By now you've heard about the lawsuit ,  filed on 10/7; it was front-page news in the New York Times on 10/8. After testing the Java implementation in Internet Explorer 4.0, Sun filed suit  accusing Microsoft of false advertising, trademark infringement, and breach of contract. Microsoft responded aggressively , calling Sun's claims "outrageous." IE4's Java lacks two components in its implementation of version 1.1 of the Java SDK, and Sun claims it found about 40 modifications to the Java language, including to its underlying class hierarchy. The changes seem to be mostly in aid of making Java run faster under Microsoft operating systems. The furious spinning by both sides obscures the real dispute, which centers on the exact language of the contract Microsoft signed with Sun in April 1996. Did Microsoft commit to producing only 100% pure Java forevermore? The contract is still confidential although both sides have said they are willing to disclose it publicly.
In the first two days after Microsoft made Internet Explorer 4.0 available, users downloaded 1.2 million copies . At 20 MB a pop, this represents a copy every 6 seconds, or an average download bandwidth equivalent to three T3s. Many more copies were distributed by 20+ mirror sites -- no central figures exist. An additional two hundred thousand left Redmond on CD-ROM, and Microsoft announced a deal with Sony to bundle IE4 on Sony music CDs. (I wonder if, when I buy the latest Fiona Apple CD, Microsoft counts me as a customer on the way to its stated goal of 50% of the browser market?)
In the midst of the enormous popularity of this software a couple of warning flags have appeared (in addition to the questions raised by IE4's swift but deviant Java implementation -- see above). First, IE4 provides a powerful new way for content providers to log user actions. Second, an early survey questions the inherent wisdom of Microsoft's strategy of unifying Net and desktop.
Channel Definition Format. When you subscribe to push information using IE4's built-in facilities, providers can log your access to their content even if you went through an anonymizing proxy server, and even if your access came from your local cache and not over the Net. IE4's channel definition format  includes a feature, LOGTARGET, that allows a Web-site provider to command IE4 to deliver logs of your usage via an HTTP POST or PUT directive. It's not clear whether the provider could include other sites in its channel definition to obtain, for example, logs of your usage of competing services. Below is an extract from Microsoft's site  where the LOGTARGET directive is defined.
NOTE: A client can only log page hits for URLs for which a channel is authorized. In the absence of future authorization methods, only URLs whose path is under the path of either the CDF URL or the URL in the HREF attribute of the LOGTARGET element can have page hits logged. For example, a CDF file at a URL such as http://www.microsoft.com/cdf/example.cdf could not log page hits of a URL such as http://www.msn.com/example.htm.
Logging Declarations Specifies where to upload a client's page-hit log file in Ex- tended Log File Format. HREF="url" Required. Specifies the URL of where the log file should be sent. METHOD="POST" | "PUT" Required. Specifies the HTTP method to be used for sending the data. [RFC 1945] SCOPE="ALL" | "OFFLINE" | "ONLINE" Specifies which type of page hits should be logged. Page hits can be logged for offline (read from local cache) or online (read from URL) browsing. The default for this attribute is "ALL", which logs both types of hits. PURGETIME When the log file is being uploaded, any page hits older than PURGETIME will not be reported. Example: <LOGTARGET HREF="http://www.foosports.com/logging" Method="POST" SCOPE="OFFLINE"> <PURGETIME HOUR="12"/> </LOGTARGET>
Thanks to Jamie McCarthy <jamie at voyager dot net> for the first forward of information on this troubling feature.
Do users want integration? C|net performed a survey  asking users whether or not they think Web/desktop integration is a good idea. 59% said no. One user commented:
I just wanted a browser! What does wanting to look at
Web pages with the latest tech have to do with changing
my (somewhat) perfectly working Windows? I like my
apartment just fine, thank you. I don't care if my stereo
thinks it'd be more convenient if my toilet flushed
The House Science Committee held hearings on DNS reform on 9/25 and 9/30. Larry Irving, representing the Commerce Department, testified that Commerce will release its DNS recommendations by 11/1, based on input collected over the summer . Irving implied that the recommendations will not be entirely consistent with the IAHC plan, now being moved forward by the interim Policy Oversight Committee -- the one approach to DNS reform shaped by substantial input from outside the US. The Science Committee's chairman, Chip Pickering, expressed a desire to keep Internet governance within the United States :
American taxpayers, companies, and government built the
Internet. This is something uniquely American.
What would it mean to subject the necessarily centralized, transnational functions of Internet governance to US laws? A preview is offered by a dispute involving Libya , which came into the public eye during the second day of hearings on 9/30. Jon Postel, a US citizen who operates the International Assigned Numbers Agency under charter from the Federal Networking Council, granted the request of an applicant for authority to subdivide the national domain .LY (Libya). The US has applied unilateral sanctions against Libya, and it is illegal for any US citizen to engage in or to encourage commerce with that north African country. Congressmen fumed about Postel's action and the Treasury Department is reported to be investigating . National interference of this kind is inevitable if one country's government controls inherently transnational resources such as top-level domain names.
The last word has yet to be spoken on US government involvement in domain naming. A staffer on the House Commerce Committee said that that body may try to wrest jurisdiction over the domain issue away from Pickering's Science Committee , on the grounds that domain names belong to the commercial realm.
Lauren Weinstein calls attention to the problems caused by the caching of Web pages in the current issue of the Privacy Forum Digest (I read it on Phil Agre's Red Rock Eater News Service ). Many large ISPs and corporate firewalls make local copies of popular Web pages in order to speed performance and reduce load on long-haul networks. The practice is not new but we're only beginning to see analyses of the tradeoffs that caching imposes: pages of dubious currency, static snapshots of dynamically generated pages, copyright questions, and inaccurate reporting of hit rates to Web sites. A New York Times article today singled out the latter problem in introducing MatchLogic , a firm that claims to have a fix for undercounted Web ad impressions. The company's research indicates that on average, ad banners are being viewed at a rate 76% higher than current estimates; and that for some popular Web pages the disparity rises above 570%.
Actually, there's no Nobel for mathematics. The highest prize for math is the Fields Medal.
Legend has it that the reason there's no Nobel in math is because the Sweedish mathematician Mittag-Leffler had an affair with Nobel's wife. The Nobel people people deny it, Mittag-Leffler's people deny it (there's a Mittag-Leffler institute in Sweeden), but it's prime math gossip.
Fans of computational theory may have become exercised recently by a claim to a possible breakthrough in NP-completeness. The term denotes problems long believed to be intractibly difficult: any class of problems proved to be NP-complete will have members whose solution requires exponential time to compute. (For a quick refresher on NP-completeness, see  and following slides. I fear that these university lecture notes will be of no help to the math-impaired. Four examples of NP-complete problems are given at .)
Jonathan Hayward <jhayward at students dot uiuc dot edu> posted a note to cryptography and security newsgroups on 10/19; it was carried in RISKS for 1997-10-01 :
I now have what I believe to be a polynomial time solution
to an NP-complete problem (specifically, satisfying a proposi-
tional formula expressed in terms of parentheses, variables,
negations, and conjunctions)... My algorithm, if correct,
may have substantial implications for cryptography and con-
sequently security issues... This program produces correct
output for small formulas that I am able to manually verify,
and it had an execution time on a formula of 100 variables
of less than a minute. (Compare with brute force, which on
a supercomputer capable of 1 billion elementary operations
per second would take longer than the age of the universe.)
Hayward posted the algorithm to Usenet and made it available on the Web. When I wrote to him yesterday asking if he had received any feedback on the claimed discovery, he replied:
The algorithm has good average-case performance, but is
exponential in the worst case. It would have been a
breakthrough 15 years ago, but now is a replication of
discoveries already made.
All US states have laws that require construction crews to notify utility companies in advance before digging in the vicinity of underground pipes, cables, etc. An outfit called the Dig Safe System, Inc., funded by utility companies, provides centralized information on the location of buried infrastructure; a single nationwide toll-free number (888-258-0808) links together all the regional Dig Safe resources. With underground fiber-optic cable increasingly at risk from rampaging construction equipment , AT&T has set up a Web site  to help implant the Call Before you Dig message deep in the brainstem of backhoe operators everywhere. The site tries to make digging safety fun -- its intended audience seems to be a construction foreman with a multimedia PC, Web access, fat pipes, and the mind of a six-year-old.
Sign up to win free, fun, and useful stuff... videos, pens,
key chains, work gloves... Don't miss the multimedia journey
of Farmer Cliff... colorfully presented using Shockwave tech-
nology. ("Howdy. Wanna hear 'bout my cow?")
Today's contender for the most apposite use of the Web is Shoebox Greetings, which likes to call itself "a tiny little division of Hallmark." This site  saves from oblivion the outtakes of the Shoebox creative staff -- the gags that might have been a little too peculiar , or a little too offensive , for the countenance of a wholesome, family-oriented publisher of greeting cards. Thanks to Nina Eppes <nina.eppes at digital dot com> for the pointer.
Jargon Scout is an irregular TBTF feature that aims to give you advance warning -- preferably before Wired Magazine picks it up -- of jargon that is just about ready to hatch into the Net's language. Jargon Scout also invites your collusion in inventing the jargon du jour, in those cases in which the concept emerges before its concensus denomination.
What should we call those folks who, long before the availability of cable modems or even nailed-down ISDN lines, convinced the phone company to run a dedicated wire into their house -- 56 Kbps frame relay or T1 -- for full-time Net connectivity at a fixed IP address? Ippies , that's what, according to Adam Engst and Geoff Duncan.
We'll close on a whimsical note: the fable (, alternate at ) of a kingdom that wants to limit the export of wheels for reasons of easier law enforcement, though the neighboring lands all have them, and so declares that only square wheels can be manufactured for sale abroad. Any resemblance to laws restricting crypto export is purely intentional. The fable appeared on the Cypherpunks mailing list last summer; the author is unknown.
Red Rock Eater News Service -- mail email@example.com without subject and with message: subscribe . Chronological archive at http://commons.utopia.usweb.com/cgi-bin/nph-mailings.cgi/rre/.
RISKS -- read the newsgroup comp.risks or mail firstname.lastname@example.org without subject and with message: subscribe . Archive at http://catless.ncl.ac.uk/Risks/.
TBTF home and archive at http://www.tbtf.com/ . To subscribe send the message "subscribe" to email@example.com. TBTF is Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com- mercial use prohibited. For non-commercial purposes please forward, post, and link as you see fit. _______________________________________________ Keith Dawson dawson dot tbtf at gmail dot com Layer of ash separates morning and evening milk.