Cyber Ramblings - Nov 21, 2000

21 November 2000
Compiled by Kevin Smith

Bulgarian Discovers Glitch in Internet Explorer
While Netscape launched its newest Web browser last week, Netscape 6, amid problems with glitches, this week Microsoft's browser, Internet Explorer, got a matching black eye. Georgi Guninski, a well-known Bulgarian bug hunter, announced this week that the program has a security vulnerability that could let Web masters take over a user's computer. Guninski posted a security advisory on his website. Guninski ranks the problem as high risk. Malicious Web masters can exploit so-called ".chm" files, a compressed help-file format, to execute arbitrary programs on a user's computer, Guninski said. The bug also allows viewing of temporary Internet files stored on the user's hard drive.

eBay Releases Application Program Interface
Trying to get an edge on the ever-expanding wireless market, eBay released a program this week that will allow other companies to create their own applications based on the online auctioneer's technology. The program, known as the eBay Application Program Interface (API), will initially be available to a limited number of the company's licensed partners and developers. The new platform will enable eBay and its partners to expand more quickly to new devices like wireless phones and handheld computers, eBay said. The company added that its 19 million registered users would benefit as more vendors sign on to sell products online.

British Authorities Bolster Cybercrime-Fighting Efforts
The British government has earmarked about $36 million in creating a new 80-member police unit to crack down on cybercrime. The National High-Tech Crime Unit, will begin work in April in trying to put an end to cyber criminals both locally and nationally. The funding, announced Monday, will also establish a 24-hour international hotline for trading information on potential attacks on the national infrastructure and promote closer cross-border relationships between law enforcement agencies. Also this week, members of the Council of Europe are meeting in Strasbourg, France to create an international treaty to standardize Net crime prevention and prosecution.

Hybris Worm May Be Harmless; Some Still Cast Warning
While some anti-virus companies feel the worm called Hybris is relatively harmless, others caution that it could still prove to be a menace due to the way it is written. Although Hybris carries no destructive payload and causes little harm, it can update itself as it spreads, making it a viable element to worry about. The worm comes as an email attachment that, when opened, replaces a file on the recipient's computer called "WSOCK32.DLL," a dynamic linking library. DLLs are files that application programmers use to share code among various Windows applications. Once it has replaced the DLL, Hybris monitors outgoing email and distributes copies of itself to recipients, randomly generating the name of the attached payload.

New TLD Wins First Battle in Court
In what could be the first of a litany of court actions filed against the Internet Corporation of Assigned Names and Numbers (ICANN), one of seven new global Top Level Domains (TLDs) picked last week still got the green light from a U.S. federal judge. One of the new TLDs, .biz. was challenged by Economic Solutions Inc. which owns the rights to a similar country-code TLD (ccTLD), .bz. The .bz country domain was registered for the country of Belize. ESI agreed in 1999 with the Government of Belize to market and sell the .bz (ccTLD) of Belize to international applicants on the government's behalf on condition that the registrar pays a royalty to the government for each sale.

The Future of Searching the Net?
Thanks to a move by RealNames, Web searching could undergo a radical change in the future. The U.S. company that markets common words as website names, announced plans to open its system to competition. Internet users searching for keywords registered through RealNames will be taken to licensees of those keywords. The user needs only enter a keyword in his or her browser. Microsoft has already adopted the system for use with its dominant Internet Explorer browser. So, for example, if you enter the word "Madonna" in Internet Explorer, without the "http://www." prefix or ".com" suffix, the browser will take you automatically to The system is also supported by popular search engines and has been embraced by AvantGo's software for use with its handheld devices.

Aussie Firm Looks to Ban All Generic Words as Domain Names
Plans being pursued by the .au Domain Administration (auDA) in Australia would ban the use of generic words as domain names. The auDA this week released its Public Consultation Report on proposed changes to domain name administration and policy in the .au space. Although the report covers 14 domains, attention is centered on one proposal. Under the proposal, a ban on generic domain names, which currently applies to, would be extended to all other local domains. Since January 1998, the domain has banned the registration of "generic" terms, with those terms defined by the category headings used in the Yellow Pages. Australian place names are also banned, a ruling which has led to disputes with domain name registrants in the past.

Visa, BBB Team to Boost Consumer Confidence
Visa USA and the Better Business Bureau said this week they have signed a two-year agreement aimed at boosting consumer confidence in e-commerce. The deal links Visa, the number-one credit-card company in the U.S., with the corporate-backed BBBOnline. The partnership begins immediately with the launch of a program designed to promote safe online shopping for the holiday season. The partnership will educate consumers on "smart shopping" practices and establish mechanisms to resolve online disputes. Additionally, BBBOnline and Visa will work with online merchants to put in place risk-management practices that keep credit card information secure.