John Gilmore <gnu at toad dot com> has initiated a fast-track approach to making the Internet secure, which he calls "opportunistic encryption" [1]. It's based on the IP Security spec [2] being developed by a working group of the Internet Engineering Task Force [3]. IPSEC will be incorporated into the next version of the Internet architecture -- IPV6; in the current architecture it's optional. Gilmore's plan is to build IPSEC into the Linux operating system [4] with full-strength encryption algorithms based on Triple-DES, RSA, and Diffie-Hellman. The cryptographic work will be done offshore (as Linux is distributed offshore) so as not to be subject to U.S. laws limiting the export of munitions. Once IPSEC is part of Linux you will need only to install a Linux box on your network to encrypt automatically all communications between your site and any other similarly configured network. Gilmore's goal is to secure 5% of the Internet by Christmas by taking advantage of the "fax effect" -- the more sites that are IPSEC-enabled the more valuable it becomes to add the capability to each new site. Gilmore's effort diverges from that of the IPSEC working group in its sense of urgency. He wrote in a 7/27 message to that body:

> Governments are rushing to outlaw [encryption]. [FBI Director] Louis
> Freeh said as much in his Congressional testimony last week. We need
> a user base who'll object to having it taken away. It's also a lot
> easier to do the design work in the open, rather than as a hunted
> criminal or expatriate.

Gilmore, one of the original Cypherpunks, is squarely in line with the Internet Architecture Board and the Internet Engineering Steering Group, which organizations have recently taken a public stand [5] in favor of strong crypto to provide security and privacy on the Internet.

Thanks to Dan Kohn <dan at teledesic dot com> for passing along news of Gilmore's IPSEC plans.

[1] <http://www.toad.com/gnu/swan.html>
[2] <http://www.ietf.cnri.reston.va.us/html.charters/ipsec-charter.html
[3] <http://www.ietf.org/>
[4] <http://www.linux.com/>
[5] <http://www.cygnus.com/~gnu/iab-iesg.stmt>

Have you seen Microsoft's new TV network MSNBC yet? Neither have I, my local cable company doesn't carry it. John Moe <dmoe at luminet1 dot luminet dot net> got an early look and posted this note to the apple-internet-users mailing list.

> If anyone had any doubt which browser is the best, I guess MSNBC
> just proved that [it's] Netscape... I'd think that if anyone would
> have a reason to use MSIE [Microsoft Internet Explorer] it would be
> MSNBC. On [an MSNBC show called] "The Site," while viewing the
> Olympic web site they were clearly using Netscape (on a Mac even)...
> They do use MSIE for showing a single page sometimes during short ads.

The network's visible use of a rival browser and a non-Microsoft OS may seem ironic, but I believe they underscore the credibility of MSNBC's claim to editorial independence from its corporate parent.

Pobox.com [6] was first: a service that provides users a permanent email address. The idea is not new. The Unix operating system has always offered a way to forward mail between addresses, and early denizens of cyberspace have long been in the habit of pointing their home system's ".forward" file to whatever company or university or ISP they were currently using to read mail. (I've been doing this for 6 years with the world.std.com address.) Now an outfit called ForeverMail [7] carries the idea further. Having acquired four carefully considered domain names, they offer their users permanent email addresses based on affinity, by subdividing the domains fan.org, lover.org, member.org, and grad.org. While it's likely someone had beaten me to the address "dawson@pobox.com," it's far more unlikely that someone has claimed "dawson@mac.lover.org" or "dawson@harvard.grad.org." You can have your pick for $18 U.S. per year.

[6] <http://www.pobox.com/>
[7] <http://www.forevermail.com/>

On the New York Times's Web you can read about [8], and download [9], an innovative new VR-like technology developed by Omniview, Inc. [10]. PhotoBubbles are electronic spherical photographs created by taking two back-to-back photographs with a 35mm camera and a fish-eye lens. The two 180-degree exposures are scanned and fused together to create a single 360-degree spherical view. Special software then corrects the perspective to produce the finished, seamless PhotoBubble. PhotoBubbles are not lightweight: the ones I downloaded [11], [12], [13] are around 220 KB. Using the viewer software (available for Windows and Macintosh) you can freely wheel and zoom around "inside" the spherical photograph.

[8] <http://www.nytimes.com/specials/gallery/index.html>
[9] <http://www.nytimes.com/specials/gallery/sw/>
[10] <http://www.omniview.com>
[11] <http://www.nytimes.com/specials/gallery/yankee.bub>
[12] <http://www.nytimes.com/specials/gallery/diner.bub>
[13] <http://www.usatoday.com/olympics/bubbles/hi_res/at698889.bub>

A consortium of anti-virus developers and publishers announced the advent of the first macro virus to infect Microsoft Excel documents. Unlike the earlier MS Word macro viruses, "Macro.Laroux" is not cross-platform: it infects only Windows spreadsheets. Here is a description from Microsoft's Web page [14] where prophylactic and purgative regimes are outlined.

> The ExcelMacro/Laroux macro is a non-harmful, non-destructive concept
> virus that simply appends a macro sheet called "laroux" to workbooks.
> It does not affect data or anything else in the workbook. This is the
> first replicating macro virus ever discovered in Microsoft Excel. The
> macro only affects documents created in Microsoft Excel 5.x for Windows
> 3.x, Microsoft Excel 5.x for Windows NT and Microsoft Excel 7.x for
> Windows 95 and Windows NT, including localized versions of Microsoft
> Excel (for example, versions of Microsoft Excel translated to French or
> German). This virus does not affect any version of Microsoft Excel for
> Macintosh or Microsoft Excel 3.x or 4.x for Windows.

[14] <http://www.microsoft.com/msexcel/productinfo/vbavirus/emvolc.htm>

In a recent beta release of Windows NT 4.0, Microsoft put teeth into a contractual limitation that has long existed in the license agreement for NT Workstation, a product positioned by Microsoft for individual desktop use. To discourage the use of NTW for server-like functions such as file and print services, for which Microsoft would rather sell you the far more expensive NT Server software, the company limited NTW to ten outside connections in any 10-minute timespan. Until recently this limitation was contractual; at Beta 2 of NT 4.0 it became technical, and NTW was effectively sidelined for use as a high-volume Web server. After the new limitation came to light in mid-July Microsoft endured a rain of protest from customers, ISVs, and the press. A report circulated a few days later that the company had decided to back out the technical change (I read it in Computer Industry Daily for 7/22) -- and they seem to have done so, according to the results of a test recently performed by an engineer of my acquaintence against "Release Candidate 1" NTW software. However, Microsoft's description [15] of NTW's "Peer Web Services" is distinctly down-market.

The NTW-as-server question has became the weapon of the moment in the ongoing Microsoft / Netscape marketing brawl. Microsoft sent a letter accusing Netscape of misleading customers with advertising that promises server functionality on NTW. Netscape responded with an accusation of unfair trade practices, and sent a copy of the letter to the Justice Department. Netscape's complaint is that their (or anyone else's) Web server running on NTS cannot compete on price with Microsoft's IIS (Internet Information Server).

So the answer to the question, "Can you use NT Workstation as a Web server?" seems to be: technically you can but doing so is likely to violate your license agreement.

[15] <http://www.microsoft.com/ntworkstation/Details.htm#pws>

In the wake of Germany's frustrating and failed attempts to censor the Internet content available to its citizens -- on the grounds that pornography and neo-Nazi materials available online violate German laws -- the country's authorities are calling on the United Nations to help create international standards for acceptable Web content. This note from c|net online [20] was posted to comp.org.eff.talk and was forwarded my way by Jon Callas <jon at worldbenders dot com>.

> Claudia Nolte, German's minister for family affairs, appeared Tuesday
> before the United Nations to discuss how the international body could
> play a role in developing standards to protect women and children from
> violence and sexual exploitation online. Nolte said that international
> standards will be necessary to prevent pornographers and neo-Nazis from
> operating outside national jurisdictions.

[16] <http://www.tbtf.com/archive/1995-12-31.html>
[17] <http://www.tbtf.com/archive/1996-01-14.html>
[18] <http://www.tbtf.com/archive/1996-01-22.html>
[19] <http://www.tbtf.com/archive/1996-01-31.html>
[20] <http://www.cnet.com/Content/News/Files/0,16,1860,00.html>