June 1, 1998
Hijacking e-mail, file cache space, and the Galaxy 4 satellite
One thing we Windows users don't like is people sending us commercial e-mail -- otherwise known as spam -- when we haven't requested it. The Internet's popular SendMail program has recently been revised to give ISPs more tools to stop spam, such as refusing to deliver messages that have bogus return addresses. But vigilant ISPs continue to find new defenses against the tide of junk e-mail.
I wrote in my March 4, 1996 column (See "How Java Script uses the Web to scam your e-mail,") about a way Web sites could capture your address without your knowledge. Now Glenn Fleishman, who gave me the tip on how that trick worked, is sounding the alert about another scam making the rounds.
He's created a small demonstration at his own Web site to show how the latest spoof works. Basically, Web sites cause your browser to silently download a tiny file using the Internet's FTP. To start the FTP download, your e-mail address is sent.
Netscape Navigator is commonly configured to send your current address in this situation. One way to avoid this is to click Edit, Preferences, Advanced in Navigator, and turn off "Send e-mail address as anonymous FTP password." Fleishman says Macintosh versions of Web browsers are also commonly configured to give out your e-mail address.
The trick doesn't work with recent versions of Internet Explorer, which send Web sites a generic e-mail address, such as ieuser40@. (The @ sign fools the Web site script.) But you can increase Explorer's resistance to other tricks by clicking View, Internet Options, Security, Settings, and strengthening your setting for User Authentication, Logon.
In my opinion, it's unethical for commercial entities to collect personal information from you or about your computer without your consent. Closing the loophole described above won't stop all spam. But it's one step toward more privacy on the Web.
Fleishman, the co-author of Real World Scanning & Halftones (Peachpit Press, http://rwsh.com), invites users to visit http://www.glenns.org/cgi-bin/nph-ftpgrab to see what information their browsers give out. The script takes several seconds to work -- click Refresh if you see no results on the first try.
Explorer cache update
Speaking of Internet Explorer, I reported in my columns of March 30, April 6, and April 13 that problems with the file cache in Explorer 3.0 and Explorer 4.0 keep features such as Subscriptions from working properly.
CacheSentry, a free program I described that fixes the problem, has recently been released in an updated Version 1.0. (The previous versions were technically beta versions.) You can download it at http://www.mindspring.com/~dpoch/enigmatic.
Now hear this, Earthlings
You probably heard that the Galaxy 4 satellite went off course two weeks ago, shutting off service to National Public Radio, 80 percent of the United States' 50 million pagers, and other communications systems.
The explanation making the rounds on the Internet is that Bill Gates sent the Department of Justice a one-line message: "This is but a small demonstration of my power."
Microsoft officials deny it, but people wouldn't say something on the Internet if it weren't true, would they?
Brian Livingston is the co-author of several best-selling Windows books, including the most recent Windows 95 Secrets (IDG Books). Send comments to brian_livingston@infoworld.com. Unfortunately, he cannot answer individual questions.
Missed a column? Go back for more.
Copyright © 1998 InfoWorld Media Group Inc.
![[Window Manager]](../../../pageone/hedrgifs/clblivin.gif)
