Byte by Bite

SP2 update and Net neutrality

by Marv Dealy

While the update released on August 8 did fix some problems, it introduced a brand new bug all on its own. According to Robert Lemos, Security Focus (http://www.securityfocus.com/news/11408?ref=rss) by the day after the upgrade was fixed folks were complaining that Internet Explorer was crashing on some web sites. By August 12, Lemos says “security researchers at eEye discovered that the issue could be used to not just crash the browser, but to compromise PCs running Windows XP SP1 and Windows 2000.”

Lemos writes that Marc Maiffret, chief hacking officer (there’s a title for you) at eEye Digital security, said “Any half-decent researcher knows that this is an exploitable bug.”

Lemos continues that scans made by Microsoft’s malicious software tool revealed that of the 270 million computers scanned, some 47 million computers are running either Windows 2000 or Windows XP SP1.

While Microsoft says that it’s working on a fix to the patch, this whole thing is causing some folks to wonder about the advisability of immediately applying newly released patches. Some network administrators are wondering whether it’s best to go back to the practice of waiting a few days before applying patches to see if any problems such as this crop up. Microsoft, on the other hand, insists that it’s still best to apply patches immediately. Personally, it makes my head hurt.

So what should you do? For the most part, I’d think that updating your XP Service Pack One to an XP Service Pack Two should have been done long ago. In any event, Microsoft will release a fix to the patch on the inner tube that covers the hole in the barn most recently discovered any time now. If you’re not sure if your Windows computer has all the recent updates it should, you can check by using Microsoft’s Windows Update tool. Go to Start, then All Programs, and then Windows Update.

If you’re sure your computer has legitimate Windows software on it, you can use the Express install choice, otherwise you might want to use the Custom option and you might not want to select the Windows Validation Tool. If you want to learn more about why, just Google windows validation tool. Or, chuck your Windows machine and buy a Mac.

Net neutrality

You might not have paid a lot of attention up to now to the debate over net neutrality. The argument pits cable TV, telephone and wireless companies on the one side against companies like eBay and Google on the other. Thrown into that mix are lawmakers in Washington.

Wikipedia says that network neutrality means the network doesn’t favor one application (such as the world wide net) over another (online gambling or VoIP) (http://en.wikipedia.org/wiki/Net_neutrality). They go on to say that in the US, the phrase more particularly applies to the argument that Internet access providers are making that they can charge different amounts for different levels of service.

What that means in sidewalk English is that he who pays more gets through the intersection faster without net neutrality. Imagine the main stoplight in downtown Sonora is always red for all three directions. Then, imagine that someone is willing to pay extra to get through that intersection, and by paying would be allowed to drive on the sidewalk and thereby circumvent the traffic jam that a bypass would have long ago alleviated.

The people who want the Internet to stay just the way it is are you, me, and companies like eBay who don’t pay extra to blast their products and services to the world. On the other side of the table are the companies who have invested billions of dollars in upgrading the infrastructure that allows the Internet to work. They’d like to charge some customers a premium to let their packets get through the intersections first, guaranteeing a higher level of service. Those preferred packets would, essentially, be preceded by a police motorcycle clearing the way through the packets made up of more humble information that can’t afford to pay the same price, say the packets that represent your club or group’s free web site or your free email.

Another company that wants to see the status quo maintained is Google, for pretty much obvious reasons. Their highest paid lawyer stood up and with a straight face announced at a debate organized by the Progress and Freedom Foundation (www.pff.org – generally supports deregulation and a free market in telecommunications) that “I’m not worried so much about Google in this regard, I’m worried about the small innovators at the edge of the networks.” (http://news.com.com/Google+defends+Net+neutrality+regulations/2100-1028_3-6108376.html)

I say Google’s lawyer said that tongue in cheek because of course Google has a vested interest in not paying more money for people to access their products and oh, by the way, their ads. If Google had to start paying umpteen million dollars a year to get into the express lane even though they have a zillion more than 15 items in their basket the stellar financial track record to date that Google has posted would undoubtedly take a beating.

What do most of us want? I’d think a status quo. This is a pretty substantial issue, so you ought to get reading up on it, and contact your state and federal politicians and let ‘em know you want your Internet, and you don’t want it to be divided into a have and a have-not kind of place.