testing by AOL members and subscribers of the AOL Instant Messenger service, includes tabbed browsing that enables a person to quickly switch back and forth among multiple websites without launching a new browser. The feature is also available in the popular, open-source Firefox browser. The AOL Browser also provides a privacy button that lets users clear their Internet history, cookies and caches. But desktop search is the key feature in the new browser, because it has become an area of fierce competition with rivals Google, Microsoft, and Yahoo. All three competitors have released beta software that can be downloaded to the desktop and used to search files in a person's PC, as well as the web. The tools are viewed as important among search companies because people often begin shopping on the web with a search engine. Pfizer, Microsoft Sue Viagra Spammers Pfizer Inc. and Microsoft Corp. are teaming up to fight the slew of spam e-mails hawking Viagra that invade consumers' computers. The companies said Thursday they had filed a total of 17 lawsuits against defendants involved in the sale and distribution of the blockbuster erectile dysfunction drug. Microsoft, the Redmond, Wash., software giant, has targeted spammers before, but this is the first time the company has joined forces with a nontechnology firm. As many as one in every four spam e-mails advertise Viagra, Microsoft and Pfizer said. Consumers often mistakenly think the e-mails are sent by New York-based Pfizer and that the drugs they order through these online pharmacies are legitimate, said Beth Levine, Pfizer's general counsel for U.S. pharmaceuticals. "The consumer is most often completely unaware that the product they receive in a plain, brown envelope is illegally shipped from across the globe," Levine said. Pfizer filed a dozen lawsuits against Internet pharmacies and spammers, while Microsoft filed five. Most of the defendants were targeted by only one lawsuit. But two online sites - CanadianPharmacy and E-Pharmacy Direct - were the subject of lawsuits by both Microsoft and Pfizer. Aaron Kornblum, Microsoft's Internet safety enforcement attorney, said Microsoft and Pfizer don't know the identities of many of the spammers and of the people running the online pharmacies. Several of the Web sites were registered to real people without their knowledge, Kornblum said. Filing the lawsuits allows Microsoft and Pfizer to subpoena Internet service providers to help track down the defendants, Kornblum said. "This is the first time that we've had this cross-industry partnership to target the entire spam supply chain," he said. Besides CanadianPharmacy and E-Pharmacy Direct, the lawsuits target 10 other online pharmacies, including half-price-viagra.com and cheapviagrastore.com. Drug counterfeiting can put a big dent in the profits of pharmaceutical companies, said David Webster, president of Bethlehem, Pa.-based Webster Consulting, which works with the pharmaceutical industry. "If Pfizer can make a marginal improvement in the counterfeiting of Viagra, that can translate into hundreds of millions of dollars" in recovered revenue, Webster said. Parents Protest Student Computer ID Tags The only grade school in this rural town is requiring students to wear radio frequency identification badges that can track their every move. Some parents are outraged, fearing it will take away their children's privacy. The badges introduced at Brittan Elementary School on Jan. 18 rely on the same radio frequency and scanner technology that companies use to track livestock and product inventory. Similar devices have recently been used to monitor youngsters in some parts of Japan. But few American school districts have embraced such a monitoring system, and civil libertarians hope to keep it that way. "If this school doesn't stand up, then other schools might adopt it," Nicole Ozer, a representative of the American Civil Liberties Union, warned school board members at a meeting Tuesday night. "You might be a small community, but you are one of the first communities to use this technology." The system was imposed, without parental input, by the school as a way to simplify attendance-taking and potentially reduce vandalism and improve student safety. Principal Earnie Graham hopes to eventually add bar codes to the existing ID's so that students can use them to pay for cafeteria meals and check out library books. But some parents see a system that can monitor their children's movements on campus as something straight out of Orwell. "There is a way to make kids safer without making them feel like a piece of inventory," said Michael Cantrall, one of several angry parents who complained. "Are we trying to bring them up with respect and trust, or tell them that you can't trust anyone, you are always going to be monitored, and someone is always going to be watching you?" Cantrall said he told his children, in the 5th and 7th grades, not to wear the badges. He also filed a protest letter with the board and alerted the ACLU. Graham, who also serves as the superintendent of the single-school district, told the parents that their children could be disciplined for boycotting the badges - and that he doesn't understand what all their angst is about. "Sometimes when you are on the cutting edge, you get caught," Graham said, recounting the angry phone calls and notes he has received from parents. Each student is required to wear identification cards around their necks with their picture, name and grade and a wireless transmitter that beams their ID number to a teacher's handheld computer when the child passes under an antenna posted above a classroom door. Graham also asked to have a chip reader installed in locker room bathrooms to reduce vandalism, although that reader is not functional yet. And while he has ordered everyone on campus to wear the badges, he said only the 7th and 8th grade classrooms are being monitored thus far. In addition to the privacy concerns, parents are worried that the information on and inside the badges could wind up in the wrong hands and endanger their children, and that radio frequency technology might carry health risks. Graham dismisses each objection, arguing that the devices do not emit any cancer-causing radioactivity, and that for now, they merely confirm that each child is in his or her classroom, rather than track them around the school like a global-positioning device. The 15-digit ID number that confirms attendance is encrypted, he said, and not linked to other personal information such as an address or telephone number. What's more, he says that it is within his power to set rules that promote a positive school environment: If he thinks ID badges will improve things, he says, then badges there will be. "You know what it comes down to? I believe junior high students want to be stylish. This is not stylish," he said. This latest adaptation of radio frequency ID technology was developed by InCom Corp., a local company co-founded by the parent of a former Brittan student, and some parents are suspicious about the financial relationship between the school and the company. InCom plans to promote it at a national convention of school administrators next month. InCom has paid the school several thousand dollars for agreeing to the experiment, and has promised a royalty from each sale if the system takes off, said the company's co-founder, Michael Dobson, who works as a technology specialist in the town's high school. Brittan's technology aide also works part-time for InCom. Not everyone in this close-knit farming town northwest of Sacramento is against the system. Some said they welcomed the IDs as a security measure. "This is not Mayberry. This is Sutter, California. Bad things can happen here," said Tim Crabtree, an area parent. Your Name Here: Boston Arena Naming Rights on EBay New England's largest sports and entertainment arena is giving publicity hounds a chance to stamp their name on the facility for a day. Bidding opened on Thursday on online auction site eBay for single-day naming rights to Boston's FleetCenter, home to the Boston Celtics basketball and Boston Bruins hockey teams. The available dates run from Feb. 16-28. Bidding for each of the days started at $25 but quickly spiraled into the hundreds of dollars. The naming rights for one day, Feb. 16, were bid at more than $10,000 as of early Thursday evening. Net proceeds of the auction will go to charity, according to the facility's owner, Delaware North Companies. The long-term naming rights to the arena went up for grabs after Bank of America Corp. purchased FleetBoston Financial Corp. last year. The new owners decided to get out of the contract that Fleet signed in 1995 to put its name on the facility, although a new name has not been determined. =~=~=~= Atari Online News, Etc. is a weekly publication covering the entire Atari community. Reprint permission is granted, unless otherwise noted at the beginning of any article, to Atari user groups and not for profit publications only under the following terms: articles must remain unedited and include the issue number and author at the top of each article reprinted. Other reprints granted upon approval of request. Send requests to: dpj@atarinews.org No issue of Atari Online News, Etc. may be included on any commercial media, nor uploaded or transmitted to any commercial online service or internet site, in whole or in part, by any agent or means, without the expressed consent or permission from the Publisher or Editor of Atari Online News, Etc. Opinions presented herein are those of the individual authors and do not necessarily reflect those of the staff, or of the publishers. All material herein is believed to be accurate at the time of publishing.