Monthly Archives: November 2004

Belkin's Pre-N Delivers Promised Speed

Belkin's Pre-N Delivers Promised Speed.
The industry rightly has qualms about pre-802.11n labeled devices, but
speed sells: If we've learned anything from the 108 Mbps and 125 Mbps
branding on a variety of Wi-Fi gateways, it's that speed apparently
does sell even if standards built the foundation on which Wi-Fi
thrives. Belkin's pre-802.11n (high-throughput standard) router and PC
card lives up to its promises of increased speed, according to PC World
test. Now I have a test unit–still in the box at the moment–that says
on the packaging that it beats 802.11g sixfold. That seemed unlikely.
But PC World did find the Pre-N units doubled or tripled comparable
802.11g performance while serving as a better tool for 802.11g clients
that were unable to reach an 802.11g gateway at the same distance that
Pre-N worked. The fundamental result of this early review is that the
MIMO approach of multiple input and output antennas obviously has
promise. And the good news is that you can add just a Pre-N router and
still have backwards compatibility and forward gains in distance. That
doesn't bode well for a standardized future given, as the article
states, it might be 2007 before there's an 802.11n certification in
Wi-Fi. In the meantime, the Wi-Fi Alliance said it will pull Wi-Fi
certification from Pre-N devices that break Wi-Fi compatibility.
Perhaps that threat will keep compatibility at the forefront…. [Wi-Fi Networking News]

Service Pack 2 Post Mortem

Service Pack 2 Post Mortem.

Today officially is Computer Security Day, something HP is commemorating with new protective services and products
for consumers and small and medium businesses. I expect other vendors
to respond, too. I see this as an appropriate day to do a post mortem
on Microsoft's security efforts around Windows XP Service Pack 2.

Given the number of big Microsoft partners launching new security
initiatives in the last 45 days, I have to conclude that SP2 didn't go
near far enough–and that's no intended disparaging of Microsoft's
efforts, which were commendable. To recap, Dell unleashed new consumer
security services, AOL released the Security Edition version of its
online client and today HP unveiled the aforementioned security
products and services. So, three of Microsoft's largest partners in the
consumer market have all bolstered their independent security offerings
post SP2. And in talking with the three companies, they all struggle
with essentially the same problem: Consumer PCs overrun with spyware.

Who do customers call when their PC starts running slowly or their
Internet connection runs slower than maple sap during a Maine winter?
The vendors–AOL, Dell or HP, among others. These companies get saddled
with heavier support calls and customers get really frustrated at the
vendors; the result may be those customers shopping for some other
vendor's product or service. Nearly every consumer PC vendor I've
talked to since SP2's release has seen an increase–right, not a
decrease–in security support calls. Consistently, spyware ranks high
on the list of problems, and it can be a tough one to diagnose and fix.

Absolutely, I see spyware as a security problem largely overlooked in Windows XP SP2. Sure, ActiveX and pop-up blocking are deterrents, but they don't stop the mechanisms by which spyware too easily installs on PCs. I've repeatedly argued (blogs here and here)
that Microsoft needs to do something to fix Windows rights. Unix-based
Mac OS X administers rights differently than does Windows XP. Highest
level rights are turned off by default, and programs generally prompt
for user name and password before installing. Mac OS X's finer rights
granulation largely protects against the kind of stealth installations
that too easily can occur in Windows. In an April blog, I recommended that Microsoft treat rights and spyware as more serious security issues.

Unfortunately, I have yet to see any information suggesting
Microsoft will fix the rights problem in next-generation Windows
Longhorn. And even if Microsoft attempted to solve the problem then,
it's really too long to wait. Considering how long it has taken the
mass of consumers and businesses to move to Windows XP, any meaningful
rights resolution would be years away. If Microsoft can release
Longhorn WinFX subsystems for Windows XP, why not a better utility for
managing rights or at least attacking the spyware problem?

Still, it's not fair to chuck all the blame for the spyware problem on Microsoft, as I blogged about here.
Consumer behavior is another problem. Just like there are bad
neighborhoods in big cities, the Internet has its rough neighborhoods.
For example, people illegally trading songs, videos or software using
P2P software expose themselves to unnecessary spyware or virus risk. I
don't believe Microsoft should be responsible for consumers' bad
behavior or poor judgment.

That said, much spyware is installed through innocent behavior, as I blogged about here and here.
Maybe that free holiday screen saver or theme pack isn't so free,
because it packs hidden spyware. Microsoft might be able to solve some
of the problem through finer rights demarcation. But eventual solution
there, if any, is likely a long way off.

So, I commend vendors like AOL, Dell and HP for doing the right
thing for their customers and trying to solve security problems SP2
left unresolved. All three companies have bolstered security protection
software and services and provide consumers with more educational
resources. I'd like to suggest two additional actions.

First: All three vendors offer digital music sales
or services to consumers. Now would be a good time to include security
in digital music marketing, as an alternative to file trading (a.k.a.
stealing) that carries higher risk of spyware or virus infections.
There are plenty of ways to promote these services, particularly during
the holidays.

Second: Offer a safe software zone where consumers
can download holiday screensavers and other applications without risk
of spyware or antivirus infection. Linking to Microsoft's Windows Marketplace
could be a starting place, as the company claims software there is
spyware free. Longer term, vendors could set up safe software sites in
partnership with third parties, such as Tucows. The sites also could be
a way of drawing customers back to the main Website and to offer them
additional products or services. Dell and HP could use existing desktop
alert notification mechanisms to highlight newest safe downloads.
Assuming customers switch totally to the safe zones, security risk
would likely diminish and spyware/virus support calls with them.  [Microsoft Monitor]

Falwell on Meet The Press

Falwell on Meet The Press.

Jerry Falwell quotes from Sunday's Meet The Press:

“Well,
the fact that he's a gay Republican means he should join the Democratic
Party.” [when asked about the creator of “Desperate Housewives,” a
self-described conservative, gay Republican]

“I wouldn't vote for my mother if she were pro-choice.”

“I'm just
trying — I'm trying to do what Martin Luther King did.” [responding to
a claim that the right wing wants to “privatize public policy and make
public private lives”]

“Give the little babies the right to vote.” [on abortion]

“If
you had been the president in World War II, we'd all be speaking German
now.” [responding to a fellow panelist's assertion that “Jesus isn't
pro-rich, pro-war and only pro-American”]

And there was also this
quote from his co-panelist, Dr. Richard Land, President, Ethics and
Religious Liberty Commission, Southern Baptist Convention: “We're not
against women working outside the home unless the husband believes that
it's not the right choice.” [SIGNAL VS. NOISE]

Canadian Inventor Lets Everyone Be an Armchair Spy (washingtonpost.com)

Canadian Inventor Lets Everyone Be an Armchair Spy (washingtonpost.com).
TORONTO– New Internet-based technology could soon turn regular
computer users into armchair spies, a Canadian inventor said on Monday.

Vincent
Tao, an engineer at Toronto's York University said he has invented a
mapping and surveillance tool called SAME (see anywhere, map anywhere),
that produces images so sharp that geographic co-ordinates typed into a
Web site can reveal the make of a car parked on the street. [Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)]

Clean System to Zombie Bot in Four Minutes

Clean System to Zombie Bot in Four Minutes.
Amadaeus writes “According to the latest study by USA Today and
Avantgarde, it takes less than 4 minutes for an unpatched Windows XP
SP1 system to become part of a botnet. Avantgarde has the statistics in
their abstract. Stats of note: Although Macs and PC's got hit with
equal opportunity, the XP SP1 machine was hit with 5 LSASS and 4 DCOM
exploits while the Mac remained clean. The Linux desktop also was
impenetrable, but only was only targeted by 0.26% of all attacks.” See
also our story on the survival time for unpatched systems. [Slashdot] [Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)]