For Your Information - Information, Technology, Society
Issue #3, January 7, 2003
It's Not The Technology, Dude...
1. Yahoo & "web beacons" -- privacy issue
2. Interesting art website - form AND function
3. AT&T Customer Service - An Oxymoron?
4. Heard on the Street - Apple vs. Microsoft
5. Wireless networking - How well does it work?
6. Resource for business people
1. YAHOO AND "WEB BEACONS" - Privacy Issue
You may not have thought about it much, but every time there is an image on a website you view, your computer has to download that image from the website before it can be displayed on your computer. Such images provide another mechanism for people to collect information about you when you're on-line. As part of the communication between your computer and the website when your browser goes to retrieve the image, information is exchanged, including such items as your IP address or information stored in cookies on your computer. Such small, essentially invisible images are called “web beacons” or simply “bugs” and are being used by some websites to obtain information about you.
The same is true when you receive an email that is HTML formatted (i.e., an email that is formatted with the same computer language and structure as a web page). There are several concerns that result from the use of web beacons in HTML email messages.
1. Spammers can validate your email address when you open/display an email from them. This means that they know that your address is valid and they can continue to send you Spam.
2. The sender can confirm that you actually received and opened the email. In extremis, this could be used in a court of law to establish that you did in fact receive that email.
3. They can be used to find out information about your browser, operating system, and mail server.
4. There is the possibility that email images might be used to “auto-execute cross-site scripting code in an attempt to trick your browser into revealing your account information to crackers with malicious intent.” (SquirrelMail.org)
Yahoo recently started implementing these “web beacons” in order to capture information about who is visiting their website or their partners' website and what they are doing while surfing. These web beacons (they are also called a “single-pixel GIF”) are one-pixel by one-pixel images embedded somewhere in the web page. You can't see them. But every time you view a page containing a web beacon, you are routed to another website which captures the desired information.
One of the programs that I use for accessing my email via the web (Squirrel Mail, an open source, standards-based web email browser http://www.squirrelmail.org) automatically replaces all web images with a local image file that says: “This image deleted for security reasons.” So, using SquirrelMail, you won't get web images but you will get text. These are the trade-offs that you have to deal with for privacy and security - you choose.
The SquirrelMail web site was also the source of some of the information provided above.
2. INTERESTING ART SITE - Form AND Function
If you like interesting art that is also functional, check out http://www.artofrain.com. This artist showed his wares at the Harvest Festival, and a friend of mine saw them and was impressed. I am too! You would never think that gutters could be interesting and even beautiful, but there you are. Enjoy, and thanks to Vicki for this one.
3. AT&T CUSTOMER SERVICE - An Oxymoron?
Here's the latest in a long string of Customer Service Snafu's from AT&T Wireless. Makes you wonder how some of our industry “leaders” even manage to stay in business, let alone turn a profit.
On December 1 I ordered the new GSM service ($100/month and unlimited minutes anytime anywhere for 2 years) plus a new Motorola T720 phone ($249 after a $50 rebate). It included AT&T's mLife service, which includes Internet/browser access plus email. To make a very long story short, I returned the whole kit and kaboodle on December 10 because the service was absolutely appalling. Many places where I had been able to receive service with my old AT&T plan were either totally “No Service” or were listed as “Emergency Services” only. Not acceptable. Calls to Tech Support yielded only the advice to browse to a special AT&T website (on my phone) which would tell Tech Support what tower they were having problems with. Duh. How can I browse the Internet when I'm calling from a land line about no connectivity!?
When I went to reinstate my old service, I was told: “It can't be done - there's a pending service order on the account.” Turns out that when they initiated my new phone service, something went wrong and my account was only partially turned up. To their credit, they immediately issued a repair order. To their discredit, the pending work order was now keeping them from reinstating my old service. There's more...
“When will this be corrected?” I asked.
“We don't know” AT&T responded. “Since you have some service it's a low priority item.”
After 30 minutes waiting on hold (I had to call the Customer Service number from the AT&T store!), I was finally able to cancel the new GSM service and reinstate my old service. It then took almost 24 hours to have my old service actually start working again.
And they call this customer service?
This new GSM service by AT&T may be good engineering, but it takes more than technology in isolation to deliver real benefits to would-be consumers. NOT RECOMMENDED.
4. HEARD ON THE STREET - Apple vs. Microsoft
In the past week, I've heard two intelligent, savvy people say that they're switching to Macintosh computers from PCs. “My windows machine was crashing all the time and I just got tired of fighting it, so I got a Mac and I love it.” A third person - an auto mechanic who just purchased his first computer - got a Windows machine from Gateway, but said that he would really have preferred to get a Mac. “It was a little too pricey for me, so I'll just fight my way through all the Windows problems.”
Could this be the start of something new?
5. WIRELESS NETWORKING - How well does it work?
For the past several weeks, I've been playing with wireless networking in my home/office. My (downstairs) office is wired to the hilt and upstairs my family has two computers that are also connected to the network for Internet access and backups. My younger son recently wanted his computer moved and connected to the network and I was faced with the unappetizing prospect of punching holes in our oak floor and stringing more CAT 5 cable. Great! Let's try wireless networking, since that's all the rage these days. Easier said than done. Here's what I've learned so far after trying wireless network gear from several vendors.
1. No matter how far the vendors say the range is, forget it. It may be only good for about 20% of their claims. For example, NetGear claims 73 yards (219 feet maximum) on their wireless router, yet I was only able to get a clean signal about 25-30 feet away. The LinkSys router that I chose had two antennas and did no better despite similar claims. D-Link (an almost winner in my tests) claimed only 50 yards (150 feet) but had the second best reception at the 30 foot range. Belkin (the eventual winner) had slightly better reception range than the D-Link and was much more reliable at that range.
2. No matter how easy the vendors say the installation is, forget it. Some of the devices are not exactly Plug n Play: you have to install your driver software before you insert the card. Some of the installations had to be done a couple of times for them to work. Two cards were dead on arrival. One card - the D-Link 520+ refused to work at all and technical support couldn't resolve the problem.
3. No matter how reliable the vendors say it is, forget it. Even within the short ranges that actually worked, the devices are incredibly sensitive to the location and orientation of the antenna. For example, I could be sitting in my kitchen with a working network connection, turn the laptop ninety degrees, and the connection dropped. Furthermore, a working connection will suddenly stop working for a time and then start up again. I assume that this is due to radio frequency interference, but I haven't been able to figure out the source. Who knows: maybe it's the ham radio operator a block away, or sunspots, or...?
4. No matter how secure the vendors say it is, forget it. The WEP (Wireless Encryption Protocol) which is included as part of the standard transmission protocol was broken almost before it hit the marketplace. See the Network Computing article, “WLAN Security: Five Simple Truths”, 12/1/2002, http://www.networkcomputing.com/1325/1325buzz3.html. At least select the encryption option when you configure your network; it may keep the amateurs out, even if the pros can break it in a heartbeat. The Belkin Wireless Access Point beat them all with a feature called “MAC-restrictions” (“MAC” = “Media Access Control” a networking techie term). More on that later.
The Linksys and NetGear devices were unacceptable in terms of range. The D-Link looked to be a good choice but failed due to reliability issues (tech support's response was: “There's a problem there but we don't have a fix nor do we know when we'll get one.”) I finally settled on the Belkin Wireless Access Point, the Belkin PCI (desktop) wireless card, and a D-Link PCMCIA (laptop) wireless card. I spent slightly under $200 for the three pieces of hardware, a bunch of my time, and now I can type and surf upstairs while being with the family. It's worth it for me (I guess I have a high tolerance for pain and irritation :), although if it were only to get my son's PC on-line, I'd probably go back to stringing cable - having my laptop unwired made the difference for me. It may not be worth it for you.
Furthermore, the Belkin Access Point has the added feature that you can limit access to only those physical network cards that you authorize. This is done by using the unique “MAC Address” (Media Access Control Address; see http://cs111.netgradebook.com/reading/howTheInternetWorks for more information) that is coded into every single network device. I feel much more secure about my wireless network due to this added security measure.
One technical note: if you install your own wireless network. Use channel 11, rather than the other channels (1-10). Wireless phones and other devices use the first 10 channels and you'll have less interference on channel 11.
One thing I can say for certain is that this is another case of technology not living up to it's claims or it's potential. I've checked with several of my associates and not everyone is as dissatisfied as I am. PROCEED WITH CAUTION.
Wireless “Security” - Another oxymoron
Security remains one of the most problematic issues - the encryption included in the Wireless standards is just plain broken and there doesn't appear to be any easy fix. In fact, the President's Critical Infrastructure Protection Board (CPIC - the folks who are bringing you the CyberSecurity Plan) have labeled Wi-Fi (an acronym for wireless networking) a “security threat”. Wi-Fi is mentioned prominently in the document “National Strategy to Secure CyberSpace” with stopgap measures to address some of the security issues. Wired Magazine (http://www.wired.com/news/wireless/0,1382,56742,00.html) quotes Richard Clark, President Bush's federal cybersecurity czar, as telling the wireless industry and corporations to "Secure yourselves or be regulated.” More wireless information can be found at (http://www.wired.com/news/wireless/).
Information about how to secure your wireless LAN can be found at http://techupdate.zdnet.com/techupdate/filters/specialreport/0,14622,6022247 ,00.html, http://www.arstechnica.com/paedia/w/wireless-security-howto/home-802.11b-1.h tml, or http://www.computerworld.com/mobiletopics/mobile/technology/story/0,10801,73 421,00.html.
Wireless everywhere? - Some assembly required
Now that I had a working wireless laptop, I figured it was time to see how well it worked in the real world. You've heard about “war-chalking”, right? In case you haven't, it goes something like this. Folks drive around searching for open wireless access ports. Depending on what they find, there's a “code” for identifying these with chalk symbols on the sidewalk (see http://www.warchalking.org/ for more details). The code is loosely based on the hobo language used in the US for hobos to identify “Food for work” or “Man with a gun”. See http://www.worldpath.net/~minstrel/hobosign.htm for examples of the original hobo chalk symbols. There is an active grassroots effort to provide community access to the Internet, and wireless networks have generated quite a bit of interest along these lines. If you're interested in more about such efforts, there's quite a bit of volunteer activity, reminiscent of the “good 'ol days” of the Internet. See, for example, http://www.nodedb.com - The Community Wireless Node Database Project - where you can find listings of active, open nodes for community access. There's also the Bay Area Wireless Users Group at http://www.bawug.org/ which also supports community access through wireless networks. Or there's an article on 80211-planet about this essentially social use of technology at http://www.80211-planet.com/columns/article.php/802841i.
Serendipitously, the New York Times' “Circuits” e-zine arrived in my mail box as I was writing this, and they featured wireless networking. See http://query.nytimes.com/gst/abstract.html?res=F70717FE385E0C718DDDAB0994DA4 04482 or http://query.nytimes.com/gst/abstract.html?res=F30711F7395E0C718DDDAB0994DA4 04482, for example. If you're not interested in roaming city streets looking for warchalk, you can go on-line to see who has a wireless access point (try http://www.80211hotspots.com, so named after the fact that wireless networking uses the 802.11 protocol). I found a “hotspot” at my local coffee shop, World Ground. They have SurfAndSip (http://www.surfandsip.com) in their cafe, along with a portable Mac in case you don't bring your own computer. Of course, it's not free. You get to either sign up for a $20/month unlimited access account with SurfAndSip, or purchase a “Frequent Surfer Card” for a limited number of minutes (try $2.50/15 minutes - if you've been using your own broadband connection lately, you'll be astounded at how quickly the minutes roll past. Waiting for a slow site to load is particularly frustrating as you see the minutes/dollars tick away).
You can also see several very good articles in the October issue of Wired Magazine (http://www.wired.com), the “Wi-Fi Special Report” which includes articles such as: “The Long Road to Internet Nirvana”, “Being Wireless”, and “Unplugged U.” As you might expect, Wired's articles are somewhat enthusiastic, although the comments on the Boingo network (http://www.boingo.com) mirror my concerns about who will use and pay for Wireless access (Boingo charges $75/month for access, MUCH more than SurfAndSip does).
I tried the SurfAndSip connection with a free 15-minute trial. It works (and at a pretty fast clip, too). But, I wonder how much one might actually use it. It seems to me that this is a “tool” for people who aren't tied to an office all day such as retirees, students, or people taking some time off.
I also checked out the availability of wireless access at my local Starbucks, most of which appear to be “wirelessed” through T-Mobile (http://www.t-mobile.com), although I didn't use the service. You can buy a pay as you go plan ($2.99/15 minutes and $0.25/minute thereafter) or sign up for unlimited access (starts at $29.99/month).
I did find free access (accidentally). While waiting for my son at a local SuperCuts, I found an open wireless connection and could have surfed the Int ernet for free. Interesting, but not really useful.
The real problem is that you're still restricted to whatever commercial wireless carrier you subscribe to. If you want to use this stuff (for more than just for a quick test as I did), you'll really need to purchase an account with a wireless provider. If you're like me, there is more than one place that you go: a SurfAndSip account would work great at “World Ground”, but then I'd have to have another account if I wanted to go to a Starbucks. Not exactly universal access, unless you have deep pockets. In my opinion, this won't really catch on until the wireless networks set up “automatic roaming”, analogous to the way you can use your cell phone anywhere.
Of course, there are wireless connections for your PDA or cellular phone, but you haven't suffered until you've tried to operate a web browser on one of those devices. Trust me, I have and it's suffering with a capital 'S'.
6. RESOURCE FOR BUSINESS PEOPLE - Planning for 2003
The Institute of Management Consultants (IMC) of which I am a member, is presenting “Beyond Survival: Planning for 2003”. The speaker is acclaimed consultant, Jim Horan, creator of the One Page Business Plan. According to Tom Peters: “The One Page Business Plan is an out-and-out winner” and you and your business can win by attending this seminar. It will be help on January 16 (Thursday), 2003, at the PMI Plaza, 3003 Oak Road, Walnut Creek, CA. The location is one block northwest from the Pleasant Hill BART station with plenty of validated parking. Cost is $35 payable through Acteva (http://www.acteva.com/go/ebcn). Check out the flyer on my website (http://www.edpci.com/Articles/IMC_Planning.pdf) for more information. Attend yourself and/or invite your business associates for a memorable start to the new year. RECOMMENDED.
Have a great 2003!