Mr Legoland Windsor sued over his Web site
Humor/Amusing
9/3/2000; 9:49:36 PM 'The piss artist formerly known as Craig Cottrell has found himself on the end Danish toy company Lego's ire. It all started over a few beers with his mate. Inebriated, both of them decided to change their names by deed poll for a bet.'

And it goes downhill from there... love the ending of this article. BTW, despite the way that sounds, this is a true story from The Register.

Ain't no network strong enough Misc.9/1/2000; 10:44:43 AM 'Master cryptographer Bruce Schneier's "Secrets and Lies" explains why computer security is an oxymoron.'His basic contention is that humans will always screw up, thus no (human-built) system will be secure. It's very hard to challenge that line of reasoning. The more real-world experience you have, the harder it gets to challenge.I'm going to be very contrary to what seems to be public opinion, and say I hope Bruce Schneier is correct. A system with perfect security also strongly implies a system with perfect control, which will presumably belong to a someone or a small group of someones. The price we would have to pay for systems with perfect security is too high, compared to a world where nothing is quite secure.On a lighter note, how will William Gibson's Neuromancer ever come to pass if there's perfect security?

Updated cookie-alert software released for IE 5.5 Privacy from Companies9/1/2000; 10:35:45 AM 'Microsoft issued a software patch to the public today for its latest Internet browser that tells customers when third-party Web sites try to place cookies on their computers for tracking purposes. ...'The software within IE 5.5 gives consumers detailed information about cookies and tells them whether the cookie is coming from the Web site they are visiting or from a third-party site such as advertising networks DoubleClick or Engage. These companies often use cookies to track the performance of ad campaigns or to deliver targeted ads based on personal preferences.'If you're using IE5.5, I think I'd recommend getting this. I don't use it, I still use 5, so I don't know anything about it directly.Good to see Microsoft responding to security concerns.

Amazon.com Revises Privacy Policy on Consumer Concern Privacy from Companies9/1/2000; 10:33:08 AM 'The new privacy policy on the company's Web site details what personal information Amazon.com gathers, why it collects it and how it is used. The company didn't say how the new policies specifically differ from the old ones.'You'd think the complete lack of details would make it hard to comment on, but the NYTimes manages to fill out a complete article.I, on the other hand, will not. I love the web.

MS fumbles Word privacy scare Privacy from Companies9/1/2000; 10:19:29 AM 'Microsoft was caught off-guard yesterday by a warning that Word documents could be tracked over the Internet without their readers' knowledge. 'A press release from a security consultant drew attention to the potential problem, by which embedded links to content on servers could be used to track the usage of documents as they're passed around multiple users on the Net. Richard M Smith pointed out that the embedded content could well be invisible to the user, who could find themselves being tracked without their knowledge.'This security 'flaw' will exist in any place that URLs can be used, thus, they may exist in HTML e-mail, Word documents, or even a Linux script file that calls wget (which retrieves something based on the URL) to retrieve some URL. It's a fundamental problem to our conception of Internet security, not just a flaw in Word. If it's a flaw in word, it's a flaw that's extremely common.The problem is that there is no good way to prevent this. If you are going to allow people to use URLs to refer to network documents, and you automatically retrieve these documents without making the user confirm each one individually (if even that would help!), then retrieving an empty graphic image or a null string or something else that will be invisible will be possible.Any "solution" to this problem will make Word work less well, as they are basically going to have to just remove the feature.(Yesterday's news. Sorry for the delay, but I had a really hard time getting through to ETP.com yesterday.)

Taking Sides in the Napster War
Music & MP3
8/31/2000; 7:06:31 PM 'Napster and its kin can be viewed as sharing or stealing, as an innocent means of file sharing or an insidious way to infringe on copyright. There are plenty of sites on both sides of the issue.'

My apologies for the delay today... it seems ETP.com is slow for me today.

Court Sets October Trial Date for Napster Case
Music & MP3
8/30/2000; 12:02:31 PM A federal appeals court set the week of Oct. 2 for opening arguments in the trial pitting music song-swap company Napster Inc. against some of the giants of the recording industry.

TRUSTe admits to violating its own privacy policy
Privacy from Companies
8/29/2000; 11:01:06 AM 'TRUSTe, perhaps the Internet's most-recognized nonprofit privacy watchdog organization, learned a jarring lesson on privacy itself, when it downloaded free visitor tracking software from Internet.com's subsidiary Web site TheCounter.com two weeks ago.

'The TRUSTe "trustmark" logo visible on a Web site tells surfers that their personal information is safe because the site follows TRUSTe's code of privacy conduct. While TRUSTe's logo at the top of its own Web page is always in plain view, tracking software discovered by a security expert on TRUSTe's site was invisible to visitors. Use of the tracking software violated TRUSTe's own privacy policy and the policies it certifies 1,000 other Web sites to follow. '

Universal, MP3.com Continue Legal Battle Music & MP38/29/2000; 10:54:59 AM 'Confounding those who had expected a settlement by now, Universal Music Group took MP3.com (MPPP) back to federal district court in Manhattan on Monday to argue the damages portion of its copyright-infringement case. 'The trial, which is expected to last most of the week, focuses on whether MP3.com "willfully" infringed upon Universal's copyrights when it transferred music on Universal CDs onto its servers for use in its now-suspended My.MP3.com service. If the infringements were not willful, MP3.com would only have to pay Universal somewhere between $750 and $30,000 per CD. If they were willful, MP3.com would be liable for as much as $150,000 per CD. (MP3.com ultimately copied about 80,000 CDs onto its servers, but the parties have not yet determined what fraction came from Universal, the world's largest record group.)'The story of this lawsuit is already fascinating, and it hasn't even started yet!'Although MP3.com had told the Recording Industry Association of America nothing of its plans [to rip 40,000 CDs and store them on their servers] until then – so as not to tip off its business strategy to major labels or potential digital-music competitors – the company instantly invited the RIAA to inspect its premises to see what it was doing, with the hope, it maintains, of persuading the RIAA that its service was legal and harmless. 'RIAA representatives, including the organization's chief litigation counsel Steven Fabrizio and outside counsel Hadrian Katz, who is now Universal's lead trial counsel, took MP3.com up on its offer on Jan. 18. Three days later, the RIAA sued.'