Computer underground Digest Sun June 1, 1997 Volume 9 : Issue 42
ISSN 1004-042X
Editor: Jim Thomas (
[email protected])
News Editor: Gordon Meyer (
[email protected])
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage:
http://www.soci.niu.edu/~cudigest
CONTENTS, #9.42 (Sun, June 1, 1997)
File 1--Color CuD Spam!
File 2--Germany "cybercops" battle offensive speech, violent games
File 3--article on WEB TV and the stupidification of computers
File 4--Survey says "Censor!"
File 5--(CwD-Meeks) -Jacking in from "Media Elite Eat To the Beat" Port
File 6--Review of: SENDMAIL (Second Edition)
File 7--Cu Digest Header Info (unchanged since 7 May, 1997)
CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.
---------------------------------------------------------------------
Date: Tue, 03 Jun 97 14:23 CDT
From: Cu Digest <
[email protected]>
Subject: File 1--Color CuD Spam!
CuD readers on the mailing list had the good fortune to receive
up to a dozen copies of last week's CuDs at no extra cost. We're
told that some readers were able to sell the extra copies on the
street for large sums, some readers even retiring because of
their good fortune.
For those not on the mailing list (most people receive CuD from
comp.society.cu-digest and a few other large distribution
points), the problem began with a double mail loop on an
east-coast system, the result of an attempted "work-around" that
went awry. This sent bounces from that system looping back to the
mailing list. Because CuD has no control over the mailing list
and no way of editing or modifying it, we were helpless. We do,
however, receive all bounces to the list. In this case, we
received thousands. CuDs are not sent out on a Unix system, so
writing a small filtering script was not possible. So, the
weekend was divided between deleting thousands of bounces and
trying to respond to CuD readers.
And, not surprisingly, the CuD readership was its usual classy
self. With the exception of 4-6 impertinent comments, posters
were astonishingly sympathetic and helpful. I talked to the
fellow who accidentally began the loop, and he was also quite
impressed with the civility of CuD readers, even the upset ones.
He apologized profusely, and it was just one of those errors that
slip by us all on occasion. This was one of the few (perhaps
only) times when the mailing list software at weber.ucsd.edu did
not filter out "noise."
Thanks to the hundreds of CuD readers who expressed sympathy.
Given the flurry of deleting, the many, many humorous stories and
jokes were deleted, and I wished I'd saved them for a special
issue.
And, of course, thanks to Bruce Jones who runs weber.ucsd.edu
where the mailing list lives, who spent more time than is natural
trying to settle things down on his end. He's done a wonderful
job with the automated mailing list.
So, we resume our regularly scheduled publication.....albeit a
day or two late.
jt
------------------------------
Date: Wed, 28 May 1997 17:18:16 -0400
From: Declan McCullagh <
[email protected]>
Subject: File 2--Germany "cybercops" battle offensive speech, violent games
Source -
[email protected]
****************
Date--Wed, 28 May 1997 10:25:39 -0700
From--Gurney Halleck <
[email protected]>
I guess now any jerkwater police department can become an International
Cyberspace Policing Unit.
While they can do what ever they want in their country (I still don't
like it), I don't see how they get off "policing" the world Internet.
Do they plan to extradite "criminals" to Germany to face charges there?
Seems that this police department is over stepping its jurisdiction
(unless German police is nationalized and has authority to prosecute
national/international crime a la US FBI, DOJ...)
I believe that "Nazi" material is criminal in Germany but the tossing
off of "right- and left-wing extremism" has ominous undertones.
Once again this makes me ask, what is the real value to the citizens?
(of Munich in this case) Here we have two full time cops surfing for
kiddy porn and hanging out in sleazy chat rooms. Even if they find
something they probably can't prosecute (definitely not, if it is out of
country). They haven't even had *one* conviction locally. Are the
streets of Munich so safe that they don't need cops on the beat? Is
there so little crime that they've got spare resources, cops with
nothing to do? How do the people of Munich feel about funding an
International Cyberporn Squad in lieu of personal safety?
----
Tuesday May 27 7:13 PM EDT
FEATURE: Germany's Cybercops Search For Internet Crime
By Andrew Gray
MUNICH, Germany (Reuter) - Two young men in jeans and sweatshirts surf
the Internet, looking for anything they can
find in the way of child pornography.
They are not perverts or criminals. They are officers from a German
police department dedicated to fighting Internet crime.
Dozens of confiscated monitors, hard disks and printers are piled up in
a storeroom next door to the Munich office where
the unit, under the command of Commissioner Karlheinz Moewes, patrols
the worldwide computer network.
The equipment was seized in raids prompted by research on the Internet
from Moewes and his five-member team. It
provides the officers with their other main task -- trawling through the
bits and bytes for illegal material to secure
convictions.
"We had 110 cases of suspected child pornography in 1996," said Moewes,
a burly, bearded Bavarian whose unit is on
the lookout for Internet crime of all sorts.
"We find evidence of fraud, banned gambling, right- and left-wing
extremism, pornography -- sadly, child pornography and
even child pornography with animals," he said.
Bavaria, traditionally Germany's most conservative regional state but
also a center for hi-tech industry, has been at the
forefront of efforts to clean up the Internet.
Munich prosecutors last month indicted the head of the German unit of
U.S. online service CompuServe, accusing him of
allowing users access to pornography, neo-Nazi material and games which
glorify violence.
GLOBAL NETWORK POSES LEGAL PROBLEMS
The Bavarian police set up a working group on hi-tech crime under Moewes
in 1995, and the group was upgraded to a
department in its own right at the beginning of this year.
While other German police forces have officers who search the Net for
crime when time allows, the Munich unit is the only
one which is devoted full-time to the task.
But the global nature of the Internet often makes it difficult for
Munich's cyberpolice to act on what they find.
Differing national laws on what constitutes pornography, on when a young
person is no longer classed as a child, and on
who is legally responsible for what is on the Internet all mean that
securing convictions is no easy task for Moewes and his
team.
"When it comes to hardcore pornography, the difficulty for us is that
much of what's illegal here in Germany is legal and
normal in Scandinavia," Moewes said.
Although they pass on their research to the relevant authorities if the
trail leads them abroad, the Munich police have had
no word back on any resulting convictions.
"We've had reports from America where searches have taken place, but we
have no information on any concrete results,"
said Else Diesing, head of the police department which carries out raids
on suspects pinpointed by Moewes and his team.
Even in Germany, the law moves slowly. No convictions have yet been
secured from last year's child pornography cases,
although Moewes is hopeful he will soon have a few to show for his
efforts.
UNDERCOVER ON THE INTERNET
The unit's job also is influenced by the normal constraints on how
undercover police officers are allowed to operate.
The cyberpolice can hang around electronic "chat rooms" where computer
users trade information and swap material, for
example, but they cannot incite anyone to commit a crime. They must hope
the users offer illegal material of their own
accord.
"To take one example, we got to know someone via the Internet who
offered us child pornography," Moewes recalled.
The unit agreed on a rendezvous to pick up the material, then called in
the undercover officers from Diesing's department.
"Our colleagues went to the meeting point, where floppy disks with child
pornography were handed over. They briefly
viewed the disks, then searched the suspect's apartment and seized his
computer," Moewes said.
In addition to "virtual stake-outs" of chat rooms, the team also uses
keyword searches of the Internet to try to track down
web sites containing illegal material.
During one such search, the team came across a web page which hit two of
their main areas of investigation at once -- a
site plastered with swastikas and pornographic pictures.
END TO INTERNET ANONYMITY?
Moewes has little time for the argument that his officers should not be
snooping around cyberspace and that their
investigations into the likes of child pornography infringe the basic
right to freedom of expression.
"In each one of our cases, a child has been abused," he said. "No one
talks about the rights of the children."
Moewes would also like to see an end to the anonymity which rules in
large parts of the Internet, allowing people to post
items on electronic bulletin boards or web sites and trade information
without revealing their identity.
He declined to talk about the CompuServe case in particular, but
disputes the claims by online services that they only
provide a gateway to cyberspace and cannot influence what people do once
they have passed through it.
He maintains the companies are already choosing not to allow customers
access to certain areas of Usenet -- the part of
the Internet where forums and newsgroups are found.
"They're already exerting influence, whether they say so or not," he
said.
Reuters/Variety
------------------------------
Date: 27 May 97 23:17:53 EDT
From: Tom Truex <
[email protected]>
Subject: File 3--article on WEB TV and the stupidification of computers
SOURCE: oNline Christian eMagazine...
1. REQUEST TO BE PUT ON THE MAILING LIST by sending
eMail to
[email protected]. .
3. World Wide Web:
http://www.k-line.org/~sleddog
4. FidoNet (1:369/158), FREQ, using the magic word, "EMAG."
===============================================================
EDITORIAL: WEB TV and the stupidification of computers
===============================================================
[DISCLAIMER: In our home, the word, "stupid", is considered a
bad word. So I use that term very reluctantly in this
editorial. I also don't mean to come off sounding like an
elitist or know-it-all. Ask anyone who knows me--I'm no rocket
scientist myself. :-) So please do not take anything that I
say here personally--whether you are stupid, or know someone who
is stupid, or you are just looking out for other people who may
be considered stupid. END DISCLAIMER]
Have you seen the news about the coming of WEB-TV? Supposedly
computers have gotten too complicated for the average consumer,
so Bill Gates and friends have come up with the great idea of
merging the Internet with Television. Hmmm... I have a nagging
feeling from deep inside my gut that there is something
desperately wrong with this picture.
First of all, what about the premise that computers have gotten
too complicated for the average consumer? I'll have to admit
that my first hand acquaintance with computers only goes back to
about 1982. Roughly about the same time that the IBM PC stormed
on the market.{2} The original IBM PC and its clones were
pretty crude by today's standards. But they also assumed, to
some extent, that the people who used them would develop some
minimal level of familiarity with the workings of the
contraption. As I recall, they gave you a couple of loose-leaf
manuals crammed with helpful pointers on the inner workings of
the computer and its software. Those machines even booted up
with a simplified version of BASIC when you flipped up the ON
switch. And from the beginning of the PC, up until the
introduction of Windows 95, you always got a version of the
BASIC programming language packaged with the operating system.
Even through the choir of complaints about Windows 95 when it
first came out, I never heard anyone else mention the absence of
BASIC. If you bought a computer recently, did YOU notice that
BASIC was missing? OK, so what's the point? The point is that
the folks who make and market computers used to expect that
computer users would want to do some rudimentary programing. It
was pretty much required just to install a program. Now, the
folks selling computers don't expect users to want to do any
programming. AND they are correct. I know that they are
correct, because nobody complained when they stopped packaging a
programming language with the base computer system.
I suspect that a good percentage of computer users today do not
do ANY installation of hardware or software. If they do install
any hardware nowadays, its mainly done with the "plug and
play." And if they do install any software, its mainly done by
the "installation wizard." When the installation works, it's a
pretty simple affair.{3} The programs of today are generally
much easier to use. Point and click on a pretty picture and you
are in business. In most cases, you can sit down and use a mass
appeal consumer program with little or no training. Which, by
the way, can be good. It means that we get more out of our
computers without spending a lot of time on the learning curve.
Meanwhile, the hardware required to run software keeps getting
more sophisticated. The hardware has to be better to keep up
with glitzier, and smarter programs. For a while, it was
fashionable to call "smarter" programs "user friendly".
Perhaps "user friendly" is a gentler term than "user stupid",
but for sake of clarity, let me say that they mean the same
thing. New computers must be smarter (i.e. friendlier) because
they assume a stupider end user. I'm hard pressed to argue
against the marketing strategy behind this trend. Namely, that
to sell the most copies of a product, one must aim the product
to attract the greatest number of potential customers. Or to
simplify my point{4}, computers have to be marketed so that
sufficiently stupid people can use them. Although only smart
people can use unfriendly computers, both smart people AND
stupid people can use friendly computers. The simpler the
computer interface, the stupider the potential customer can be.
All of which brings us to the World Wide Web. More commonly
known as "W-W-W dot-something-dot-COM."{5} I've been reading
recently that the internet is NOT the same thing as the World
Wide Web. Which indeed it is not. But the World Wide Web does
seem to get noticed the most. Everybody and everything has a
web page, including this eMagazine. So, depending on where you
gather your reading material, it's not uncommon to hear a great
deal of wailing and gnashing of teeth about how the WWW has both
ruined the internet and devastated some other formerly important
means of computer communication. Pretty pictures and neat
tricks have a premium over content. Indeed, the POINT of the
WWW is sometimes not the content at all. The point is sometimes
the medium that delivers the pseudo content. The result is,
IMHO, a much more "stupid" product. As Forrest Gump
demonstrated, stupid is not all bad. Stupid is just not...
well.. "smart", like you used to have to be in order to use a
computer. Meanwhile most computer users have stampeded away
from computer Bulletin Board Systems (BBS) and things like
FidoNet, which traditionally placed a premium on content, even
if the medium was pretty crude.
And now we have the specter of Web-TV. Here I admit to speaking
from the wonderful vantage point of ignorance. Which is always
easier and often more fun than learning the facts. That is, I
know very little about web-tv. What I do know, I gleaned from
bits and pieces thrown out by the mainstream media.{6} But for
those who lament the stupidification of computing in general, I
submit that we ain't seen nothin' yet. Just take a minute and
compile a short list of consumer appliances that have
contributed to a decline in the national intelligence level.
Surely the the television will be on everyone's top 10 list. In
fact, the TV is a virtual icon for stupidity. And TV is the
model that we are using for the future of computing. Computers
have a great potential to educate and inform. To communicate
ideas. To persuade. To convert. To stir the human spirit. I
suppose that television also had the same potential at one
time. A long time ago, that is.
FOOTNOTES
------------------------
{2}Before that I had a computer science class in college in
which we used a mainframe computer. You fed it with cards
that had holes punched in them. A very primitive arrangement.
One card for one instruction. I'd like to have exclusive
rights on selling those cards if that's how you still had to
load Windows 95 <g>. The programing language for that thing
was ALGOL. But I digress. Which is why this remark is buried
in a footnote.
{3}When it DOESN'T work, you're really in trouble though. Don't
count on having very much at all in the way of a manual or tips
for troubleshooting.
{4}To suit the tastes of today's users of computers <g>. Just
kidding--if you are reading this eMag, I know that you are a
step above the average computer user.
{5}Or more recently, "-dot NET" or "-dot ORG"
{6}Not always the most reliable means to gather one's information,
especially relating to computers.
------------------------------
Date: Thu, 15 May 1997 14:16:47 -0700 (PDT)
From: "Brock N. Meeks" <
[email protected]>
Subject: File 4--Survey says "Censor!"
RADNOR, Pa., May 13 /PRNewswire/ -- Despite the fact that 29 percent,
or nearly one-third, of all Americans access the Internet, 4 of 5 say
they are concerned about what can be found, and who might find it,
while cruising the Information Superhighway.
In a recent nationwide telephone survey of a random sample of
Americans ages 18 and older conducted by Chilton Research Services, 80
percent of respondents answered "Yes" when asked, "Do you think that
the government should take steps to control access to pornographic or
sexually explicit material on the Internet to protect children and
teens under 18 years of age?"
A significantly higher percentage of women than men favored government
intervention. More than 88 percent of women invite censorship or some
other action, while 71 percent of men feel such steps are warranted.
Respondents were similarly divided by economic and education levels.
In all demographic categories a resounding majority wants to limit
youngsters' access to sexually explicit material on the Internet, but
some groups feel more strongly than others. For instance, among
households with incomes below $35,000 annually, 85 percent want Uncle
Sam to step in. Among respondents with household incomes above
$50,000 the percentage drops to 71 percent. Similarly, 9 in 10
respondents with a high school diploma or less said the government
should control access, while 7 in 10 who had at least attended college
want such action taken.
In addition to worrying what their children might see on the Internet,
Americans worry about what others might be able to learn about their
private lives. Better than 5 of every 6 respondents (84 percent) said
they are concerned about unauthorized or illegal access to personal
and financial information through the Internet. A solid majority (65
percent) of all respondents said they were "very concerned," while
another 19 percent admitted to being "somewhat concerned."
Fewer than 10 percent of respondents were "not at all concerned."
Those with less than a high school education and those over 65 years
of age expressed less concern, possibly because these groups are not
as likely as others to use the Internet.
The Chilton EXPRESS telephone omnibus survey was conducted among a
sample of 1,000 American men and women ages 18 and older, between
April 16 and April 20, 1997. The margin of error is +/- 3 percent.
Chilton Research Services, an ABC-owned company, was established in
1957. The company offers full research and consulting services to
consumer products companies, business and industry, telecommunications
and media, non-profit organizations and government agencies.
SOURCE Chilton Research Services
CO: Chilton Research Services
ST: Pennsylvania
IN: PUB CPR MLM
SU:
05/13/97 13:57 EDT
http://www.prnewswire.com
This list is public. To join fight-censorship-announce, send
"subscribe fight-censorship-announce" to
[email protected].
More information is at
http://www.eff.org/~declan/fc/
------------------------------
Date: Thu, 15 May 1997 14:16:47 -0700 (PDT)
From: "Brock N. Meeks" <
[email protected]>
Subject: File 5--(CwD-Meeks) -Jacking in from "Media Elite Eat To the Beat" Port
CyberWire Dispatch // Copyright (c) 1997 // May 23, 1997
Jacking in from the "Media Elite Eat To the Beat" Port:
Washington--Howard Fineman, Newsweek's chief political correspondent goes to
Washington (state) and comes away... well, with a few tired and shop worn
anecdotes in an article published in last Sunday's Washington Post Outlook
section.
The piece, "Gates Crasher: I Infiltrated (the other) Washington" (catchy,
no?? I doubt it was Fineman's original...) starts with a stale tale about
how he is able to woo his way into the smooze-fest that Microsoft Mogul Bill
Gates held in Seattle a couple of weeks ago in which he invited a select
group of some 100 CEO's voted "the most likely to spend another billion or
so on my software" to come and try not to be sleepless in Seattle.
Now, I don't want to get off on a tangent here, but I've been to Seattle and
fercrissake... it's no wonder they drink so much fucking caffeine out there:
the place is proverbial "sleepy little town" with a gland problem.
Back to Fineman and Seattle. Why a good journalist like Fineman would want
to be anywhere near this billionaire's dog and pony show is beyond me.
Maybe the "news hook" for Fineman was that Vice President Al Gore was going
to be making a cameo appearance and since Fineman covers politics, well,
hell, it was a stretch but the plane fare would probably pass muster with
the Newsweek bean counters. And if nothing else, it gave Fineman a chance
to chat up that most famous East Coast media elite refugee, Michael Kinsley,
who now runs _Slate_ magazine.
Small aside: Fineman and Kinsley did hang together. In fact, Kinsley
treated Fineman to a real Seattle pilgrimage: A tour of the first
"Starbucks" coffee shop. However, Fineman damn near caused a riot when he
eschewed the half-cafi, double decaf, whole milk, medium foam Cappuccino
that Kinsley ordered and asked for "Sanka."
Now any hack journalist could have told Fineman the Gates-fest would be
nothing more than a corporate blow job in which "vision" was a thinly veiled
Microsoft infomerical where "smooze and snooze" were the complete faire of
the day. I mean, if you've heard one Gates speech you have, literally,
heard them all. And if you've heard one Gore speech on technology, well,
you've heard nothing at all and only learned that his speech writer is
competent enough to string buzzwords together in the right order.
You see, the great untold truth of Washington (the right-coast Washington)
is that Gore is a techno-midget, except for the policy end of things and
even then, he can give you only about 17.3 seconds of really hard core
discussion before he lapses into rhetoric... ah, but I digress...
So, Fineman tells us in his article that "what I saw on my tour is simply
put: Their Washington is as crucial to the future of government as ours,
and each place has to learn the folkways of the other."
This is the "kindler, gentler" approach to "the Internet will ruin
Democracy" blather pushed onto the scene by Cokie and Steve Roberts a month
or so ago.
"The info-tech buccaneers are accumulating vast power, and not just in pure
cash terms," Fineman writes. "Their business could put the capital out of
its misery by facilitating the rise of a wired 'direct democracy' that makes
the political class redundant," he writes.
Oh, please... here were go again. An inside the beltway political
journalist discovers the potential of the Net and starts predicting the
downfall of democracy and Washington and... well, it'll be on Newsweek's
cover in a just a few issues, I'm sure...
"I say, 'Godspeed' to a force that can rattle the ossified power structures
of Washington, including the media one that I belong to," Fineman writes.
You see, it's Ever So Hip to take potshots at yourself and your own class...
I know, I've been doing this for years myself, so my skills are well-honed
and I can spot this clever journalistic chicanery in a nanosecond.
The story, Fineman says, "for want of a better term is DDD: digital direct
democracy. Even now, voters with modems (and the time to use them) have
access to most of the information that representatives do." WRONG, but
hell, thanks for playing Mr. Fineman, don't let the 33.6 bps modem slap you
on the ass as you slide into the bitstream.
The truth, of course, is that Washington (the "real" Washington) is all-too-
adept at keeping information under lock and key, printed on paper,
distributed only to those that are deemed to hold the power.. and this
includes lobbyists and the assorted foreign Chinese national, but it sure as
hell doesn't mean "voters with modems."
Fineman continues in breathless prose about how "soon enough they'll be able
to voice their verdicts on issues of the day, in real time." He's talking
here about how DDD can lead to the citizenry taking control of the
legislative process by raining in their "votes" on issues, presumably
changing the course of a vote in the House or Senate... hell, maybe DDD can
even weigh in and break one of those infamous Senate filibusters. "It could
be a popular idea," deadpans Fineman, noting there could be a "powerful
lobby for DDD."
Except for one, small CRUCIAL "dddetail": people with modems, who
participate online, are as likely to think with one mind and speak with one
voice and the new so-called government of Zaire's Laurent Kabila.
Fineman eventually gets around to writing what he knows. "You can't
reinvent the politics out of government, and the Beltway Bureaucracy is the
most durable human edifice since the Ming dynasty." Amen, brother... hear
the thunder roll...
But all too quickly, Fineman lapses into babble and surprisingly unfounded
babble. Gates has "given chunks of money, hard and soft, to both parties."
I suppose Fineman wasn't talking about the last election cycle. Because
according to the FEC, as sliced and diced at the excellent "show me the
money" site maintained by Tony Raymond <
http://www.tray.com/fecinfo> Gates
personally gave only $5,400 to candidates and another $10,000 to his
company's own Political Action Committee. Now my pencil may not be as sharp
as Fineman's, but I figure that $15,400 in donations from the Richest Man in
the World equates to the crumbs left in his dog's dish, but not "chunks" of
money.
Gates gave NO soft money of his own; however, Microsoft the company gave a
total of $77,000, which it spread between Dems and the GOP. That's
peanuts. Especially when you consider that Steve Jobs ponied up $150,000 of
his own money (which he gave to the Dems.)
Fineman relates how Gates introduces Gore to the 100 CEOs in attendance:
"He's one of the first policy makers to understand technology and
information. I have drawn on his wisdom often." Now, Gates is really much
more hip than I thought, because if he made this statement--with a straight
face--the man had to be high; or Gates is cracking under all the pressure of
being the world's richest man. Taking advise and wisdom on technology from
Gore is to take navigation lessons from the skipper of the Titanic.
Fineman notes that if Gore has any wisdom to offer his buddy these days, "it
should be this: Loosen up. The way NOT to make friends in Washington is to
be aloof, mysterious, inaccessible. Also, don't move too quickly. The speed
of change might frighten the natives."
Indeed, it does. Fineman then notes the laughable column that Cokie and
Steve Roberts co-authored... you remember, the one about how the Net is all
things dangerous and will, if left unabated, surely bring down
"representative democracy" we know it.
Fineman goes on to say that the Roberts' rant "produced more flames than an
oil field in Abu Dhabi." And then he quotes from my MSNBC Column
<
http://www.msnbc.com/news/wwwashington.asp> on the Roberts' article: "The
hysterical tone of the column is astounding," wrote cyberpundit Brock N.
Meeks. "This sort of journalistic tripe is poison and yet, at the same
time, grist for the mill among the twisted jackals who make up Congress and
who, it seems, have no qualms about using the Internet as a personal
whipping post whenever it suits their fancy." (Odd, but I could have sworn
I wrote: "twisted craven jackels...")
Then Fineman wraps up: "Let the record reflect that Meeks works for MSNBC,
one of whose owners is--you guessed it--a man named Gates, from the other
Washington."
The inference, of course, is that I've been turned into a fuck chimp for
Bill Gates. That I'm suddenly Gate's personal attack dog in D.C. Small
Problem, Howie: I don't work for Gates, never met him and don't particular
care to. Yes, at MSNBC we take Microsoft's money... and then curse the
software they make us use to produce the news.
If Fineman really thinks Gates has me on a short leash, then my worst fears
have been realized: He's fallen of the wagon and has resumed that nasty
Lucky Charms binge/purge routine. Oh the horror of it all... not a pretty
sight.
Fineman is probably, at this minute, writhing in pain, coughing up blood and
having nostalgic thoughts about his college frat parties.
I'm very concerned...
I'll call the authorities... any minute now. Honest.
Meeks out...
------------------------------
Date: Mon, 19 May 1997 21:54:29 -0500 (CDT)
From: Eric Behr <
[email protected]>
Subject: File 6--Review of: SENDMAIL (Second Edition)
SENDMAIL (Second edition). By Bryan Costales, with Eric Allman.
1996. Sebastopol (Calif): O'Reilly and Associates. 1050 pp.
$39.95 (paper).
(Reviewed by Eric Behr, Dept. of Mathematics, Northern Illinois
University).
Even though many people these days spend hours using Web browsers, good
old e-mail remains by far the most _important_ Internet application. We
have come to rely on it just like our grandparents learned to depend on
the telephone. And just like we don't pay much attention to the
goings-on at the local phone exchange, we rarely think about the "under
the hood" side of e-mail. Until we put our system managers' hats on our
heads, that is.
Unix computers are preferred as Internet service hubs. Other systems can
offer easier configuration or higher cost-effectiveness, but Unix still
reigns because of its flexibility, power and the abundance of skilled
and experienced administrators. And the most common and mature Unix mail
handling software is sendmail(8), whose history spans almost 20 years.
Administrators have a love-hate relationship with it. I'm afraid that
the "love" column is quite short: sendmail does an essential job very
well, provided that it is properly configured and installed. The "hate"
side of the ledger spans a few pages: it is probably the biggest
potential security hole on your system, because it must assume the
superuser's identity in much of its work, even when invoked by regular
users; it's a relatively "open" program (source code for most versions
is readily available), and hence it attracts swarms of hackers; it uses
a complex configuration file written using obscure syntax; it cannot be
fully tested until it's actually in place, which means that you will
likely be tearing some of your hair out before you arrive at a workable
setup; and so on, and so on.
I am not a sendmail guru; I have edited a few sendmail.cf files in my
life, and I spent several hours studying rewriting rules, but I cannot
say that I could configure sendmail for a complex site in my sleep. This
review is thus written from the point of view of a moderately advanced
system manager who has once or twice dabbled in this subject. I was
asked to write it at a very opportune moment - the time when I decided
to switch from a vendor's implementation to the public domain version
maintained by the original author, Eric Allman. I can use my experiences
"from the trenches". My experiences have been mixed, but I recommend
that you look at "sendmail"
despite my grievances.
The book under review is to some extent damned by its own notoriety.
It's one of the legendary titles from O'Reilly. We've come to expect
everything from it, and when it fails to deliver 100% we are
disappointed. But let's not forget that the behavior of a very complex
program such as _sendmail_ can't be adequately described in a static
book in all its minutiae. It is natural that "sendmail" has its flaws,
ranging from simple typos (surprising, frankly, for a second edition
from a well-known publisher) to being unrealistic in places, and a
little negligent of typical cases.
The "Bat Book" is invaluable as a reference and as a confidence booster.
Its mere physical size indicates the magnitude of the problem you are
about to tackle. The comprehensive lists of options, m4 commands,
rewriting rules, debugging switches and the like are a great help for
anyone facing the unpleasant task of changing the configuration.
Still, it isn't a cookbook. You will have to figure out for yourself
which flavors and seasonings to add where, and which recipe works best
in your situation. There are few concrete scenarios applicable to real
life cases. The book falls short in offering quick and easy solutions,
and perhaps this is as it should be - for you are the only person who
knows exactly what is required at your installation.
I encountered several frustrating problems which the book glossed over,
or mentioned them somewhere on page 467, or didn't mention them at all.
I would expect this had I used an obscure CPU and/or flavor of Unix --
but the book claims to be oriented towards precisely my situation! I
expected a higher batting average. On top of this, the index is not
always as helpful as it could be. This is dangerous, and not just for
the poor soul who might lose his job if he doesn't upgrade sendmail the
right way. We live in a world in which half of the Internet is in the
hands of inexperienced administrators, and one-third of it is
misconfigured, which affects everybody. I would hate to see the third
edition come out (in response to my gripes) in the well-known "... for
Dummies" series, but I think that parts of it can be easily made more
helpful for a relative novice running one of the proliferating systems
such as Linux.
I don't want to be accused of taking pot shots, so let me list just a
few concrete complaints:
- the most common reasons why sendmail relinquishes its root provileges
(and hence stops working as advertised) are not listed in an easy to
use, clear form
- the "pitfalls" section which follows each chapter is a very good idea,
but the most likely ones should be prominently grouped in a separate
place for easy reference
- the $=w class is not documented well enough; the book uses examples
in which $=w hostnames are partially qualified (they can't be!) and
never mentions that the domain name must be added to the list if the
hub is an MX host for that domain (which is almost always so!)
- the m4 processor has certain quirks which should be mentioned (or at
least mentioned more forcefully)
I fell into many traps when switching from a vendor's sendmail to
Allman's
latest version. At times seeing the familiar SYSERR message in the logs
and not knowing what is happening was infuriating. Even after the book
became quite dog-eared and (I thought) worn down into submission, it
still didn't relinquish its secrets easily. As you can see by now, I've
developed a love-hate relationship with it similar to the one with
sendmail itself. I found it very useful, because it _does_ have most of
the answers in it, and I prefer to leaf through a book than to browse a
dozen README files, FAQs, and archives of Web and newsgroup material.
Still, I had to consult the FAQs and READMEs more than I expected.
Internet mail is becoming more homogeneous; Bitnet relays and
intricacies of UUCP have a much smaller role to play now than when
sendmail was first conceived. Perhaps a new edition will be better
organized and focused more sharply on the few categories of sites and
scenarios that are likely to be encountered these days.
To summarize - if you have $40 lying around and if you have a major
sendmail revamping project in your future, then by all means, get it!
But if you are expecting a set of painlessly implemented recipes, forget
it. Save the money for a skilled consultant instead.
------------------------------
Date: Thu, 7 May 1997 22:51:01 CST
From: CuD Moderators <
[email protected]>
Subject: File 7--Cu Digest Header Info (unchanged since 7 May, 1997)
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.
CuD is available as a Usenet newsgroup: comp.society.cu-digest
Or, to subscribe, send post with this in the "Subject:: line:
SUBSCRIBE CU-DIGEST
Send the message to:
[email protected]
DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.
The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.
To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to
[email protected]
(NOTE: The address you unsub must correspond to your From: line)
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.
In ITALY: ZERO! BBS: +39-11-6507540
UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
Web-accessible from:
http://www.etext.org/CuD/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)
The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL:
http://www.soci.niu.edu/~cudigest/
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
------------------------------
End of Computer Underground Digest #9.42
************************************
