2001-02-02
6:44:41 PM
2001-02-01
8:30:22 PM
-
Proposed IRS rule could limit the freedom to link.
The US Internal Revenue Service is proposing a rule that might make
it inadvisable for not-for-profit organizations to provide
links on their Web sites to any political site. Wes
Vernon tells the story on
NewsMax.
The proposal begins:
The Internal Revenue Service is considering the necessity of issuing
guidance that would clarify the application of the Internal Revenue
Code to use of the Internet by [tax-] exempt organizations.
Its real import of the proposal becomes later:
Does providing a hyperlink on a charitable organization that engages
in political campaign intervention result in per se prohibited
intervention?
In other words, the IRS is proposing to interpret any link to a
political site from the pages of a nonprofit as evidence that the
nonprofit is "engaging in political activity" and thus in danger
of losing its 503(c) status.
The IRS will take public comments on Announcement 2000-84 until February
13. Comments must be submitted in writing to the agency in Washington:
Internal Revenue Service
1111 Constitution Ave., NW
Washington, DC 20224
Attn: Judith E. Kindell
Declan McCullagh pointed out that this proposal first attracted attention
last fall -- I missed it completely then. The text is online at
Tech
Law Journal and available from FedWorld in PDF form (401 KB) at
FedWorld.
Many thanks to Dorr H. Clark for pointing out the story.
11:34:38 AM
2001-01-30
7:16:44 PM
2001-01-29
11:02:10 PM
-
Leasing rights to your life.
Brett Fausett, proprietor of the invaluable
ICANN Blog,
performed a little exercise in red-lining earlier this month. After
receiving a note from GreatDomains.com that its User Agreement had
changed after its acquisition by VeriSign, Fausett retrieved the
previous terms of service from Google's cache and compared old
and new. The result
is eye-opening. (Note: PDF file.) GreatDomains has expunged with
extreme care any hint of a whiff of a possibility that you might
take away any impression that you actually own a thing called
a domain name. Fausett adds, "This was done mostly out of idle
curiousity, as I've never bought or sold a domain name with Great
Domains."
8:54:13 PM
-
Bad BIND bugs.
Updated 2001-03-02, 6:42 am:
The original TBTF Log posting on the BIND bugs is below in
light type. New development:
ISC, the developer of BIND, has floated a suggestion of a
fee-based membership forum for early vulnerability warnings. A copy
of the e-mail sent to a company announcement list is posted
here.
According to ISC, "recent events" had suggested a need for a
fee-based membership forum consisting of ISC itself, software and
hardware vendors that include BIND in their products, root and TLD
name server operators, and "other qualified parties... nominated at
ISC's discretion." Not-for-profit members could have their
membership fees waived. This story first appeared on
Fairfax.com.
CERT issued an
advisory
Monday on four bugs unearthed in versions 4 and 8 of BIND -- software
that runs on most DNS servers worldwide. (BIND is the Berkeley
Internet Name Domain server, supported by the
Internet Software Consortium.)
CERT took the unusual steps of issuing a press release and holding a
news conference to urge sysadmins to upgrade BIND right now.
What CERT describes as four bugs the ISC seems to regard as three,
according to their
vulnerabilities
page (see the topmost three bugs listed). ISC rates the
bugs as Critical, Moderate, and Serious respectively. The two most serious
could potentially allow an attacker to run arbitrary code in a privileged
mode on any DNS server with an affected version of BIND.
CERT urged all BIND users to upgrade to version 4.9.8, 8.2.3, or
9.1. (BIND 4 is no longer actively maintained and ISC recommends
using either 8.2.3 or 9.1.)
Three of the bugs were found by the
PGP COVERT Labs. According
to CERT, these bugs "have been successfully exploited by COVERT Labs
in a laboratory environment," but "To the best of our knowledge, no exploits have
been released to the public." The ISC's description of the situation is
more ambiguous. For all three bugs ISC says bluntly, "Exploits for this
bug exist" -- whether in the lab or in the world they do not disclose.
The Pittsburgh Post-Gazette's
coverage
quotes a CERT spokesman describing the pattern of exploits and attacks over
time after the last BIND hole was announced, offering a glimpse into a
possible future once exploits for the new bugs spread -- which the
WSJ
expects to happen "within days."
Look to the bottom of the ISC
vulnerabilities page for an exhaustive table of BIND versions and their
status with respect to all 12 security bugs ever reported against BIND.
Lots of press outlets have picked up the story. Newer links are at the end.
TechWeb (Reuters) |
InternetNews good tech details |
Wall Street Journal |
ZDNet |
Pittsburgh Post_Gazette good background |
LA Times (AP) |
ZDNet |
The Register.
My article for this morning's Media Grok newsletter on the subject is
here.
BIND critic D. J. Bernstein, who calls
the software the Buggy Internet Name Daemon, has written a DNS server of his own and
offers a $500 reward to anyone who finds
a security hole in it. Bernstein recalls that when embarking on the version 9 rewrite, Paul
Vixie characterized the original (version 8 base) BIND code as "sleazeware produced in a
drunken fury by a bunch of U C Berkeley grad students." Bernstein claims that whatever the
provenance of the version 9 code, it is at least equally buggy.
11:03:18 AM
-
Unnatural acts.
Eric A. Hall, author of Internet
Core Protocols, recently came across an old
Slashdot
discussion (note: loads over 177K) of tunnelling IP over DNS. This is, admittedly, a
deeply perverted act. But when Eric pointed it out on the
Irregulars' private mailing list,
other denizens quickly dragged into the light examples of even more
dubious practices.
- Joshua Eli Schachter cited
IP tunneling over email.
- Jon Callas recalled
IP
tunneling over MIME.
- Andre Uratsuka Manoel speculated on the possibility of tunneling
IP over ICMP:
Some people have hacked into an ISP and copied its user database
by means of some pings with the data in the packets... I also know
of people who hide backdoors by only activating them when the attacker
pings the machine with packets of a certain size.
- Chris Olds trumped with an RFC dated 1990-04-01:
IP datagrams by carrier
pigeon.
RFC 1149, A Standard for the Transmission of IP Datagrams on
Avian Carriers, outlines an excellent choice for "high delay,
low throughput, and low altitude service." Other desirable features:
...many carriers can be used without significant interference with
each other, outside of early spring. This is because of the 3D ether
space available to the carriers, in contrast to the 1D ether used by
IEEE802.3. The carriers have an intrinsic collision avoidance
system, which increases availability.
Chris concluded with the fanciful error message Connection Dropped --
No Carrier (ECAT): pigeon eaten.
Updated 2001-01-29, 5:14 pm:
TBTF Irregular John LoVerso points out that RFC 1149 has been updated (by
the same perv^Wauthor) for QoS.
See RFC 2549, IP over Avian
Carriers with Quality of Service (1999-04-01).
The following quality of service levels are available: Concorde,
First, Business, and Coach... [Note -- Concorde seems no longer to
be offered. -- ed.] The ITU has offered the IETF formal
alignment with its corresponding technology, Penguins, but that
won't fly... Carriers may be lost if they are based on a tree as it
is being pruned.
2001-01-28
7:10:18 PM
-
In real time.
Here on one
handy page are all manner of tracking links to real-time data about the
earth and its neighbors, including:
- how the sun looks now in X-ray light
- the phase of the moon
- Mars's position, phase, and temperature map (a high of 210 Kelvins, brr)
- a US weather map
- world ocean temperatures
- recent US earthquake activity
Unlike many an academic collection
of links, U.Montana professor Tim Slater's page initially loads thumbnails
of visualizations of many of these data. It's strangely satisfying.
Thanks to Richard M. Koolish for the link.
|