From: Mark Neely <[EMAIL PROTECTED]> - - - - - - - - - - - - - - - - - - - - Net-Alert 18 August 1999 If you have any questions, comments or other feedback concerning Net-Alert articles, contact the Editor at <mailto:[EMAIL PROTECTED]> Previous editions of Net-Alert are available at http://www.onelist.com/arcindex.cgi?listname=net-alert Subscription and unsubscription details are available at the end of this newsletter. ____________________ Contents: ## Minor hiatus for Net-Alert ## Auction's Achilles heel? ## "Cybercrime" on the rise - but few prosecutions ## Microsoft publicity stunt backfires ## Sensible advice for online shoppers ## Custom encryption cracking PC has developers worried ## How real is credit card fraud online? ## More tales of the obvious ## The dot.com multiplier effect ## Reach out and write someone ## How fresh is the Web content? ## An email heads-up ____________________ Minor hiatus for Net-Alert I will working interstate for a few weeks starting next week, so Net-Alert will go into a hiatus of sorts. I will still be contactable via email if you have any questions or articles to share! To make up for this, I've prepared a bumper issue! See you all soon. ____________________ Auction's Achilles heel? Web auctions are proving a boon for consumers in search of hard to buy items or bottom-dollar prices. But they have their weaknesses. Net-Alert has previously noted the potential for fraud when the parties to a transaction deal with each other at a distance. Does the vendor ship the goods and then hope to get paid, or does the buyer part with money and hope the goods turn up? These issues can be overcome through the use of escrow agents (an independent 3rd party that collects the payment from the purchaser and only pays the vendor when the goods are delivered intact to the purchaser). But escrow agents are not a complete solution. There have been reports of "bid shielding", which works something like this: A bidder places a deliberately low bid for an item. An associate then places an outrageously high bid for the same item. The high bid serves to ward off other potential bidders. At the last moment, the associate revokes the bid, leaving the lower bid to win. Something to keep an eye out for if you frequently use auctions to sell items. ____________________ "Cybercrime" on the rise - but few prosecutions David Banisar, high-profile privacy advocate and lawyer, recently published an article in Criminal Justice Weekly noting that there has been a spike in the number of computer crimes referred by US investigators (including the FBI) for prosecution. However, a majority of the cases were being rejected by government lawyers. According to the article, 419 computer crime cases were referred to government prosecutors in 1998, but charges were filed in only 83 cases. A key reason given for the low prosecution rate was the difficulties involved in proving computer crime. Most of the cases were rejected due to a lack of admissible evidence. ____________________ Microsoft publicity stunt backfires In an attempt to draw attention to the security of its new Windows 2000 operating system, Microsoft Corp. issued a challenge to all comers to circumvent the security of an Internet host configured with a beta version of Windows 2000. The result of the challenge is unclear, which is not surprising - the target host crashed several times before wannabe hackers could try their tricks. Conflicting explanations were given by Microsoft, including router troubles and electrical storms. ____________________ Sensible advice for online shoppers Choice Australia, a consumer advocacy and education group, has released a new report titled: Online Shopping - what you need to know. Key recommendations are: - buy only from secure servers - shop around for information and the best price before buying - familiarise yourself with the vendor's privacy policy - ensure that there is a clear and unambiguous policy dealing with the return of goods - make sure you know what you're buying and what you're paying URL: Choice Australia report http://www.choice.com.au/YourRightsView.asp?CatID=6&ArticleID=7 32 ____________________ Custom encryption cracking PC has developers worried A new computer, nicknamed "Twinkle" and designed by Adi Shamir, one of the original developers of the RSA encryption technology, has security experts and privacy advocates worried. If built - and at a cost of around US$2 million it is well within certain budgets - it could theoretically crack most encrypted files in a matter of days, not the months or years (or, in some cases, decades) most existing encryption-cracking technology requires. While sensitive military, financial and government data are protected by superior encryption algorithms using longer key lengths, most individuals and companies must make do with less secure encryption technology, which uses shorter key lengths and, as such, are especially vulnerable to the complex computational capabilities of Twinkle. URL: News-Real article http://www.news-real.com/story/19990814/10/06/5393308_st.html ____________________ How real is credit card fraud online? Only 0.3% of online retailers surveyed for a recent ActivMedia Research report reported encountering "substantial" online fraud. 85% reported that it was not a problem. Companies with both traditional and online stores reported that the incidence of credit card fraud is lower online. URL: Business Week article http://www.businessweek.com/ebiz/9908/dm0816.htm ____________________ More tales of the obvious NFO Interactive will soon release a report, titled "Online Retail Monitor: Branding, Segmentation & Web Sites," which contains this curiously obvious gem: Online consumers not yet buying on the web report that trusting a retail web site to keep their personal information private is the number one attribute that would persuade them to start buying online. In what can only be described as a delightfully ironic twist, another survey, this time by Jupiter Communications, reports that about 64% of users surveyed mistrust online privacy policies published by Web vendors. URL: NFO Interactive Press Release http://www.nfoi.com/nfointeractive/nfoipr81699.asp Jupiter Communications Press Release http://www.jup.com/jupiter/press/releases/1999/0817.html ____________________ The dot.com multiplier effect If the wild share valuations on IPOs for companies with even the most tenuous link to the Internet have you unsettled, then you should probably skip to the next section. A Purdue University study, titled "A Rose.com by Any Other Name," has found that companies can significantly boost share prices by merely adding a ".com" or ".net" extension, or somehow using the word "Internet" in their name. The report is based on a survey of 52 companies that changed their name between June 1998 and March 1999. It found that share prices rose 125% in the time period starting five days before the name change to five days after. URL: SJ Mercury article http://www.sjmercury.com/svtech/news/breaking/internet/docs/761 181l.htm ____________________ Reach out and write someone If you're a big fan of writing to friends living overseas, but loathe the drudgery of walking to the Post Office and queuing for stamps, you might find this site worth investigating. LetterPost operates a Web-to-letter postal service. You can log onto their Web site and compose letters to your friends anywhere in the world. Each letter costs US$0.99 to send (you must buy "stamps" in lots of 10). Your letters and the envelopes used to send them are professionally printed, and include your return address if required. Delivery usually occurs within 3 days of sending (the letters are printed and posted from the LetterPost office nearest the recipient). The site uses secure online payment technology and has a strict privacy policy (your letters are not read by the service). [Of course, that assumes you're one of the 36% of people who trust online privacy policies - MN] URL: LetterPost - http://www.letterpost.com ____________________ How fresh is the Web content? Not all Web sites advise visitors when their Web pages were last updated. Now you don't need to wonder - find out yourself with a neat piece of JavaScript code. Type (or cut-n-paste) the following into the Address bar of your Web browser and press Enter: javascript:alert(document.lastModified) A dialog box will appear with the date and time that the Web page was last modified. ____________________ An email heads-up I went to email a document to a client the other day. I had temporarily renamed the working copy of the document to ease the process of integrating text from various versions of the document. Luckily I just added "rewrite" to the end of the original document name. But it struck me how easily I could have renamed it something a little more embarrassing. More importantly, I realised how likely it is, once you are proficient with using attachments, that you won't bother checking document names as you attach them. Just imagine how a client might feel to receive an email with one of the following attachments: Attachment: rehashed_pricing_for_sale.doc Attachment: extraprofit_invoice.doc Attachment: problematic_data.xls Keep an eye on your document naming conventions - they might tell your clients more than you would like them to know! ____________________ Send a copy of Net-Alert to a friend. Forwarding this newsletter to friends and colleagues is encouraged, providing the message is forwarded in its entirety, including the copyright notice. ____________________ If you received this copy of Net-Alert from a friend, you can subscribe by visiting the following URL: http://www.onelist.com/subscribe/net-alert or by sending a blank email to [EMAIL PROTECTED] To UNSUBSCRIBE, send a blank email to [EMAIL PROTECTED] ____________________ Net-Alert is copyright (c) Mark Neely 1999. Forwarding this message to friends and colleagues is encouraged, providing the message is forwarded in its entirety, including this copyright notice. - - - - - - - - - - - - - - - - - - - - --------------------------- ONElist Sponsor ---------------------------- Start a new ONElist list & you can WIN great prizes! For details on ONElist’s NEW FRIENDS & FAMILY program, go to http://www.onelist.com/info/onereachsplash3.html ------------------------------------------------------------------------