------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 82: 12/01/99
------------------------------------------------------------

Y2K Propaganda Beginning To Unravel

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Y2K Propaganda Beginning To Unravel
2) Engineers On Internet Y2K Breakdowns
3) Pentagon Lists Things That Can Go Wrong
4) Industry and Government Not Y2K Compliant
5) Small Businesses and Y2K
6) U.S. Army Authority Over 77 Texas Counties?
7) Y2K Wake-up Call

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Propaganda Beginning To Unravel
------------------------------------------------------------

Dan Steele, EE

All is not good on the Y2K front. The peaceful reports we have been
given by the government and the news media, are beginning to fall
apart. Just like the rioting at WTO, confusion and danger could
result.

All is not good on the Internet front. The system is vulnerable to
disruptions. So reports the committee of engineers in the first
article that follows.

The Y2K taskforce organized by the Internet Association of Japan
has developed a comprehensive analysis and simulation of technical
problems that could occur on the Internet due to Y2K, according to
a Newsbytes story published Nov. 30 in Computer Currents.

The taskforce authors emphasize that the nature of the Internet -
as a collection of mutually connected networks - means that
problems in other areas of the Net may influence other networks, no
matter how well prepared each provider may be.

The case studies looked at individual Net-connected servers, the
routing of traffic between computer servers on the global Internet
and the DNS and how servers behave in conjunction with the
directing and transferring of e-mail and other Internet traffic.

All is not good on the Pentegon front. This also translates
directly to problems you can expect to affect your own PC, too.
In our second article, the Pentagon Lists Things That Can Go Wrong
with their PCs, and by extension, to your PCs as well. This is a
very brief list, but, it is amazing that the Pentagon presents it
after all the claims at being "on top of everything Y2K".

Guess what? The U.S. Industry and U.S. Government are NOT Y2K
Compliant. Does this come as a surprise to you? Then read our third
article.

"Because so many small businesses won't be prepared for the new
millennium, the demand for Y2K fixes likely will exceed the supply
in January."

-John Koskinen, chairman of the President's Council on Year 2000
  Conversion

Wow. This is pretty blunt, coming from Koskinen, who has been
running the propaganda machine on "rosy Y2K scenerios".

These articles and more are brought to you in the hopes that you
can help "spread the word" to people, so that THEY can evaluate the
situation themselves. It could help prevent problems later.

------------------------------------------------------------

2) Engineers On Internet Y2K Breakdowns
------------------------------------------------------------

Adam Creed, Newsbytes

A Y2K taskforce organized by the Internet Association of Japan has
developed a comprehensive analysis and simulation of technical
problems that could occur on the Internet due to Y2K.

The findings of the report have been published on the Internet and
are available for Internet service providers and network engineers,
along with countermeasures to any possible problems.

The authors emphasize that the nature of the Internet - as a
collection of mutually connected networks - means that problems in
other areas of the Net may influence other networks, no matter how
well prepared each provider may be.

The case studies looked at individual Net-connected servers, the
routing of traffic between computer servers on the global Internet
and the DNS and how servers behave in conjunction with the
directing and transferring of e-mail and other Internet traffic.

Problems were identified in servers that use and rely on Internet
protocols like HTTP and FTP as well as computers that require
access to worldwide DNSs.

Under certain scenarios e-mail and news group articles could be
discarded, e-mail could build up on a mail server and be delayed
and IP addresses may not be found. Also older operating systems on
routers may have Y2K problems and certain sites may become
congested.

Recommendations include:

1) ensuring server software is upgraded to the latest version
2) be aware and plan for abnormal traffic loads over New Year
3  adjusting clock sources and DNS settings.

On a global scale, the taskforce called for more international
cooperation on Y2K contingency matters for the Internet
infrastructure.

They particularly called for an investigation of all major DNS
servers and the running of simulations to see under what
circumstances mail and other servers could fail.

The IAJ taskforce's report is available on the Web, at
http://www.iaj.or.jp/y2ktf/r01e.html.

------------------------------------------------------------

3) Pentagon Lists Things That Can Go Wrong
------------------------------------------------------------

Joint Staff, Y2K Task Force

Here is the Pentagon's list of Y2K problem areas. This is from
Joint Staff, Year 2000, Operational Evaluation Guide, prepared by
the Joint Staff, Y2K Task Force, The Pentagon, Room 1D825,
Washington, DC 20002.

* * * * * * * * * * * *

SYMPTOMS LIST OF COMMON Y2K FAILURES

* System date upon powering up is 1980 or some year in the distant
past

* Date display (displayed at the "date" command) is different than
expected

* Unexpected expiration of passwords, licenses, security cards,
etc.

* Operating system file operations give unexpected results, e.g.,
files that are really young are treated as if they are old (the
operating system asks if you wish to overwrite a "old file" that
you know to be a "new" file)

* Software development tools/systems (compilers) that overwrite
"old" versions do not perform as expected, e.g., changes made to
compiled programs suddenly disappear and problems that have been
fixed suddenly reappear after recompilation of modules

* Auto-archive or delete functions on files or email are launched
immediately after a year 2000 date is encountered

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to "talk" to applications that are external to the
local network

* Reduced throughput due to operations at lower rate communication
links as a result of loss of master timing distributed by satellite
systems

* Ability to maintain voice switches numbering plan lost, e.g.,
cannot add or remove users. This impact will increase with time if
not corrected

* Loss of ability to pass traffic in record traffic systems due to
anti-orbital provisions

* Cryptographic operations will be degraded to transmission in the
clear; followed by key initialization and distribution problems
resulting from expired key

* Intel analysis could be impacted if time ordered images are
utilized

* Loss of weapon systems targeting capability due to loss of radar
operations

* Routers encounter cyclic redundancy check failures

Link: http://209.207.236.112/2000/y2k/docs/y2kopeva.html#appc

------------------------------------------------------------

4) Industry and Government Not Y2K Compliant
------------------------------------------------------------

Computerworld

Only 13.5% of small and midsize chemical and petroleum firms have
completed Y2K preparations.

The Food and Drug Administration said 4,053 high-risk biomedical
devices remain noncompliant. More than half of all health care
providers won't be ready. And 70% of schools are unprepared.

The PR departments will have a lot of explaining to do in January.
The public will have a rude awakening.

In September, Cap Gemini America, an information technology
consulting firm in New York, found that 44% of major companies
wouldn't have their mission-critical systems compliant by January,
according to a Nov. 28 article in ComputerWorld.

A CIO magazine poll found that 81% of large companies weren't yet
finished and that half the companies surveyed had no contingency
plans.

A National Federation of Independent Business study found that 40%
of small businesses had done nothing about Y2K.

Where progress has been made, work completed to date remains in
question, ComputerWorld said.

According to independent validation and verification (IV&V) studies
by SEEC Inc. in Pittsburgh, the average mainframe or midrange
system contains 510 date-related errors after remediation.

A second study in February by Reasoning Inc. in Mountain View,
Calif., found between 100 and 1,000 bugs in similar samplings.

An unrelated study by SriSoft Corp. in Diamond Bar, Calif., in
October discovered that testing catches 30% of Y2K bugs, while IV&V
uncovers another 40% to 45%. This leaves 25% of the remaining bugs
in a best-case scenario.

Statistics drawn from government hearings and Web sites paint a
more detailed picture. Only 13.5% of small and midsize chemical and
petroleum firms have completed Y2K preparations.

The Food and Drug Administration said 4,053 high-risk biomedical
devices remain noncompliant. More than half of all health care
providers won't be ready. And 70% of schools are unprepared.

ComputerWorld said even best-case scenarios are imperfect. The
Social Security Administration (SSA) began year 2000 efforts in
1989.

In July, according to the Information Systems Accounting &
Information Management Division, SSA found 1,565 year 2000 errors
in mission-critical systems. Only 44% of these had been fixed as of
October. SSA is still checking data and finalizing contingency
plans.

Why is the government telling us that most industries are 100% Y2K-
compliant when bug-free systems are a myth?

The answer is that the government and selected industries don't
want people to panic. But when things go wrong, people will demand
answers.

The unrealistic Y2K performance expectations set by industry
associations are unachievable.

Link: http://www.computerworld.com/home/print.nsf/all/991129CE6A

------------------------------------------------------------

5) Small Businesses and Y2K
------------------------------------------------------------

Houston Business Journal

Most surveys show that 28% of small U.S. businesses are planning to
fix on failure. The estimates run from 14 million to 24 million
small businesses in the U.S. 28% of 24 million is 500,000.

There's enough time to get all businesses fixed, Koskinen says.

Up to 500,000 small businesses have decided to wait until Jan. 1 to
see if they have any Year 2000 computer problems, figuring they can
address any glitches after they occur, says the White House's Y2K
czar.

This story appeared in the Houston Business Journal on Nov. 29.
This "fixing on failure" strategy enables these businesses to avoid
the cost of Y2K identification and testing programs.

But it's risky, says John Koskinen, chairman of the President's
Council on Year 2000 Conversion.

* * * * * * * * * *

"Because so many small businesses won't be prepared for the new
millennium, the demand for Y2K fixes likely will exceed the supply
in January."

* * * * * * * * * *

Small businesses with computers or other devices that malfunction
when they read the last two digits of 2000 as 1900 may have to wait
weeks or even months to get the services or products needed to fix
the problems, Koskinen says.

Even though there are only a few weeks left in 1999, there is still
time for small businesses to squash the Y2K bug before it bites,
the Houston newspaper reported.

* * * * * * * * * *

"But clearly we're getting close to the edge," Koskinen says.

* * * * * * * * * *

The good news is American businesses and governments as a whole are
"well-prepared," says Commerce Secretary William M. Daley. "And the
economy should be able to shrug off the relatively minor
disruptions that inevitably will happen."

Link:
http://www.amcity.com/houston/stories/1999/11/29/newscolumn1.html

------------------------------------------------------------

6) U.S. Army Authority Over 77 Texas Counties?
------------------------------------------------------------

The Internet allows us to discover bits and pieces that would not
normally get to the general public. The click-through links at the
bottom of the site's page on martial law allows verification. The
link to the video also adds credibility.

Americans who understand why the U.S. Constitution places civilian
authorities over the U.S. Army except under emergency conditions
will understand the threat that martial law offers. There is no
national emergency yet.

George W. Bush has not declared a state of emergency. He has not
mobilized the National Guard. As this article reminds us,The US
Army has no authority over the civilians. On the contrary, the
United States Constitution places the Army under civilian control.

Additionally, the Posse Commitatus Act (18USC1385) prohibits
military personnel from executing local, state, or federal laws
except as the Constitution or act of Congress authorizes.

So, what is going on here?

While everyone has been wondering what excuse the Federal
Government will use to declare Martial Law, we have been living
under it.

For years, right here in Texas, US Army soldiers have been
performing civilian law enforcement duties off base, according to a
story published by InfoWars.

According to a U.S. Army SWAT Entry Team Leader with the 38th MP
unit at Fort Hood, the City of Killeen has been using the Fort Hood
SWAT Team to serve warrants and arrest civilians for at least the
past two years.

Apparently, Killeen does not have a SWAT Team of its own, so the
city uses US Army soldiers instead. The Army, for its part, seems
only too happy to oblige.

All of this came to light when Mike Hanson, cameraman for
documentary film maker Alex Jones, spotted a bus being searched on
a blocked-off stretch of the feeder road along I-35 in the middle
of Temple.

Mike was on his way to Waco with a load of building materials for
the new Mount Carmel Chapel. With his camera ever at the ready,
Mike got off at the next exit and swung back around to film the
incident. Other local media were already at the scene of
what appeared to be an ordinary police search.

The subject of the search was a Greyhound bus that was stopped at 5
a.m. on its way from Dallas to San Antonio in response to a bomb
threat. Lt. Best, the Temple police officer responsible for the
media, immediately approached Mike and informed him that this was a
military operation being conducted by the EOD group from Ft. Hood.

Lt. Best requested that Mike not film the faces of the soldiers
performing the search, but film them from the back only. Mike
said that we did not have secret military police in this country,
and wanted an explanation as to why these soldiers could not be
filmed.

According to InfoWars, Lt. Best responded, "They do stuff like this
and they just don't want the people to know what they've done."

Link: http://www.infowars.com/martiallaw.html

------------------------------------------------------------

7) Y2K Wake-up Call
------------------------------------------------------------

Dan Steele, EE

Most Americans are pretty well numbed by Y2k news. The whole Y2k
thing seems unreal -- at least, less real than the goings on in the
virtual world.

Many can accept the soundness of internet companies with no sales,
negative profit, yet millions of dollars in capitalization. But a
software screw-up because of Y2k? Nah. Can't happen to me.

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems *will* affect you. Electrical problems and sporadic
brownouts will occur, gradually increasing after January 1.

There *will* be internet sites with problems. Shopping carts, and
other CGI-BIN processes will fail at some sites because the perl
scripts weren't checked. Some hosting firms have inadequate
electrical backup... sites can't stay up running on air.

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on them. The electrical noise
will cause computer system degradation, at least, or in some cases,
destruction of solid-state devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally. When
is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too, when you had several files open.

Time to get going. With the holidays FAST approaching, do you
REALLY want to deal with this later??

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://216.156.23.77/NetsaversCenter/index3.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)


------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 83: 12/03/99
------------------------------------------------------------

Post Office Y2K Problems!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Y2K Software Problems Increasing
2) Postman: Post Office Y2K Problems!
3) N.J. Chemical Companies Refuse to Report Y2K Status
4) Y2K Wake-up Call
5) Russia Says Nuclear Ships Y2K Ready
6) Oil Reserves Will Be Tapped
7) LINE CONDITIONERS, GENERATORS, Y2K

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Software Problems Increasing
------------------------------------------------------------

If Y2K is so easy to fix -- "a mere technicality" -- why are most
of the announcements of alterations in software products' Y2K
status negative? With one month to go, shouldn't most of the
announcements be positive? But, month after month, the
announcements are negative.

Programmers fix products, which are then sent out. Then they must
be fixed aqain. "In addition, Infoliant has tracked 1,706 changes
to corrective action plans since September."

Infoliant Corporation announced today that during the month of
November, the Compliance Tracker(TM) Delta Report tracked 426
changes to the Y2K readiness status of off-the-shelf hardware and
software products; 338 of these changes were "negative."

Taking into account the additional 806 disclosures that Infoliant
tracked regarding revised corrective action plans, patches and
upgrades, the number of updated Y2K product readiness announcements
totaled 1,232 in November.

In the last three months, Infoliant's Delta Report has tracked
1,070 Y2K status changes; 730 of these were negative changes
(moving to a less than fully Y2K-Ready status). In addition,
Infoliant has tracked 1,706 changes to corrective action plans
since September.

"We've been stressing the fact that Y2K remediation is an ongoing
project, and the 2,700 changes we've detected in the last few
months proves this point," said Kevin Weaver, executive vice
president and co-founder of Infoliant. "With less than a month
before the New Year, we are still tracking hundreds of "negative"
status changes and even more disclosures on corrective action
plans.

This month, we tracked status changes to 262 different products
that were previously considered compliant by their manufacturers.
That's rather frustrating for those companies that are trying to
wrap up remediation projects."

Some interesting details of this month's Delta Report:

-- Manufacturers withdrew all Year 2000 support for 99 different
products

-- 101 products that were "Pending Evaluation" were tested by the
manufacturer in November; 54 of these are not currently ready for
the Year 2000

-- Only 9 products that were previously declared "Non-Compliant"
have been "upgraded" to "Action Required"

-- Changes to Y2K status were disclosed by 68 manufacturers, 8 of
which disclosed changes on 30 or more products. These include Boca
Research, Cincom Systems, Computer Associates, Corel, Dell
Computers, Netscape Communications, Silicon Graphics, and Sun
Microsystems

Link: http://www.prnewswire.com/cgi-
bin/stories.pl?ACCT=105&STORY=/www/story/12-02-1999/0001087214

------------------------------------------------------------

2) Postman: Post Office Y2K Problems!
------------------------------------------------------------

I am a PTF distribution clerk in a size 22 office in N Texas. I
have family members who are; A Postal Inspector, A Post Master, A
PMR Post Master Relief, a regular Distribution Clerk, another PTF
Distribution Clerk, and 3 Regular Rural Carriers. Also 2 retired
Post Masters. We have been in the USPS in this area for over 30
years.

About a month ago, my office recieved the version 3.03a upgrade for
the CSBCS letter sorting machines. This upgrade is part of the
overall Postal Remediation for Y2K.

We have had nothing but problems since then. They have been mostly
minor incompatabilities, but ARE disrupting the processing of mail.

The program is poorly done, poorly tested, and documented even
worse. The technicians don't even have complete documentation of
the bugs found in other offices. Each office is having to reinvent
the wheel, over and over again.

I know for a fact, that many EVERY office which I have a family
member in, that is large enough to have in-office automation, has
had problems with the new software. I have recieved reports of the
same in other offices. They are STILL in the process of adding it
to offices, so some still have this to look forward to.

Also, ALL of our computers are old 286 machines, not compliant last
I heard. And to top it off, the new version (Y2K fix) still
generates report files using the mm/dd/yy format as a filename.
Oops!

Now this is only from our end of the Postal Service. The VAST
majority of the automation is centered in Processing Plants in hub
Cities. A single letter will run through 3 or 4 machines before it
gets to the destination office.

I have little doubt that mail processing is or has recieved
software just as buggy as ours.

We will do whatever we can next year, but manual sorting is MUCH
slower. Alter your expectations accordingly.

Link: http://www.greenspun.com/bboard/q-and-a-fetch-
msg.tcl?msg_id=001tnh

------------------------------------------------------------

3) N.J. Chemical Companies Refuse to Report Y2K Status
------------------------------------------------------------

The chemical industry is chip-dependent.

The Chemical Safety Board is sufficiently concerned that it sent
out warnings to all 50 governors.

But New Jersey residents do not know what they are facing.
This is from the Bergen Record (Dec. 1).

The newspaper reported that many New Jersey chemical companies are
refusing to say whether their factories are prepared for potential
year 2000 computer problems.

The Work Environment Council has called for Governor Whitman to
order immediate spot-checks of plants because almost half of 50
factories surveyed failed to answer even the most basic questions
about safety, the Record said.

Although that does not mean the plants are unprepared, it is
upsetting in an industry that already reports hundreds of accidents
a year involving toxic chemicals, said Jim Young, the council's
special-project director.

"Citizens living and working near facilities that failed to respond
to our survey have a legitimate reason to worry," Young said.

Industry officials Tuesday said they are prepared and do not expect
problems, The Record's report said. Some factory owners said they
did not respond to the poll because they did not want to
participate in anything connected with a group known for
criticizing their industry.

Link: http://www.bergen.com/region/chemy2k199912012.htm

------------------------------------------------------------

4) Y2K Wake-up Call
------------------------------------------------------------

Dan Steele, EE

Most Americans are pretty well numbed by Y2k news. The whole Y2k
thing seems unreal -- at least, less real than the goings on in the
virtual world.

Many can accept the soundness of internet companies with no sales,
negative profit, yet millions of dollars in capitalization. But a
software screw-up because of Y2k? Nah. Can't happen to me.

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems *will* affect you. Electrical problems and sporadic
brownouts will occur, gradually increasing after January 1.

There *will* be internet sites with problems. Shopping carts, and
other CGI-BIN processes will fail at some sites because the perl
scripts weren't checked. Some hosting firms have inadequate
electrical backup... sites can't stay up running on air.

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on them. The electrical noise
will cause computer system degradation, at least, or in some cases,
destruction of solid-state devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally. When
is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too, when you had several files open.

Time to get going. With the holidays FAST approaching, do you
REALLY want to deal with this later??

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://216.156.23.77/NetsaversCenter/index3.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

------------------------------------------------------------

5) Russia Says Nuclear Ships Y2K Ready
------------------------------------------------------------

Associated Press

MOSCOW (AP) - The year 2000 computer glitch presents no danger to
the Russian navy's nuclear-powered fleet, contrary to a report
released earlier this year by a prominent Norwegian environmental
group, a Russian official said Thursday.

The Oslo, Norway-based environmental watchdog Bellona warned that
Russia's Northern Fleet doesn't have the money to deal with the so-
called ``millennium bug,'' which threatens to foul up computers
that can't distinguish between 1900 and 2000.

It said the bug could wreak havoc with the fleet and might make its
computers report false missile attacks, raising the possibility of
a mistaken counterstrike.

In a news conference Thursday, Northern Fleet commander Vyacheslav
Popov said the fleet had long ago taken care of the Y2K glitch. He
dismissed Bellona's claims as ``nonsense.''

Popov did not say where the navy, which has been nearly broke since
the 1991 collapse of the Soviet Union, found the funds to deal with
Y2K.

The Northern Fleet is based on the Kola Peninsula of northwestern
Russia, and operates 40 nuclear-powered submarines and three
nuclear surface ships, according to Bellona, which specializes in
studying the region.

Russia has been far behind other countries in preparing for
possible Y2K problems. But the U.S. military has been working with
Russian officials to ensure that the computer bug does not threaten
Russia's nuclear missile systems, and both sides say accidental
launches will not occur.

------------------------------------------------------------

6) Oil Reserves Will Be Tapped
------------------------------------------------------------

If oil exporting countries shut down in early January, the tankers
will still deliver, if they are compliant and the ports are
compliant and the pipelines are compliant, not at the price that
existed the day the exporters shut down.

The U.S. government is ready to tap the strategic oil reserve if
necessary. The 565 million barrrels in place at the reserve is
enough oil to supply half of the US imports for a 5 month period.

The U.S. Department of Energy is in the process of finalizing a
detailed plan to release crude from the Strategic Petroleum Reserve
should computer glitches as a result of the year 2000 rollover
cause supply disruptions, according to a story in Platts Oilgram
Price Report, published Nov. 22.

Sources close to the planning process concede a consensus has
developed that a release of crude from the reserve will be
necessary early next year because of expected Y2K problems with
foreign suppliers, somewhere in the supply chain, from the well-
head to the loading port.

"We are preparing very seriously," a DOE official said. "We will be
monitoring the situation across the US and internationally
throughout the rollover period, and we are prepared to carry out a
release of the SPR crude."

The DOE official, however stopped short of saying a release would
take place, according to Platts Oilgram. "We are not prepared at
this point to say that a release [from the SPR] is predetermined,"
he said.

Doe will use and Emergency Operations Center in Washington area as
the focal point for its Y2K monitoring. This center will be staffed
on a 24-hour basis between Dec. 28 and the first several days of
January 2000.

President Clinton's Y2K task force in a final report released Nov.
10, said it believes the U.S. will have few problems with its own
oil supplies and infrastructure but still has some concerns about
the readiness of foreign producers.

The report said that with four of the five countries the U.S. most
relies upon for oil imports--Venezuela, Mexico, Canada and Saudi
Arabia--the U.S. expects no problems with drilling, refining and
delivery stems from the potential computer glitch.

Less information was available for Nigeria, the other principal
supplier the report said.

DOE should finalise its Y2K plans by mid-December, the senior
official said.

Under U.S. law, the 563 million bbl SPR can be used solely for the
purpose of responding to "severe oil supply interruptions,"
reported Platts Oilgram.

The senior DOE official said the U.S. has a responsibility to
ensure that deliveries can be made from SPR of necessary. She said
that all SPR facilities are Y2K compliant and noted that crude can
be released manually if automated systems fail.

Because it takes about 14 days from a presidential order to get SPR
to market, a release of crude from the reserve would likely happen
in early January.

The American Petroleum Institute, in a Y2K white paper pointed out
that "the importing of Crude oil and petroleum products would not
stop at the stroke of midnight on Dec 31 even if a number of
exporting countries experience a Y2K problem."

It takes a little over a month for crude to be transported from the
Arab Gulf to refineries in the Gulf of Mexico, API said, adding
that every day 10 million barrels of crude are delivered to the
U.S. via tanker.

A release of SPR crude would trigger a competitive bid process
under which the oil would be sold to the highest bidder in a sealed
bid auction.

The SPR can supply about 3.9 million barrels of oil per day for
about 90 days at a maximum sustained rate, and at a lesser rate for
up to 2 years. The 565 million barrrels in place at the reserve is
enough oil to supply half of the US imports for a 5 month period.

------------------------------------------------------------

7) LINE CONDITIONERS, GENERATORS, Y2K
------------------------------------------------------------

Dan Steele, EE

Running a computer or other solid state devices on generator
supplied power can cause overheating and component failures
because the generator supplied voltage has high electrical
noise and harmonics. The generator produced power DEGRADES
the COMPUTER SYSTEM and can actually DESTROY other solid-
state devices.

------------------------------------------
Filter That GENERATOR VOLTAGE!
------------------------------------------

The voltage output of a GENERATOR is NOT the pure AC
sinusoidal waveform expected by solid-state equipment...

                      .                .
                     . .              . .
                  ...   .          ...   .
                 .      .         .      .
               ------------------------------------ 0V
                         .      .         .      .
                          ...   .          ...   .
                             . .              . .
                              .                .

but a wave form that is greatly distorted, owing to
HARMONICS.

                   ...             ...
                  .   .           .   .
                 .     .         .     .
               ------------------------------------ 0V
                         .     .         .     .
                          .   .           .   .
                           ...             ...

It is essential that a LINE CONDITIONER be used to provide
additional power filtration when a GENERATOR is going to be
used, in part, to supply power to computers and solid-state
equipment.

Continuous power conditioning helps keep you working through
extended brownouts and overvoltages. Sensitive electronic
equipment, such as computers, need the clean,
voltage controlled electric power provided by a Line
Conditioner, to assure proper performance.

That means a constant voltage level free from the electrical
"noise" and harmonics, and voltage variations typical of
GENERATOR SUPPLIED power. Automatic Voltage Regulators or
LINE CONDITIONERS  protect against these voltage
fluctuations and reduce the loss of irreplaceable data and
damage to your expensive equipment.

The Netsavers Line Conditioners utilizing automatic voltage
correction and conditioning, are recommended by Coleman for
use with their Portable Generators. These Line Conditioners
produce the clean, filtered power that is better for your
computer system.

Netsavers Line Conditioners are microprocessor controlled,
tap switching power conditioners, that automatically correct
brownouts and overvoltages.

Netsavers Line Conditioners --

http://www.suttondesigns.com/NetsaversCenter/lcy.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 84: 12/06/99
------------------------------------------------------------

Y2K: Fix on Failure? Good Luck!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Y2K Virus Flood Just Beginning
2) NYC Public Housing Authority y2k Checklist
3) Watch Your Credit Card Statement!
4) Ontario Hydro Recommends Buying Power Generator
5) Power Generators and Computers!
6) Y2K: Fix on Failure? Good Luck!
7) Y2K Wake-up Call

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Virus Flood Just Beginning
------------------------------------------------------------

Bob Sullivan, MSNBC

As another Y2K virus aimed at capitalizing on millennium confusion
circulated this week - in this case, actually infecting several
companies - anti-virus firms warned it was just the tip of the
iceberg. "We think of this as the kickoff. Y2K is the Super Bowl
for virus writers," said one expert, who expects 500 to 1,000 more
will be released before New Year's Eve. Some companies are shutting
down e-mail systems entirely to deal with the expected trouble.

DESPITE ALL THE PREPARATION, midnight Dec. 31 is expected to bring
about plenty of computer confusion, if not real electronic
meltdowns. Virus writers have decided to take advantage of the
flurry of activity and are promising to release several programs
designed to wreak havoc Jan. 1 - many even simulating a Y2K bug-
related problem.

"Thanks to all the publicity surrounding this, there's a lot of
people out there writing viruses, trying to write the one that does
the most damage," said Sal Viveros, spokesman for Network
Associates.

Add that to the fact that many companies' best information
technology workers will be out celebrating, leaving less-
experienced professionals at the helm, and you've got a
prescription for trouble.

"Our researchers are very, very worried about this," Viveros said.
"Network administrators will be looking for Y2K bugs, not viruses."
He said his firm's virus research lab will be set up "the way a
hospital handles big accidents" between Dec. 27 and Jan. 4.

This week's Y2K virus, Mypics.worm, hit about 10 companies on
Thursday, according to anti-virus firms. It is the first Y2K virus
to be found in the wild and actually infect users, according
to David Perry, public education director at Trend Micro.

Mypics.worm comes in the usual way - as an e-mail attachment. But
if users are tricked into opening it, the worm instantly changes a
victim's Internet Explorer start page to a personal home page on
Geocities. (The home-page switch is not made if the recipient is
using a Netscape browser.) If the infection is not removed, on Jan.
1 the host computer's hard drive will be erased and all data lost.

Since Mypics was discovered with Y2K nearly a month away, it poses
little threat to those who use anti-virus software. In fact, Dan
Takata of Data Fellows thinks most Y2K viruses will be released in
advance of New Year's Eve, so he thinks the real threat has been
overexaggerated.

"They won't release it the day before the turnover because then it
won't have time to spread," he said. "And if they release it now,
we've got a chance to add it to our definitions. In my opinion,
they won't really be much of a threat."

But there will be problems, Takata said. He expects some users to
be duped into opening ill-intentioned attachments by virus writers
who will compose e-mails that look like official Y2K updates.

"Somebody getting something that looks like it's from America
Online and says it's for Y2K, I expect a lot of that," Takata said.

But even if anti-virus companies have a head start on Y2K viruses,
that doesn't necessarily mean there won't be problems, according
to Trend Micro's Perry. Many users don't update their virus
software frequently, meaning they will still be at risk from the
flood of new viruses to be released in the coming weeks - despite
plenty of advance warning.

"How big a problem will it be? That's a tough call," he said.

Either way, some companies are taking no chances, electing to shut
off their entire e-mail systems on Dec. 31 and Jan. 1. Viveros said
he knows of manufacturing firms, a large legal firm and even some
high-tech firms that are employing that strategy.

"The theory is, 'We don't want to risk it. We'll just close it off
and hide in a bunker,'" he said.

Other companies are playing things a bit more scrooge-like,
preventing employees from opening executable files sent via e-mail;
that means no virtual greeting cards.

"Unfortunately, we've come to a point where it's risk against
reward," Viveros said.

Mypics spreads the way Melissa and so many others have spread this
year - by poking through a victim's e-mail address book and
sending copies of itself to potential victims found there. It's too
soon to tell if this new Y2K worm is spreading, but there is one
available hint.

The only noticeable change an infected user would see before Jan. 1
would be the altered Internet Explorer start page. Victims'
computers are pointed to a Geocities personal home page which
Vincent Weafer, Symantec's head anti-virus researcher, said seems
to be a random selection, unrelated to the virus.

The payload is nasty; it rewrites CMOS memory in BIOS, which
controls a PC's functions when it's first turned on.

That page also has a hit counter on it - last night, there were
3,000. By Friday morning, there were 4,700 hits and the number was
rising. "I don't know if they are just people who've heard
about it and are curious, or hits from people who've been
infected," Weafer said.

As of Friday afternoon, the site had been removed by Geocities.

The virus is not quite as smart as Melissa or Explore.Zip, which
surfaced again earlier this week. It arrives with no subject line
and the message "Here's some pictures for you." Attached is a file
named Pics4You.exe. Melissa and Explore.Zip included personal
messages in the body of the e-mail aimed at convincing victims the
infected e-mail was sent by a colleague.

The virus's infection rate is limited, however. Victims must be
using Microsoft Outlook, and they must have the Microsoft Visual
Basic Virtual Machine, which is included with Windows 98 and
Internet Explorer 5.0. Microsoft is a partner in MSNBC.) Also,
while the virus will be able to spread itself, it won't be able to
execute its destructive payload unless the victim has saved it to
her root directory.

The payload is nasty; it rewrites CMOS memory in BIOS, which
controls a PC's functions when it's first turned on. If the virus
manages to survive on a victim's machine until Jan. 1, when booted
up that day, the user will get a message like "invalid CMOS."

"That has the user thinking it's some kind of Y2K
problem," Weafer said.

When they reboot again, the autoexec.bat file has been altered to
include a command that reformats both local C: and D: drives so all
data is erased.

------------------------------------------------------------

2) NYC Public Housing Authority y2k Checklist
------------------------------------------------------------

The New York City Public Housing Authority y2k Preparedness
Checklist

Basic advice:
prepare as you would for a winter storm by taking the following
precautions

Food-- To prepare for any y2k-related inconvenience, keep dditional
food supplies on hand to last several days. Avoid food that
requires refrigeration or cooking--select foods such as ready-to-
eat canned meats, fruits and vegetables.

Water-- Have stored water on hand-1 gallon of water per person per
day for washing and drinking.

Heat-- In case of y2k-related disruptions in service, have extra
blankets, coats, hats and gloves availible to keep warm.

Light-- Have plenty of flashlights with extra batteries on hand. Do
not use candles for emergency lighting.

Communication-- Develop an emergency plan with family and friends
that will allow you to maintain contact. Have a battery-operated
radio or TV with extra batteries available.

General Safty and other items--

1) Check smoke detectors now. If your smoke detector is hard-wired,
check to see if there is a battery backup; replace battery, if
needed. Notify your Management Office if your smoke detector is not
working.

2) Check your computer-controlled electronic equipment in your home
to determine if they may be affected including VCR's, coffeemakers,
toasters and microwaves. If any electronic equipment has an LCD
display, for instance, if a calendar date appears, it is certain
that the device is date sensitive and y2k vulnerable. Check with
the manufactuer for further information about embedded chips.

3) Have a First Aid Kit on hand.

4) Inventory your household needs-- Where needed, ensure that a
sufficient supply of diapers and baby food is on hand, as well as a
non-electric can opener and a supply of regularly used medications,
prescriptions and regularly purchased personal items.

5) Financial concerns-- Keep copies of financial records. You may
want to contact your financial institutions to inquire about their
y2k compliance.

6) Health concerns-- If you are dependent on electrically-operated
medical equipment, consult your medical practitioner and your
utility company for y2k-related information. In addition, check if
your medical equipment is y2k compliant.

------------------------------------------------------------

3) Watch Your Credit Card Statement!
------------------------------------------------------------

You had better check your December credit card statement for
language like the following.

* * * * * * * * * * *
Importance notice to all cardmembers: Your Cardmember Agreement is
being updated. Please note that from 10 December 1999 your
Cardmember Agtreement is being updated. From that date Paragraph 7c
in your agreement will be replaced with the text below. An updated
Cardmember Agreement will be sent with your next replacement card.

Paragraph 7c will now read: The company is not responsible for any:
i) non acceptance of the card or the way the card is accepted or
declined, ii) failure to carry out our obligations under this
Agreement arising from a systems failure, date or other data
processing failure, industrial dispute or other event outside our
reasonable control, iii) indirect, special or consequential damages
arising under this Agreement.

------------------------------------------------------------

4) Ontario Hydro Recommends Buying Power Generator
------------------------------------------------------------

Ontario Hydro says it's compliant, but recommends being prepared.
It does not mention the 72-hour limit.

A home power generator might be a good idea, too.

Ontario Hydro is suggesting that people stock up on food, water and
emergency supplies just in case, according to a Dec. 3 report in
the Ottawa Citizen.

The list comes under the heading "Be Prepared" in a pamphlet
accompanying a letter being sent to four million Ontario Hydro
customers across the province.

Things people should have on hand include: flashlights, extra
batteries, a battery-operated radio and clock, a cellphone,
candles, waterproof matches, extra blankets, coats, hats and
gloves, plastic garbage bags, a first-aid kit, canned and dried
food, bottled water, disposable tableware and cutlery, and a can
opener.

The Citizen said other things include extra prescription drugs and
health goods, cash, a sleeping bag, toilet paper and a loud whistle
in case you need to let somebody know you need help.

These items should be kept in an area easily located in darkness,
the brochure says.

A power generator might also be a wise investment, but the brochure
urges people to exercise caution: check for approval labels, read
the instruction manual, arrange an inspection by the Electrical
Safety Authority. Ensure that any additional equipment required to
run the machine is included -- a transfer device and proper
connection cords, for example...

Link: http://www.ottawacitizen.com/national/991203/3239131.html

------------------------------------------------------------

5) Power Generators and Computers!
------------------------------------------------------------

Dan Steele, EE

Running a computer or other solid state devices on generator
supplied power can cause overheating and component failures
because the generator supplied voltage has high electrical noise
and harmonics. The generator produced power DEGRADES the COMPUTER
SYSTEM and can actually DESTROY other solid-state devices.

Filter That GENERATOR VOLTAGE!

Continuous power conditioning helps keep you working through
extended brownouts and overvoltages. Sensitive electronic
equipment, such as computers, need the clean, voltage controlled
electric power provided by a Line Conditioner, to assure proper
performance.

That means a constant voltage level free from the electrical
"noise" and harmonics, and voltage variations typical of
GENERATOR SUPPLIED power.

LINE CONDITIONERS  protect against these voltage fluctuations and
reduce the loss of irreplaceable data and damage to your expensive
equipment.

The Netsavers Line Conditioners are recommended by Coleman for
use with their Portable Generators. These Line Conditioners
produce the clean, filtered power that is better for your
computer system.

Netsavers Line Conditioners are microprocessor controlled,
tap switching power conditioners, that automatically correct
brownouts and overvoltages.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

------------------------------------------------------------

6) Y2K: Fix on Failure? Good Luck!
------------------------------------------------------------

I received this e-mail.

* * * * * * * * *

I work in the circuit board industry as a CNC (computer numerical
control) equipment repair engineer, in the Northern California
area. Today I was at a customer's site that has a piece of
equipment that is key to his operation.

His machine had been down for two days. The machine was running
along with no problems when suddenly it locked up. The machine has
a Pentium 75 MHz for its control. When the customer tried to reload
software the machine came up with an "overflow" error message.

The manufacture had never seen this message before. I jokingly
said, "It's probably a Y2K problem." Upon further investigation
found the date was set a month ahead showing 01/01/00 on the
date command from DOS. Set the date back to Nov. of 99 and the
machine powered up with no problems at all.

It really was a Y2K problem.

The customer was assured there were no Y2K issues with his
equipment from the manufacture. The PC is approximately four years
old. Now he is looking at having to purchase a new computer for it.
Now I know what most of the people are say, "It's no big deal, just
set the date back."

The problem is that new files will have older dates than old files.
This will be extremely hard to keep track of. Operators could very
easily delete wrong files.

This was not a life threatening situation, but in other areas of
our economy it could be very disastrous. How about all those
companies that are going to fix on failure? Lots of Luck!

------------------------------------------------------------

7) Y2K Wake-up Call
------------------------------------------------------------

Dan Steele, EE

Most Americans are pretty well numbed by Y2k news. The whole Y2k
thing seems unreal -- at least, less real than the goings on in the
virtual world.

Many can accept the soundness of internet companies with no sales,
negative profit, yet millions of dollars in capitalization. But a
software screw-up because of Y2k? Nah. Can't happen to me.

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems *will* affect you. Electrical problems and sporadic
brownouts will occur, gradually increasing after January 1.

There *will* be internet sites with problems. Shopping carts, and
other CGI-BIN processes will fail at some sites because the perl
scripts weren't checked. Some hosting firms have inadequate
electrical backup... sites can't stay up running on air.

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on them. The electrical noise
will cause computer system degradation, at least, or in some cases,
destruction of solid-state devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally. When
is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too, when you had several files open.

Time to get going. With the holidays FAST approaching, do you
REALLY want to deal with this later??

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://216.156.23.77/NetsaversCenter/index3.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)


------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 85: 12/07/99
------------------------------------------------------------

Down to the Wire!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Down to the Wire!
2) Generators and Computers!
3) Y2K: Fix on Failure? Wrong!

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Down to the Wire!
------------------------------------------------------------

Dan Steele, EE

The classic example of a Y2K problem is a pension payment: You're
eligible for a pension payment now, but when the date field turns
over to "00," the software thinks you haven't been born yet and
thus not are entitled to a pension.

That's a fairly obvious example, but the Y2K dilemma can cause much
more subtle errors. The erroneous date fields might lead to
mistakes in calculations that you won't notice right away. By the
time you do determine you have a problem, its effects might have
become quite significant, leading to unexpected losses and large
errors.

Even testing for Y2K compliance incorrectly might fit into the
"don't try this at home" category -- unless you're sure you know
what you're doing.

There's the story of one do-it-yourselfer who cranked his clock
ahead to see what would happen. The test couldn't be "untested " -
software licenses were invalidated and his system locked up.
Another person had a Y2K problem when his network backup program,
unbeknownst to him, essentially became an "erase most current
version" because the system thought that the current version was an
OLD.

Your own desktop PC may check out fine -- it may be Y2K-compliant,
as they say. But your network may have Year 2000 problems you don't
know about. In other words, "Just because I'm okay and you're okay
individually, doesn't mean we're okay when networked together."

A Lockheed Martin analysis found that half of the Pentium machines
on people's desks needed to be upgraded.

If your NON-Y2K-COMPLIANT PC makes it to January 3, 2000, you might
STILL see some Y2K problems. EVEN IF YOUR Y2K-COMPLIANT COMPUTER
makes it to January 3, 2000, you will STILL HAVE TO BE DILIGENT
about any NEW SOFTWARE that you install, download, restore from
backup, FROM NOW ON!

If your system IS Y2K-COMPLIANT and has the Netsavers NET2000 Total
Software Scanner installed, however, you can easily set up a system
wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well into next
yesr, as will be required!

I really hope that you STUDY THIS LIST because you may have a HARD
TIME TELLING THESE SYMPTOMS APART FROM THOSE OF OVER 3000 Y2K
VIRUSES tht are expected to be unleashed next year!

* Unexpected expiration of passwords, licenses, security cards,
software etc.

* Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

* Operating system asks if you wish to overwrite an "OLD file" that
is really a "NEW" file

* Operating system DOESN'T ASK if you wish to overwrite a file that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to interface with some external applications

* Software development tools/systems (compilers) that automatically
overwrite "old" versions do not perform properly

* Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

* A non-compliant application is accidentally downloaded and run on
your previously Y2K compliant system!

* A non-compliant application is accidentally installed and run on
your previously Y2K compliant system!

* Developers: Changes made to compiled programs suddenly disappear
and problems that have been fixed suddenly reappear after
recompilation of modules

* Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

* Email is launched with each encounter of specific year 2000 date
problems

* Scheduled processes, Email, or applications, are activated at the
wrong time

* Scheduled processes such as archive or delete functions on files
or email are launched at the wrong time

* System date upon powering up is 1980 or some year in the distant
past, or, system date appears normal but file dates are wrong

* Date display (displayed at the "date" command) is wrong or
different from system date

Most of you are sick of Y2k news. Period. Hey, that's fine IF YOU
HAVE ALREADY TAKEN PRUDENT STEPS. The whole Y2k thing seems unreal,
but like the first cold day in January, we are gonna feel it!

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems WILL affect you. Your computer WILL give you problems
if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on a less-than-stellar
generator. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 24 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

2) Generators and Computers!
------------------------------------------------------------

Dan Steele, EE

Running a computer or other solid state devices on generator
supplied power can cause overheating and component failures
because the generator supplied voltage has high electrical noise
and harmonics. The generator produced power DEGRADES the COMPUTER
SYSTEM and can actually DESTROY other solid-state devices.

Filter That GENERATOR VOLTAGE!

Continuous power conditioning helps keep you working through
extended brownouts and overvoltages. Sensitive electronic
equipment, such as computers, need the clean, voltage controlled
electric power provided by a Line Conditioner, to assure proper
performance.

That means a constant voltage level free from the electrical
"noise" and harmonics, and voltage variations typical of
GENERATOR SUPPLIED power.

LINE CONDITIONERS  protect against these voltage fluctuations and
reduce the loss of irreplaceable data and damage to your expensive
equipment.

The Netsavers Line Conditioners are recommended by Coleman for
use with their Portable Generators. These Line Conditioners
produce the clean, filtered power that is better for your
computer system.

Netsavers Line Conditioners are microprocessor controlled,
tap switching power conditioners, that automatically correct
brownouts and overvoltages.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

------------------------------------------------------------

3) Fix on Failure? Wrong!
------------------------------------------------------------

Dan Steele, EE

I received this e-mail * * * * * * * * *

I work in the circuit board industry as a CNC (computer numerical
control) equipment repair engineer, in the Northern California
area. Today I was at a customer's site that has a piece of
equipment that is key to his operation.

His machine had been down for two days. The machine was running
along with no problems when suddenly it locked up. The machine has
a Pentium 75 MHz for its control. When the customer tried to reload
software the machine came up with an "overflow" error message.

The manufacture had never seen this message before. I jokingly
said, "It's probably a Y2K problem." Upon further investigation
found the date was set a month ahead showing 01/01/00 on the
date command from DOS. Set the date back to Nov. of 99 and the
machine powered up with no problems at all.

It really was a Y2K problem.

The customer was assured there were no Y2K issues with his
equipment from the manufacture. The PC is approximately four years
old. Now he is looking at having to purchase a new computer for it.
Now I know what most of the people are say, "It's no big deal, just
set the date back."

The problem is that new files will have older dates than old files.
This will be extremely hard to keep track of. Operators could very
easily delete wrong files.

This was not a life threatening situation, but in other areas of
our economy it could be very disastrous. How about all those
companies that are going to fix on failure? Wrong!

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 79: 11/24/99
------------------------------------------------------------

Y2K Doubletalk

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Government Gets B+ for Y2K progress
2) Y2K Wake-up Call
3) Iran blames 'Great Satan' for Y2K bug
4) Doubletalk About Saudi Arabia
5) Weight Watchers Reverts to Manual
6) Computers and Generators

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Government Gets B+ for Y2K progress
------------------------------------------------------------

Erich Luening, CNET News.com

[Ed.: B+ After a Generous Curve -- this is grading on a very
lenient curve. They took out the systems that don't work because
state systems don't work.]

With 39 days left before January 1, 2000, the federal government
today earned a passing grade for its progress in fixing the Year
2000 technology problem.

In its final report card on the government's efforts to combat Y2K,
the House Subcommittee on Government Management, Information and
Technology gave the government a B+, although a few agencies are
still behind in their efforts and some programs weren't issued a
grade at all.

In a change from previous surveys, the chairman of the
subcommittee, Rep. Stephen Horn (R-Calif.) decided not to issue
grades for more than 40 vital government programs, including
Medicaid and Medicare. As the committee sees it, many programs
dependent on the states and private organizations are not
completely ready for the transition to 2000.

"The executive branch has made great strides in fixing and testing
mission-critical systems," Horn said. "However, we have serious
concerns with some of the nation's most essential programs,
affecting millions of Americans."

When the subcommittee released its previous report in September, it
examined the Year 2000 readiness of 43 federal programs, which were
designated as "high impact" programs by the Office of Management.

"In September, only seven of the 43 programs were ready for the
Year 2000. Now agencies report that 25 programs are ready. Although
their Year 2000 compliance has tripled this quarter, 18 programs
remain at risk of failure.

At this date the simple question is: Are you ready or not?"

In September, the subcommittee issued separate grades for the first
time to agencies for the readiness of 43 programs designated "high
impact" by the Office of Management and Budget. Suddenly, agencies
sporting A and B ratings for their own work found themselves on the
laggard team because of state or private programs rated D or F with
only a few months left until the Year 2000 rollover.

Among those agencies with programs not ready for the Year 2000 is
Health and Human Services, with nine programs unprepared for the
date change; the Department of Labor has one program not ready; the
Department of Agriculture has five programs not ready; the
Department of Education has just one not ready; and the Department
of Transportation has two not ready.

Because of the new grading system, which separates those "high
impact" programs from the whole grade of the actual department,
many agencies with programs that are not yet ready still faired
well on the total report card.

For example, although HUD's public housing program is not ready for
the Year 2000, the agency itself received an A, which is the same
grade given the Department of Labor. The Department of Agriculture,
with four programs listed as not ready in the report card, still
received an all around grade of A minus.

"In all, twelve departments and agencies report that their mission-
critical systems are 100 percent ready," Horn said in a statement.
"I commend those organizations and their managers for a job well
done… Four departments--Defense, Health and Human Services,
Justice and Treasury--still have a few mission-critical systems to
fix."

The Justice Department was the only agency to get a worse grade
than it received in the last report card. Justice was dropped from
a C minus to a D.

In addition, the Defense Department was bumped up from its previous
grade of D to C plus. Health and Human Services maintained its C
rating, while the Treasury Department moved up slightly from a C
minus to C.

The administration overall, moved up from B minus in September to B
plus today.

"With one exception, federal departments and agencies have greatly
improved in the "additional criteria" categories of developing and
testing contingency plans, fixing and testing telecommunications
systems, testing external data exchanges, identifying embedded
systems and completing verification efforts," Horn said.

The most troubling exception is Justice, which still has three
mission-critical systems to fix and has not completed work in any
of the "additional criteria" categories, Horn said.

"The department does have a contingency plan. But the plan is
worthless because it has not been tested," he said.

Horn also highlighted the Internal Revenue Service's efforts as
lagging behind because the agency is still checking the inventory
of its computers at field locations--the first step in fixing the
Y2K problem, according to Horn.

The so-called millennium bug refers to the fact that many computers
are programmed to register only the last two digits of the year,
meaning that "2000" may be read as "1900." If left uncorrected,
such programs could generate errors and scramble the computers that
companies use to keep track of customers, run their payrolls,
handle their accounts, run elevators and monitor air traffic.

------------------------------------------------------------

2) Y2K Wake-up Call
------------------------------------------------------------

Dan Steele, EE

Most Americans are pretty well numbed by Y2k news. The whole Y2k
thing seems unreal -- at least, less real than the goings on in the
virtual world.

Many can accept the soundness of internet companies with no sales,
negative profit, yet millions of dollars in capitalization. But a
software screw-up because of Y2k? Nah. Can't happen to me.

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems *will* affect you. Electrical problems and sporadic
brownouts will occur, gradually increasing after January 1.

There *will* be internet sites with problems. Shopping carts, and
other CGI-BIN processes will fail at some sites because the perl
scripts weren't checked. Some hosting firms have inadequate
electrical backup... sites can't stay up running on air.

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on them. The electrical noise
will cause computer system degradation, at least, or in some cases,
destruction of solid-state devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally. When
is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too, when you had several files open.

Time to get going. With the holidays FAST approaching, do you
REALLY want to deal with this later??

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://216.156.23.77/NetsaversCenter/index3.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://216.156.23.77/NetsaversCenter/index3.html

------------------------------------------------------------

3) Iran blames 'Great Satan' for Y2K bug
------------------------------------------------------------

Reuters

Iran's 20-year-old breach with the United States has come back to
haunt it in the form of the Y2K computer bug, an obscure legacy
of Western technological domination.

Islamic Iran's unique solar calendar may read year 1378, but it
must grapple nonetheless with the feared after-effects of a Western
computer shortcut timed to the start of the next Christian
millennium.

Experts worry that an old method of recording dates on software and
chips controlling electronic systems could go haywire when clocks
strike midnight on Dec. 31.

Most at risk, say Iranian engineers, is the large installed base of
aging U.S. technology, largely dating back to before the 1979
Islamic Revolution.

Much of it involves so-called embedded systems, monitors and
controllers largely hidden from view and long-forgotten.

The lack of ties with Washington and the strict U.S. technology
embargo against Iran mean experts here are engaged in a game of
hide-and-seek -- often without a map.

Most other developing countries face related challenges. Some
overseas vendors have gone out of business, abandoned old product
lines, or are simply unable to meet all requests for help from
their customers.

However, technology sanctions imposed by the United States,
routinely denounced here as the "Great Satan," have added an extra
challenge to Iran's Y2K effort.

"We received a letter from the telecom ministry that they were
looking for some information from Hughes company... to tell them
whether they are Y2K-compliant or not," said Mohammad Sepehri-Rad,
Iran's Y2K coordinator.

"But they have not been successful in getting it," he told
Reuters in a recent interview.

Sepehri-Rad, secretary of the High Council of Informatics, said
similar problems have been encountered at Iran's two newest oil
refineries, which have U.S.-sourced equipment.

"None of our refineries, except two, has any problem (because)
they have no date-related embedded systems. There are only two such
refineries, one in Arak and one in Bandar Abbas."

No help available

Appeals to the U.S. government and firms, passed through the United
Nations, have also gone nowhere.

"I got word just a few days ago saying they have still not been
successful in getting any help. Even the United Nations cannot get
through," Sepehri-Rad said.

A spokesman for Hughes Electronics, a unit of General Motors, said
the firm had turned down an upgrade request for Iran, relayed by
INTELSAT, the global satellite cooperative.

The Y2K fixes were intended for Hughes' VSAT private networks used
by Iran's telecommunications authority and its central bank.

"We had to turn them down because that's not permitted under U.S.
regulations," said Richard Dore, a spokesman in Los Angeles
for Hughes Electronics.

Despite these difficulties, Iranian experts are cautiously
optimistic they will manage the changeover to 2000.

In fact, they say, the turmoil of the 1979 revolution, the 1980-
1988 war with Iraq, and general isolation from the outside world
has insulated Iran from some of the dangers of Y2K.

Iran suffered from a "technology gap" due to the revolution and the
war, said Parviz Naseri, a private Y2K consultant to the Iranian
government.

Many of the oldest systems are less automated and thus less
vulnerable, while the most recent ones are already Y2K-ready, he
said.

"Most technology is pre-1979, or very recent. Also, many of the
features in industrial process control, reliant on date and time,
are not being used here." Naseri said. "In the power ministry we
have examples of this. They have the instruments, but they have not
used all the fully-automated features."

Iran can also take comfort in the low-tech nature of banking,
government services and most industry.

Even the U.S. embargo has had a bright side: forced to rely on
their own devices for so long, many state organizations wrote their
own programs from scratch, basing them on the Iranian calendar.

Where old IBM mainframes were involved, they have been traded for
newer models or third-party solutions. Desktop PCs have been
upgraded, or swapped to non-critical uses.

"In our view, only 10 percent of the difficulty lies in IT. It is a
problem, it is being treated, and it has been mainly solved,"
Naseri said.

Air travel, Missiles

Iran's main air traffic control system has been certified Y2K
compliant by international experts. And international military
attaches say they are satisfied with the safety of Iran's missiles
and other advanced weaponry.

Boeing and Airbus, chief suppliers to Iran Air, have guaranteed
their aircraft as ready for the changeover. However, doubts remain
about the Russian-built marine fleet.

As a precaution, the oil ministry has ordered all liquid fuel tanks
at Iran's power plants, which generally run on natural gas, to be
filled ahead of Jan. 1.

Health workers are concerned that some high-tech medical devices
may stumble on Jan. 1, a fear common to many countries. And banks
plan to print all customers' balances just ahead of Jan. 1, in case
their systems fail.

For his part, Y2K guru Sepehri-Rad is confident Iran is as prepared
as it can be for what is, in the final analysis, a largely
unpredictable event.

Still, he says Iran might declare Jan. 1, normally a working day, a
one-time holiday. "It has been suggested to the government to make
it a holiday," he said. "Just to be on the safe side."

------------------------------------------------------------

4) Doubletalk About Saudi Arabia
------------------------------------------------------------

Is Saudi Arabia going to make it? It does not look like it from
this report -- not when the good news is stockpiles of oil in
reserve.

Giant Gulf oil producers are scrambling to exterminate the Year
2000 millennium bug with no guarantees that they will be able to
thwart the potential computer glitch from sabotaging millions of
dollars in exports, according to a Nov. 22 Reuters story published
by Yahoo!

From Saudi Arabia -- the world's biggest exporter -- to smaller
Gulf oil countries like Oman, state firms seem confident they will
keep the oil flowing.

A U.S. Senate report on the Y2K status of oil imports based on data
from information technology research firm Gartner Group (NYSE:IT -
news) put Saudi Arabia and Kuwait in the ''high risk of
disruption'' category. It left a question mark over Iraq, Reuters
reported.

But experts say OPEC kingpin Saudi Arabia appears to be in the
strongest position to combat the bug in the region.

''Saudi Aramco acknowledges that there remains a risk of Year 2000
associated business interruptions. To meet this challenge, the
company must be prepared to manage the risk,'' the state oil firm
said on its regularly updated Y2K Web site.

Oil experts said Saudi Arabia could always draw on its vast
worldwide oil resources to cope with any Y2K problems, Reuters
said.

''The Saudis have got so much excess capacity that even if there
were some problems I can't see anything but a temporary problem,''
said Mehdi Varzi of Dresdner Kleinwort Benson.

''They have got tens of millions of barrels stored outside Saudi
Arabia. This tends to minimize fears,'' he added.

The Reuters report said that major importers like the United
States, dependent on Gulf oil, are not taking any chances. They are
expected to stock up on supplies ahead of the New Year.

U.S. oil companies that have made fortunes in the Gulf have spent
years and millions of dollars preparing for Y2K.

''We conducted tests in our operations in Saudi Arabia, Bahrain and
Qatar and we are in good shape,'' said a Chevron Corp. official
based in the Gulf.

Hard facts on exactly what preparations have been made and how much
money has been spent on Y2K compliance efforts in the Gulf are
difficult to obtain.

Iran is one of the world's biggest producers but its computer
systems are old, raising questions about how vulnerable OPEC's
second largest producer will be to the millennium bug.

The head of the country's Y2K compliance program has said Iran's
two newest refineries at Bandar Abbas and Arak face possible
disruptions but other complexes are not vulnerable because they do
not have date-embedded computer systems, the Reuters story said.

''It's so difficult to know the honest answer. My only view on the
Iranian side is that not all the industry has been fully
computerized, only in the past year or two,'' said Dresdner
Kleinwort Benson's Varzi.

''Until now a lot of the oil well logging is done by hand. I don't
think Iran has too much to worry about also because it has 30
million odd barrels stored in Gulf tankers ready to go.''

Some Middle East oil veterans are playing down the computer glitch
issue.

``These countries have an amazing ability to fix things when they
go wrong. It could cause some hiccups but I am sure they will take
care of it,'' said a U.S. oil executive.

Link: http://dailynews.yahoo.com/h/nm/19991122/tc/yk_gulf_1.html

------------------------------------------------------------

5) Weight Watchers Reverts to Manual
------------------------------------------------------------

Weight Watchers International has a unusual recipe for trimming
down its potential Y2K problems: It's getting rid of its computers,
according to a Los Angeles Times story published Nov. 22 by the San
Francisco Chronicle.The Woodbury, N.Y., weight- control business
today will begin eliminating all electronic registers at its
centers and revert to a manual record-keeping system.

Employees at hundreds of company centers will adhere to a strict
regimen of pen and paper by Dec. 19, the Times reported. Client
attendance at meetings, merchandise sales and points earned, for
instance, will all be noted on company forms kept in folders.

Industry analysts expressed surprise at the company's seemingly
Luddite approach to the year 2000. ''Really! Oh, goodness,'' said
Stephanie Moore, director of Giga Information Group of Cambridge,
Mass., specialists in aiding large companies become Y2K compliant.

But Moore also said the measure makes sense. Advisers recommend
that companies identify a variety of alternatives to deal with
potential Y2K problems, ''and one of those strategies is manual.''

Weight Watchers was sold in September by H.J. Heinz Co. for $735
million to Artal Luxembourg, S.A., a European private investment
company, the Times said.

Link: http://www.sfgate.com/cgi-
bin/article.cgi?file=/chronicle/archive/1999/11/22/BU63541.DTL

------------------------------------------------------------

6) Computers and Generators
------------------------------------------------------------

Dan Steele, EE

Recently Coleman Powermate, a leading Portable Generator
manufacturer, recommended using the Netsavers Y2K Line Conditioner,
in-line with their generator, when powering solid state devices and
computer equipment. This is now included in their Operations
Manual.

Running a computer or other devices with solid state components
from a generator can cause equipment overheating and degradation,
even component failures, because the generator supplied electricity
has a high electrical noise and harmonics content.

Coleman recommends the use of the Netsavers Line Conditioner if you
intend to run any solid state devices on generator power. Simply
plug the Netsavers Line Conditioner into a generator outlet and
plug your PC and other electronic equipment into the Netsavers Line
Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

------------------------------------------------------------

6) White House Urges Calm for Pre-Y2K Grocery Buying
------------------------------------------------------------

Reuters

The Clinton administration Thursday urged consumers not to panic
and hoard milk, bread and toilet paper before Dec. 31 out of fear
that the so-called Y2K bug will cause grocery shortages.

In fact, grocery stores around the country have cleared their
computer systems of any Y2K glitches and will have plenty of food
on hand to greet the new year, U.S. officials and industry groups
said.

``The food system is not at risk from the Y2K computer bug,'' U.S.
Agriculture Secretary Dan Glickman said standing near the meat
aisle in a crowded Giant grocery store in suburban Washington, D.C.

``We are urging consumers to relax and treat the new year just like
they would any long holiday weekend,'' he said, speaking above
pinging elevator music to a hoard of reporters.

The Y2K glitch refers to a design flaw that could trip unprepared
computers and the systems they control on Jan. 1.

There had been concern that several operations at grocery stores,
including the computer-run scanners at the checkout aisles, would
fall victim to the Y2K bug. But the grocery industry assured that
they were largely ready for 2000 after spending billions of dollars
to fix any problems.

Officials cautioned, however, that there could be isolated
problems, but that they were prepared to quickly ship food to those
locations.

The biggest concern voiced Thursday was that people would panic and
wipe out grocery store shelves, only to have the extra food rot at
home.

John Koskinen, chairman of the President's Council on Y2K, said
consumers should have a couple of days' worth of food on hand and
should buy nonperishable items, such as canned goods, water and
toilet paper, before the Christmastime rush.

``It helps to prepare early,'' he said.

Grocery stores generally keep between 30 and 60 days' of food on
hand, either in the store or in nearby warehouses. Some stores have
added a couple of extra days' worth to their supplies, industry
groups said.

``Unless people panic unnecessarily, there will be plenty of food
on hand,'' said John Block, President of Food Distributors
International and a former Agriculture Secretary.

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 86: 12/08/99
------------------------------------------------------------

Virus Spreads, Posing as Y2K fix

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Y2K Virus Discovered
2) Virus Spreads, Posing as Y2K fix
3) 'Locusts' Infesting E-Commerce
4) Down to the Wire!
5) Generators and Computers!

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Virus Discovered
------------------------------------------------------------

Sherman Fridman, Newsbytes

It's unclear whether the biblical nomenclature was intended to
invoke images of Armageddon, but a new and unique type of virus,
called "W95.Babylonia" has just been detected according to the
Symantec Antivirus Research Center (SARC).

In an interview with Newsbytes, Vincent Weafer, director of SARC,
said that that this virus is very complex, that infected computers
would be very difficult to fix, and that it is unique in its method
of operation.

According to Weafer, the virus, which was first reported to
Symantec Monday, was planted in various Internet newsgroups and
spread from there. Due to this fact, most of the reports of virus
infection have come from home users, rather than business users.

Geographically, the virus has been reported in Europe, the US, and
in the Asia/Pacific areas.

The virus is unique because it has the ability to download its
viral components from the Internet. When the virus arrives on a PC
user's system it will wait until the user makes an Internet
connection.

When the virus detects that the computer has accessed the Internet,
it causes access to be made with a Web server located in Japan.
Because the virus has such capability, Weafer said that it is
possible for the virus writer to update the virus - and its
effects on infected PCs - daily, hourly, or every second.

And, because the virus is updateable, the results of being infected
with the virus can also change.

Weafer confirmed that W95.Babylonia is not spread primarily by
opening infected e-mail. Rather, the virus is very complex,
propagating to other computer users mainly via MIRC, a text-based
communications application used to chat over the Internet.

When an infected user logs onto MIRC, it will automatically send
the virus to everyone within the same MIRC chat room as the
infected user.

The virus will be sent as a Y2K bug fix, and once this purported
bug fix is executed, it will infect 32-bit EXE program files and
also Windows Help files.

According to SARC, the virus will try to modify an infected system
to display the following message when the computer is booted:

W95/Babylonia by Vecna (c) 1999 Greetz to RoadKil and VirusBuster
Big thankz to sok4ever webmaster Abracos pra galera brazuca!!! ---
Eu boto fogo na Babilonia!

The virus, which has gotten a "Medium/High Risk" rating from SARC,
can be blocked with a download available from Symantec at
http://www.symantec.com .

------------------------------------------------------------

2) Virus Spreads, Disguised as Y2K fix
------------------------------------------------------------

ANICK JESDANUN, Nando Media

Computer security experts warned Tuesday of a new virus that can
update itself with potentially destructive instructions from a Web
site.

The first of its kind, this virus primarily affects home computers
and spreads through Microsoft software used for chat rooms. The
W95.Babylonia virus comes disguised as a Y2K fix, making it the
sixth known virus preying on the Year 2000 glitch.

David Perry, director of public education at Trend Micro Inc.,
identified the virus' most worrisome aspect as its ability "to add
new capabilities as it rolls along."

The virus writer can effectively control the infected computer
remotely. Anti-virus experts worked to identify the specific
commands for the virus, aware these could include erasing files and
grabbing sensitive information.

Trend Micro and other makers of anti-virus software reiterated
warnings against accepting unsolicited files and urged computer
users to update virus-detection software. But because this virus
spreads through chat rooms, users should turn off any auto-download
features.

Unlike most viruses, which spread primarily by e-mail,
W95.Babylonia takes advantage of chat rooms and makes home users
more prone to infection. Few companies use chat rooms for business,
although sometimes employees sidestep rules prohibiting personal
use.

When an infected user logs on to a chat room using MIRC chat
software, the virus gets sent as a Y2K bug fix to anyone else in
that chat room. If the user accepts the software, the virus will
install itself and later obtain several files from Japan. Those
files, in turn, carry instructions affecting the user's computer.

"There's nothing else even close to it," said Vince Gullotto,
director of Network Associates' anti-virus research team.

Vincent Weafer, anti-virus research director at Symantec Corp.,
said the virus can spread by e-mail as well, though home e-mail use
is not as heavy as that of businesses. Thus, he said, this virus is
not likely to spread as quickly as other viruses.

Discovery of the new virus comes days after experts detected a
virus timed to erase disks on Jan. 1 by posing as a Y2K problem.
All told, there are three viruses known to trigger in the new year.
Three others spread by posing as Y2K software and act immediately.

The end of the millennium is prime time for many virus writers,
security experts warn.

"I suspect we will see a (Y2K) virus at least every couple of days
between now and the end of the year," said Perry, the Trend Micro
official. "If you were going to release a Y2K virus, this would be
the time to do it."

------------------------------------------------------------

3) 'Locusts' Infesting E-Commerce
------------------------------------------------------------

Reuters

LONDON -- International online law enforcers warned Tuesday they
were seriously behind in tackling Internet crime, and said
cybercrime might prove a major threat to countries as well as
businesses.

Michael Vatis, director of the FBI's national infrastructure
protection center, told a meeting of business and legal executives
there was a rising trend of attacking countries through private
companies and civilian systems.

"Companies and private-sector entities are the new targets for
terrorism and acts of war," he said. "This is a problem that's
really spreading rapidly and will affect all of us."

No figures exist for Internet crime but Brian Jenkins, an adviser
to the International Chamber of Commerce which organized the
meeting, said online crime seems to be growing faster than the Net
itself.

Jenkins listed an "electronic bestiary" of criminals -- from money
launderers to identity thieves to cyber-stalkers -- using elaborate
and easy-to-access technologies.

He described Internet criminals who attempt to dupe online
consumers as "locusts."

"They will infest e-commerce and are capable of consuming a great
amount of wealth if unchallenged," Jenkins said.

The value of electronic commerce between businesses alone was
recently forecast by brokerage Goldman Sachs to rise to US$1.5
trillion in 2004, from $114 billion in 1999.

Yet more explosive growth has been in corporate espionage, mostly
carried out by insiders but made easier by the networked computer
systems that are replacing stand-alone systems.

An ICC survey said reports from organizations that their networks
had been hacked into tripled between 1997 and 1998, even though
other surveys have found half of systems' managers were unaware of
any intrusion.

Electronic sabotage -- especially through viruses -- could lead to
major ransom demands with the threat of system wipe-out.

"We're not looking for policemen anymore. We're looking for
technicians," said Raymond Kendall, secretary-general of Interpol.

While cybercrime could be tackled at some levels through
partnerships with business, officials said this was limited by
national legal constraints and confidentiality concerns among
companies.

------------------------------------------------------------

4) Down to the Wire!
------------------------------------------------------------

Dan Steele, EE

The classic example of a Y2K problem is a pension payment: You're
eligible for a pension payment now, but when the date field turns
over to "00," the software thinks you haven't been born yet and
thus not are entitled to a pension.

That's a fairly obvious example, but the Y2K dilemma can cause much
more subtle errors. The erroneous date fields might lead to
mistakes in calculations that you won't notice right away. By the
time you do determine you have a problem, its effects might have
become quite significant, leading to unexpected losses and large
errors.

Even testing for Y2K compliance incorrectly might fit into the
"don't try this at home" category -- unless you're sure you know
what you're doing.

There's the story of one do-it-yourselfer who cranked his clock
ahead to see what would happen. The test couldn't be "untested " -
software licenses were invalidated and his system locked up.
Another person had a Y2K problem when his network backup program,
unbeknownst to him, essentially became an "erase most current
version" because the system thought that the current version was an
OLD.

Your own desktop PC may check out fine -- it may be Y2K-compliant,
as they say. But your network may have Year 2000 problems you don't
know about. In other words, "Just because I'm okay and you're okay
individually, doesn't mean we're okay when networked together."

A Lockheed Martin analysis found that half of the Pentium machines
on people's desks needed to be upgraded.

If your NON-Y2K-COMPLIANT PC makes it to January 3, 2000, you might
STILL see some Y2K problems. EVEN IF YOUR Y2K-COMPLIANT COMPUTER
makes it to January 3, 2000, you will STILL HAVE TO BE DILIGENT
about any NEW SOFTWARE that you install, download, restore from
backup, FROM NOW ON!

If your system IS Y2K-COMPLIANT and has the Netsavers NET2000 Total
Software Scanner installed, however, you can easily set up a system
wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well into next
yesr, as will be required!

I really hope that you STUDY THIS LIST because you may have a HARD
TIME TELLING THESE SYMPTOMS APART FROM THOSE OF OVER 3000 Y2K
VIRUSES tht are expected to be unleashed next year!

* Unexpected expiration of passwords, licenses, security cards,
software etc.

* Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

* Operating system asks if you wish to overwrite an "OLD file" that
is really a "NEW" file

* Operating system DOESN'T ASK if you wish to overwrite a file that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to interface with some external applications

* Software development tools/systems (compilers) that automatically
overwrite "old" versions do not perform properly

* Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

* A non-compliant application is accidentally downloaded and run on
your previously Y2K compliant system!

* A non-compliant application is accidentally installed and run on
your previously Y2K compliant system!

* Developers: Changes made to compiled programs suddenly disappear
and problems that have been fixed suddenly reappear after
recompilation of modules

* Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

* Email is launched with each encounter of specific year 2000 date
problems

* Scheduled processes, Email, or applications, are activated at the
wrong time

* Scheduled processes such as archive or delete functions on files
or email are launched at the wrong time

* System date upon powering up is 1980 or some year in the distant
past, or, system date appears normal but file dates are wrong

* Date display (displayed at the "date" command) is wrong or
different from system date

Most of you are sick of Y2k news. Period. Hey, that's fine IF YOU
HAVE ALREADY TAKEN PRUDENT STEPS. The whole Y2k thing seems unreal,
but like the first cold day in January, we are gonna feel it!

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems WILL affect you. Your computer WILL give you problems
if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on a less-than-stellar
generator. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 24 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

5) Generators and Computers!
------------------------------------------------------------

Dan Steele, EE

Running a computer or other solid state devices on generator
supplied power can cause overheating and component failures
because the generator supplied voltage has high electrical noise
and harmonics. The generator produced power DEGRADES the COMPUTER
SYSTEM and can actually DESTROY other solid-state devices.

Filter That GENERATOR VOLTAGE!

Continuous power conditioning helps keep you working through
extended brownouts and overvoltages. Sensitive electronic
equipment, such as computers, need the clean, voltage controlled
electric power provided by a Line Conditioner, to assure proper
performance.

That means a constant voltage level free from the electrical
"noise" and harmonics, and voltage variations typical of
GENERATOR SUPPLIED power.

LINE CONDITIONERS  protect against these voltage fluctuations and
reduce the loss of irreplaceable data and damage to your expensive
equipment.

The Netsavers Line Conditioners are recommended by Coleman for
use with their Portable Generators. These Line Conditioners
produce the clean, filtered power that is better for your
computer system.

Netsavers Line Conditioners are microprocessor controlled,
tap switching power conditioners, that automatically correct
brownouts and overvoltages.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 87: 12/10/99
------------------------------------------------------------

Deutsche Bank Suffers Y2K Shutdown!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Deutsche Bank Suffers Y2K Shutdown!
2) Poison Null, Upload Bombing Web Attacks!
3) Y2K Virus Loses Home Page
4) Down to the Wire!
5) Problems With New Daytona Y2K-Compliant Computer
6) Y2K Buying Panic Hits Australia
7) Busy Signal Paralysis
8) Japan Will Deploy Special Y2K Troops

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Deutsche Bank Suffers Y2K Computer Shutdown
------------------------------------------------------------

When bank A cannot settle accounts with bank B, and bank B cannot
settle accounts with bank C, we have the beginning of Greenspan's
cascading cross defaults. He warned the House Banking Committee
about this on Oct. 1, 1998.

Big banks can get into trouble when their computers fail. Here is a
recent example.

Deutsche Bank has been forced to apologise to many of the world's
leading financial institutions after its worst-ever computer
problem, according to a Dec. 7 article in the Financial Times.

On Dec. 1, a systems problem at the German bank's central site
outside Frankfurt meant it was unable to participate in the
international clearing of interbank payments.

Deutsche declined to give further details, but on Dec. 6 an
executive said the unprecedented one-day halt to payments to major
international counterparties was the most severe technology problem
it had experienced.

The system normally deals with about 100,000 transactions an hour,
but the bank was unable to use its back-up system because it
contained the same software problem.

During the 10-hour shutdown on Dec. 1 Deutsche tried to clear the
largest payments manually, but the huge volume of transactions
meant many could not be handled until the next day, when the system
was functioning again.

The bank has been forced to offer interest payments to banks to
which it owed money. Executives say it cleared - or settled - all
outstanding trades with counterparties by close of business on Dec.
2.

Deutsche Bank has been telling European and U.S. banks that the
problem was un-related to the Year 2000 computer issue, BUT the
problem occurred after the installation of new Y2K compliant
software in an IBM operating system.

The system failure has heightened concerns at U.S. and European
banks about the possible impact of the millennium computer problem,
the article said.

Competitors were yesterday questioning why Deutsche would choose to
install crucial new Y2K compliant software just a few weeks ahead
of Jan. 1.

Link: http://www.ft.com/hippocampus/q2f8566.htm

------------------------------------------------------------

2) Poison Null, Upload Bombing Web Attacks!
------------------------------------------------------------

Lee Kimber, TechWeb

Up to 80 percent of websites could be vulnerable to a slew of new
attacks capable of giving crackers control of Internet Web servers.

The newly discovered Poison Null and Upload Bombing security
attacks could let crackers cripple many interactive websites,
according to their authors.

Both attacks exploit vulnerabilities in CGI programs that translate
between the HTML used in Web pages and the servers that run
interactive websites, their authors said.

Each attack works in a different way. The Poison Null attack could
let crackers see the contents of directories, and in some cases,
read and modify files on Web servers. The hacker known as "rfp"
that discovered the Poison Null attack tested several commonly used
Perl CGI scripts for the vulnerability before he publicized his
findings on the hacker website Phrack.

He tested the attack on several scripts that are freely available
for Web builders to download from sites such as Matt's Script
Archive and Free Code.

Many Web-hosting companies also offer the scripts to customers as
part of their hosting package. A TechWeb search using AltaVista
found 112,000 examples of websites running just one of the
vulnerable scripts.

The Poison Null attack's mechanism is complex. It masks system
commands from CGI security checks by hiding the commands behind a
'null byte' -- a packet of data that CGI scripts do not detect
unless specifically programmed to look for them.

Bug warning sites such as Bugtraq have alerted users to similar
problems with other programs, including C++, but Perl's widespread
use on the Web puts the flaw directly in front of millions of
potential crackers.

Tim O'Reilly, chairman of computer publisher O'Reilly Associates,
estimates Web developers use Perl to build around 80 to 90 percent
of interactive websites.

The fault lies not with Perl itself, but with developers who do not
appreciate the complex way in which Perl scripts interact with the
other programming languages used in Web servers, rfp said.

The Upload Bombing attack only affects websites that encourage
visitors to upload files, including job hunt sites that accept
resumes and classified ad sites that encourage users to upload
pictures of items for sale, it's author said.

The attack method -- published in the latest edition of 2600: The
Hacker Quarterly -- could bring awebsite to a standstill by filling
its hard disk space with useless files.

It relies on the fact that few CGI upload programs check how often
a visitor has uploaded a file. The developers of most upload
programs simply deny access to large files to protect disk space.

2600 included an example of a program that crackers could use to
automate the attack.

One analyst said there is a widespread threat of attack on Web
servers, but the damage is tempered by security measures.

"The threat may be the equivalent of graffiti on the wall," said
Frank Prince, corporate infrastructure research analyst at
Forrester Research. "It depends on what's on the other side of the
system."

Prince said CGI attacks are common, but that companies hosting
multiple websites on one server use good security practices to
restrict the damage to the server space owned by the attacked
customer. The threat depends entirely on the company that owns it.

Small companies are common targets for Web crackers he added,
because they use free Web scripts and have poor security
practices.

------------------------------------------------------------

3) Y2K Virus Loses Home Page
------------------------------------------------------------

Bob Sullivan, MSNBC

The Webmaster of a Japanese Web page that collects computer virus
information has removed the Babylonia virus from the site, saying,
"Its activity doesn't match my policy."

The new virus attracted researchers' attention because it was
clever enough to sneak onto a victim's computer in pieces and
update itself with fresh code.

The first piece of the Babylonia virus - called the "stub" by
researchers - can arrive posing as a Y2K fix. Once a user is
tricked into opening it, the other four pieces were pulled into the
victim's computer from the infamous virus-hosting Web site located
in Japan.

By Tuesday morning, 25 customers of the antivirus firm Symantec
Corp. (Nasdaq: SYMC ) were infected by W95.Babylonia, and about 25
Network Associates customers had also been infected.

Risk evaluationThe "payload" is not serious: The program does not
attempt to delete or copy user files, and so far the virus has been
transmitted principally in Internet Relay Chat (IRC) rooms. But
Symantec says the risk is serious anyway.

"This doesn't do the damage of a worm.explorer.zip, for example,
but we're still worried," Symantec researcher Eric Chien said. "At
this very second the virus writer could be putting up new code on
the Web site that will reformat your drive."

Victims who contract the virus have their computers directed to the
Web site hosted in Japan that is no longer operating; it was
apparently authored by a member of the "29A" virus writing group.

After initial infection, three additional pieces were downloaded to
the victim's computer, according to Symantec. The second piece
modifies the virus to display a message on boot-up; the third turns
the virus into a worm that spreads over IRC; and the fourth sends
e-mail to babylonia_counter@..., probably so the virus
writers can follow the program's infection rate.

There are two advantages to splitting up the virus. First, the
initial download is small, making infection more likely. Second,
the author can later choose to change the virus and add a more
destructive payload. Chien said the virus might also be changed to
circumvent detection by antivirus products.

"It's the first we've ever seen that actually contacts a Web site
to gather more pieces for itself," Chien said. A Java-based virus
named BeanHive attempted the strategy in the past but never caused
any real infections, he said. "This is the first we've seen that's
effective."

The virus is unique in other ways. It's the first that's able to
infect Windows help files, according to Vince Gullotto, director of
Network Associates ' anti-virus research team. Gullotto was also
concerned the initial virus will act like an application
programming interface, allowing multiple program authors to
"update" its payload.

"This guy wrote it, but the rest of his mates in 29A could be
writing other applications as well," he said.

An infected machine will display the message: "W95/Babylonia by
Vecna (c) 1999 Greetz to RoadKil and VirusBuster Big thankz to
sok4ever webmaster. Abracos pra galera brazuca!!! Eu boto fogo na
Babilonia!"

------------------------------------------------------------

4) Down to the Wire!
------------------------------------------------------------

Dan Steele, EE

The classic example of a Y2K problem is a pension payment: You're
eligible for a pension payment now, but when the date field turns
over to "00," the software thinks you haven't been born yet and
thus not are entitled to a pension.

That's a fairly obvious example, but the Y2K dilemma can cause much
more subtle errors. The erroneous date fields might lead to
mistakes in calculations that you won't notice right away. By the
time you do determine you have a problem, its effects might have
become quite significant, leading to unexpected losses and large
errors.

Even testing for Y2K compliance incorrectly might fit into the
"don't try this at home" category -- unless you're sure you know
what you're doing.

There's the story of one do-it-yourselfer who cranked his clock
ahead to see what would happen. The test couldn't be "untested " -
software licenses were invalidated and his system locked up.
Another person had a Y2K problem when his network backup program,
unbeknownst to him, essentially became an "erase most current
version" because the system thought that the current version was an
OLD.

Your own desktop PC may check out fine -- it may be Y2K-compliant,
as they say. But your network may have Year 2000 problems you don't
know about. In other words, "Just because I'm okay and you're okay
individually, doesn't mean we're okay when networked together."

A Lockheed Martin analysis found that half of the Pentium machines
on people's desks needed to be upgraded.

If your NON-Y2K-COMPLIANT PC makes it to January 3, 2000, you might
STILL see some Y2K problems. EVEN IF YOUR Y2K-COMPLIANT COMPUTER
makes it to January 3, 2000, you will STILL HAVE TO BE DILIGENT
about any NEW SOFTWARE that you install, download, restore from
backup, FROM NOW ON!

If your system IS Y2K-COMPLIANT and has the Netsavers NET2000 Total
Software Scanner installed, however, you can easily set up a system
wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well into next
yesr, as will be required!

I really hope that you STUDY THIS LIST because you may have a HARD
TIME TELLING THESE SYMPTOMS APART FROM THOSE OF OVER 3000 Y2K
VIRUSES tht are expected to be unleashed next year!

* Unexpected expiration of passwords, licenses, security cards,
software etc.

* Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

* Operating system asks if you wish to overwrite an "OLD file" that
is really a "NEW" file

* Operating system DOESN'T ASK if you wish to overwrite a file that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to interface with some external applications

* Software development tools/systems (compilers) that automatically
overwrite "old" versions do not perform properly

* Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

* A non-compliant application is accidentally downloaded and run on
your previously Y2K compliant system!

* A non-compliant application is accidentally installed and run on
your previously Y2K compliant system!

* Developers: Changes made to compiled programs suddenly disappear
and problems that have been fixed suddenly reappear after
recompilation of modules

* Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

* Email is launched with each encounter of specific year 2000 date
problems

* Scheduled processes, Email, or applications, are activated at the
wrong time

* Scheduled processes such as archive or delete functions on files
or email are launched at the wrong time

* System date upon powering up is 1980 or some year in the distant
past, or, system date appears normal but file dates are wrong

* Date display (displayed at the "date" command) is wrong or
different from system date

Most of you are sick of Y2k news. Period. Hey, that's fine IF YOU
HAVE ALREADY TAKEN PRUDENT STEPS. The whole Y2k thing seems unreal,
but like the first cold day in January, we are gonna feel it!

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems WILL affect you. Your computer WILL give you problems
if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on a less-than-stellar
generator. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 24 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

5) Problems With New Daytona Y2K-Compliant Computer
------------------------------------------------------------

New computers must be tested. Across the world, companies and
governments are installing new, compliant computers. Well, the
computers and software are said to be compliant. But first, the
systems must get through 1999. If they can't get to 2000, there is
big trouble ahead.

On Dec. 8, the Daytona News-Journal reported that new computer
software failed a deadline Tuesday to "go live," but a city
official expressed confidence the system would meet expectations
before the year 2000.

"We are still not 100 percent ready," Finance Director Jim Maniak
said. "We have a number of things that we have changed and
corrected and made modifications to that we still have to test."

The city purchased the administrative software package for about
$1.2 million from Creative Computer Solutions, a Pleasanton,
Calif., company, in August 1998. Two previous "go live" dates were
rescheduled July 1 and Sept. 14.

Because the system was failing to meet the city's expectations, CCS
officials agreed to a $3,500-per-day penalty in November if the
system continued to fall short. The company also obtained a
$468,540 performance bond and provided technical experts at City
Hall, the News-Journal said.

Maniak was unsure if the daily penalty would apply because the
agreement with CCS called for an extension if new issues arose.
"We've had other things come up," Maniak said. "We would have
things to be corrected. They'd correct them and then we'd come back
and find something else."

"We're close enough that we should make it (with the new system),"
Maniak said. "We've made a lot of progress, we're very close, but
it just may take a little longer as far as the go live date.

"Everyone is still dedicated to getting it done," the finance
director said. "We have a very complicated system with a lot of
interaction between all the systems we have. They all must talk to
each other and send information to other systems at other
agencies."

------------------------------------------------------------

6) Y2K Buying Panic Hits Australia
------------------------------------------------------------

The panic has hit, according to this report.

Fears about the Y2K bug have led to panic buying of food and
survival equipment in Western Australia, according to an Dec. 5
article in Australia's Sunday Times.

Stores selling camping and army surplus equipment say shoppers have
been buying gas stoves, water containers and dried food.

Fanatics, survivalists and religious groups have been bulk-buying
emergency supplies as the millennium deadline looms.

Battery-powered lanterns, kerosene lamps and gas-powered freezers
and refrigerators have been high on their shopping lists.

One Fremantle store reported that women were pooling money to buy
hundreds of litres of water and fuel to last several months, the
Sunday Times said.

Another shop said that a group of survivalists, worried that Y2K
computer problems could trigger a breakdown in essential services,
had bought supplies for a remote bush retreat.

Stores in the city were braced for a last-minute rush before Dec.
31.

Ranger Camping in Bentley said sales of emergency and back-up
equipment had skyrocketed in what was traditionally a slow retail
period.

Link: http://www.news.com.au/news_content/sdt/4128061.htm

------------------------------------------------------------

7) Busy Signal Paralysis
------------------------------------------------------------

How long could your business survive if all you could get from your
suppliers is a busy signal?

How long could you stay in business if 80% of your customers could
get nothing but a busy signal from you, as you fill your time
answering questions about non-delivery from the other 20%?

What percentage of a company's client base could shut down the
company's phone lines if they called on the same day?

What if 80% of them called back tomorrow?

This is the problem of institutional noise. This also is the
problem of just-in-time production/distribution.

What percentage of a company's suppliers would have to refuse to
deliver in order for it to have to shut down?

What percentage of a company's customers would have to refuse to
pay in order for it to have to shut down?

This is the problem of cash flow. There is not much margin for
error.

------------------------------------------------------------

8) Japan Will Deploy Special Y2K Troops
------------------------------------------------------------

For a nation with half the population of the U.S., 96,000 troops
are not that many. But deploying this many people points to serious
concern.

Japan, which has come under fire for not being prepared for major
disasters, announced it would put tens of thousands of military
personnel on alert at year-end to deal with possible millennium
bug-related accidents, according to a Reuters story published Dec.
7 on Yahoo!

About 96,000 Self-Defense Forces staff will be on alert across the
country for two days from New Year's Eve to deal with possible
emergencies triggered by the Year 2000 (Y2K) computer glitches,
officials at the Defense Agency said.

The agency also plans to put more than 100 aircraft, warships and
special vehicles on standby, and deploy several chemical warfare
units, the officials said.

Prime Minister Keizo Obuchi recently made a nationwide television
appeal for people not to worry about the millennium bug, but he
will still be on hand on New Year's Eve in case a crisis breaks
out.

Link:
http://dailynews.yahoo.com/h/nm/19991207/tc/japan_defense_2.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 88: 12/12/99
------------------------------------------------------------

Really Down to the Wire

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) Y2K Stories Since Sunday (12/5/99)
2) Down to the Wire!
3) Houston Fails Final Y2K Test
4) U.S. Personnel Office Sets Y2K Web Break
5) More Y2K News
6) One-third Aussie Y2K Projects Incomplete
7) New, Compliant Mainframe Computers Are Buggy
8) Water/Sewers: The Weakest Links

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Stories Since Sunday (12/5/99)
------------------------------------------------------------

1. Clay County (Missouri?) taxpayers overcharged
30,000 incorrect bills mailed. Some incorrect bills already paid.

2. Modesto Bee (Livingston, CA)
Y2K upgrade for City Accounting didn't work. Need $100,000 more.
Manual workarounds being considered.

3. USDA Word Processing
WP in 9,000 computers can't save files after 2000. "Need 9,000 new
desktop systems"

4. Omaha/Douglas Country (Nebraska) Accounting
Crashed when Y2K compliant apps switched from test to production
mode. Manual check writing considered.
100% outage solved after 3 days

5. Park Township Water Assessment (Michigan)
Refused to calculate bill interest past 1999. Fixed right away. No
service outage.

6. Bermuda Stock Exchange
Two 1900 dates printed in two issues of daily trade report. Should
be fixed by 12/13/99

7. MAISD Accounting (Muskegon County, Michigan)
IBM mainframe payroll/accounting software. Reinstall failed after
Y2K testing. Problem resolved after 5 days of intensive work.

8. Chicago PD computer crash
Booking computer. 100% crash after testing back-up generators.
Manual workaround. "Not Y2K related"

9. Alaska Child Support
1900 dates cause rampant file expansion in dead-beat ware. Problem
discovered and solved in 30 minutes. No service outage.

10. Alaska Jury Selection
Misread 2000 as 1900, and gave 375,000 Alaskans a 99-year reprieve
from Jury duty. Problem caught and solved in same week. No service
failure.

11. Deutsche Bank IBM
Upgrade of IMS Transaction Manager (for clearing international
payments) fails at maximum load. Repaired overnight. DM500bn
delayed. Y2K factor -> Source with knowledge of system says yes, DB
says no, IBM says no comment. In any case, DB broke the lock-down
rule.

12. Daytona Beach, Fla.
New administrative software from "Creative Computer Solutions"
misses 3rd go live deadline on 12/7/99. Missed two previous
deadlines on 7/1/99 and 9/14/99.

13. Colombia Social Security Inst.
Database with employment history of 4.5 million Colombians is not
Y2K compliant. Cannot buy new system. Must export data.

14. Deutsche Borse
Operator of Frankfurt Stock Exchange is having computer problems.
Reported in article on Deutsche Bank glitch.

15. Ohio Child Support
Dead-beat ware malfunctions and slows support checks for 1600
people. 2 weeks behind in payment billing.

16. Illinois Child Support
Started on 10/1/99 when new state disbursement unit opened to
centralize info on deadbeats. $8 million in emergency loans
extended due to payment delays. Apparently not Y2K related.

17. SSA botches checks to Washington/Idaho
600,000 mailings with wrong SSN. Apparently not Y2K related.

18. Escambia County Jail Bug (Alabama)
Y2K upgrade crashes system. "May take months to fix" (said on
12/3/99). Suspect booking and inmate medication being handled
manually.

19. HSBC Holdings, Standard Chartered
Hong Kong Banks break freeze to update ATMs etc.

------------------------------------------------------------

2) Down to the Wire!
------------------------------------------------------------

Dan Steele, EE

The classic example of a Y2K problem is a pension payment: You're
eligible for a pension payment now, but when the date field turns
over to "00," the software thinks you haven't been born yet and
thus not are entitled to a pension.

That's a fairly obvious example, but the Y2K dilemma can cause much
more subtle errors. The erroneous date fields might lead to
mistakes in calculations that you won't notice right away. By the
time you do determine you have a problem, its effects might have
become quite significant, leading to unexpected losses and large
errors.

Even testing for Y2K compliance incorrectly might fit into the
"don't try this at home" category -- unless you're sure you know
what you're doing.

There's the story of one do-it-yourselfer who cranked his clock
ahead to see what would happen. The test couldn't be "untested " -
software licenses were invalidated and his system locked up.
Another person had a Y2K problem when his network backup program,
unbeknownst to him, essentially became an "erase most current
version" because the system thought that the current version was an
OLD.

Your own desktop PC may check out fine -- it may be Y2K-compliant,
as they say. But your network may have Year 2000 problems you don't
know about. In other words, "Just because I'm okay and you're okay
individually, doesn't mean we're okay when networked together."

A Lockheed Martin analysis found that half of the Pentium machines
on people's desks needed to be upgraded.

If your NON-Y2K-COMPLIANT PC makes it to January 3, 2000, you might
STILL see some Y2K problems. EVEN IF YOUR Y2K-COMPLIANT COMPUTER
makes it to January 3, 2000, you will STILL HAVE TO BE DILIGENT
about any NEW SOFTWARE that you install, download, restore from
backup, FROM NOW ON!

If your system IS Y2K-COMPLIANT and has the Netsavers NET2000 Total
Software Scanner installed, however, you can easily set up a system
wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well into next
yesr, as will be required!

I really hope that you STUDY THIS LIST because you may have a HARD
TIME TELLING THESE SYMPTOMS APART FROM THOSE OF OVER 3000 Y2K
VIRUSES tht are expected to be unleashed next year!

* Unexpected expiration of passwords, licenses, security cards,
software etc.

* Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

* Operating system asks if you wish to overwrite an "OLD file" that
is really a "NEW" file

* Operating system DOESN'T ASK if you wish to overwrite a file that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to interface with some external applications

* Software development tools/systems (compilers) that automatically
overwrite "old" versions do not perform properly

* Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

* A non-compliant application is accidentally downloaded and run on
your previously Y2K compliant system!

* A non-compliant application is accidentally installed and run on
your previously Y2K compliant system!

* Developers: Changes made to compiled programs suddenly disappear
and problems that have been fixed suddenly reappear after
recompilation of modules

* Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

* Email is launched with each encounter of specific year 2000 date
problems

* Scheduled processes, Email, or applications, are activated at the
wrong time

* Scheduled processes such as archive or delete functions on files
or email are launched at the wrong time

* System date upon powering up is 1980 or some year in the distant
past, or, system date appears normal but file dates are wrong

* Date display (displayed at the "date" command) is wrong or
different from system date

Most of you are sick of Y2k news. Period. Hey, that's fine IF YOU
HAVE ALREADY TAKEN PRUDENT STEPS. The whole Y2k thing seems unreal,
but like the first cold day in January, we are gonna feel it!

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems WILL affect you. Your computer WILL give you problems
if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on a less-than-stellar
generator. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 24 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

3) Houston Fails Final Y2K Test
------------------------------------------------------------

Headline news story at the 6pm and 10pm news on the local NBC
affiliate, KPRC Channel 2 News in Houston, Texas, shows actual
footage from the City of Houston's 911 Fire and Ambulance Command
and Dispatch Center, which unexpectedly and completely failed a
"final, redundant" Y2k test today.

Previously assured by everyone from the Mayor of the City of
Houston, Lee Brown, down to the 911 Department's executives and MIS
people that everything had been tested multiple times, all was
well, and all necessary systems in the City's Departments had
passed muster, the entire 911 "Unit Response Coordinating Computer
System" went off-line--totally down--with blank screens when the
Y2k test was run.

The City of Houston's Emergency Response System was Out of
Business, black; gone--until the systems were hard reset and the
dates returned to current.

Havoc and outrage ensued from the Fire Department, the City
Council, the Mayor's Office, and the Mayor himself has called the
responsible officials onto the carpet tonight.

Current story is that the vendor assured City officials that the
system was Y2k compliant and updated okay, now says that it is not,
and they "cannot" or "will not" make it okay by Y2k.

Mayor says on TV that if they don't get it okay "soon", he'll get
another company to do it. Fire Dept and MIS folks say that they're
now preparing an emergency backup procedure using laptops, (shown
in the segment with MIS techies at the laptops looking particularly
remorse), and a manual backup Dispatch system. City Council members
on TV saying "This is Not Acceptable (How Come We Only Found Out
About This Now, Etc.).

Obvious pressure being put on station to minimize panic response to
this announcement and its implications for the same reason that the
same thing is being done at every government level from the local
cities to the federal level--avoid panic at all costs.

The above incident is fact, shown on Thursday's TV. Call the
station, confirm, or ask for the video.

------------------------------------------------------------

4) U.S. Personnel Office Sets Y2K Web Break
------------------------------------------------------------

Jim Wolf

WASHINGTON (Reuters) - The U.S. government's personnel office, the
nation's biggest, said Thursday it would interrupt its Internet
services during the New Year weekend as a guard against computer
hackers, power surges and other possible Y2K pitfalls.

In what may be the first in a string of such precautionary moves by
federal agencies, the Office of Personnel Management said it would
bar access for "several hours" to the many data banks normally
available from its home page, www.opm.gov .

Instead of linking to information on federal employment polices,
job listings, life insurance and other benefits, the home page will
display a picture of Lachance and her explanation of the
interruption, spokesman Jon-Christoper Bua said.

Separately, an Internet service providers' group announced plans to
keep its members in constant touch by a telephone conference link
for at least 48 hours starting Dec. 31 to tackle any Y2K-related
Internet problems as soon as possible.

The telephone conference "bridge" -- dubbed "Silent Night" -- will
link 20 to 25 Internet service providers, equipment vendors and
others starting shortly before the new year arrives in New Zealand,
the first industrialized country to usher in 2000, the Reston,
Virginia-based Internet Operators Group said.

The group's executive director, Ira Richer, said in a statement
that this would mark the first such "real-time" cooperative effort
to resolve potential outages and security incidents worldwide.

The telephone conference bridge will be coordinated with a $50
million Y2K-tracking center set up under White House auspices to
monitor automated systems worldwide, Richer said.

U.S. authorities are preparing for what they fear may be a surge in
malicious computer activity aimed at possible security cracks
linked to the Year 2000 computer glitch.

Michael Vatis, the FBI agent who serves as the nation's top "cyber-
cop," said in London this week that the interagency outfit he heads
-- the National Infrastructure Protection Center -- would be on the
alert although it had no hard evidence of any planned attacks.

"It's natural to expect there might be people doing stupid things
with computers," he said of possible cyber attacks timed to take
advantage of any high-tech confusion sparked by the century date
change.

The Defense Department, which is spending nearly $3.8 billion to
prepare for the so-called Y2K glitch, is continuing to review its
security arrangements for Internet connections during the calendar
switch, said Susan Hansen, a Pentagon spokeswoman.

"At this time, no decision has been made on whether to shut down or
disconnect from the Internet any DOD systems," she said.

The Agriculture Department has asked each of its in-house agencies
to weigh whether their Web sites are critical to their mission
during the weekend of Jan. 1 in light of security concerns.

Among the Agriculture Department's agencies are the Farm Service
Agency, which administers farm programs; the Foreign Agriculture
Service, which keeps tabs on foreign demand and prospects for U.S.
exports; and the Food Safety and Inspection Service, which carries
out meat inspections.

The Clinton administration has left it up to individual departments
and agencies to determine how best to protect their Web sites.
Aides to John Koskinen, President Clinton's top Y2K advisor, did
not immediately return phone calls seeking comment on the issue.

The Office of Personnel Management, which keeps tabs on the federal
government's 1.8 million workers, excluding postal service
employees, said in its statement that federal agencies in the
Washington area would reopen for business normally on Monday, Jan.
3, 2000, "unless you hear otherwise."

------------------------------------------------------------

5) More Y2K News
------------------------------------------------------------

Economic (business)
Millennium Concerts Plauged by Y2K Glitch
http://www.eonline.com/News/Items/0,1,5724,00.html

(Military)
"Japan to Put 96,000 Soldiers on Millennium Alert"
http://dailynews.yahoo.com/h/nm/19991207/tc/japan_defense_2.html

"France plans 60,000-strong police force on New Year's Eve"
http://www.abcnews.go.com/wire/World/ap19991206_643.html

(Currency)
"Bank boosts cash supply for Y2K"
http://www.ottawacitizen.com/city/991208/3261972.html

"Y2K paranoia or Greenspan's irrational exuberance?"
http://www.expressindia.com/news/34505599.htm

Perceptions:
"Don't call it a Y2K war room or bunker"
http://www.zdnet.com/zdnn/stories/news/0,4586,2407219,00.html

Health (just in case)
"Storming Into the Future: Y2K Plans for the Kitchen"
http://www.drkoop.com/news/stories/december/y2k_forthekitchen.html

Surveys (Gas & Oil)
"Trade associations have extremely limited success in Y2K surveys."
http://www.gasandoil.com/goc/news/ntn95079.htm

"Many large companies in vital U.S. industries rate "low" in Y2K
ratings"  http://www.gasandoil.com/goc/news/ntn95074.htm

Food:
Food Industry Y2K Ready
("But a new survey shows that not all Americans are buying Uncle
Sam's view of Y2K.")
http://www.currents.net/newstoday/99/12/11/news1.html

------------------------------------------------------------

6) One-third Aussie Y2K Projects Incomplete
------------------------------------------------------------

Staff writers, ComputerWorld

SYDNEY - More than 20 per cent of Y2K-related projects in Australia
were still in progress as of December 1, according to global
research by IDC.

The preliminary research reports 62 per cent of Australian
companies have completed systems changes for Y2K, compared with
almost 27 per cent of companies in the US. More than 56 per cent of
businesses in Belgium were still working on systems.

The research also reported 45 per cent of businesses would have
staff "on hand" at midnight on New Years Eve.

IDC reported 40 per cent of Australian businesses did not expect
trouble with their systems, but 9.2 per cent were expecting
problems with office systems and a similar amount expecting
difficulties with financial systems.

Almost 80 per cent of US businesses do not expect to experience
system problems from Y2K.

------------------------------------------------------------

7) New, Compliant Mainframe Computers Are Buggy
------------------------------------------------------------

Very few large organizations have replaced their legacy systems
with new, compliant hardware. Stories keep hitting that indicate
that those organizations that have installed new systems are having
problems.

The data are the big problem. They are stored in legacy software.
The software must be rewritten, but the data must conform with the
revised software.

It is not safe, cheap, or easy to port old data to new systems.
This is not like installing a new copy of Quicken onto your brand-
new desktop computer.

Some cures for the millennium computer bug might do more harm than
good, said a Dec. 8 report published by ZDNet.

It is a truism in the information technology business that new
projects are always late and over budget. It often takes weeks,
sometimes months, to shake down new computers and make sure they
provide the functions promised.

ZDNet said there has already been a rash of computer systems
crashes which have damaged businesses.

Earlier this year the food distributor International Multifoods of
Chicago saw its business disrupted when it installed a new Y2K-
ready computer system. It failed to gel with the company's
traditional order system and crippled business for weeks.

In Britain, the china and crystal glass maker Royal Doulton said it
lost between 10 million and 12 million pounds ($16.25 million to
$19.50 million) in sales following the failure of its new warehouse
management software installed to ready the company for the
millennium bug. The new software was unable to handle orders for
sets of five plates for the U.S. market and recognized only orders
for single items.

ZDNet said the U.S. confectioner Hershey Foods saw its traditional
Halloween business trashed when its new computer using software
from SAP AG and Siebel Systems disrupted its supply system.

Experts also point to computer crashes at Whirlpool Corp, Allied
Waste Industries, and Waste Management Inc. Procter & Gamble Co,
giant maker of Tide detergent, Crest toothpaste and Pampers
diapers, said last month it had problems with its the global
database system called SourceOne.

Link: http://news.excite.com/news/zd/991208/10/will-y2k-cures

------------------------------------------------------------

8) Water/Sewers: The Weakest Links
------------------------------------------------------------

Think of Los Angeles after one week without water or sewers. Think
of a Chicago highrise after four hours without water or flush
toilets.

It was my concern over water that convinced me to start this site.
This article is based on this 39-page report (Dec. 8).

Drinking water and sewage facilities are threatened by the looming
Y2K computer glitch, according to a study by two watchdog agencies
that blames government and industry with lax oversight. A story
about the possible problem appeared Dec. 10 in USA Today.

"There are serious doubts that the 55,000 drinking water utilities
and the 16,000 publicly owned wastewater facilities in the United
States will be prepared for Y2K," the report by the Natural
Resources Defense Council and the Center for Y2K & Society says.

USA Today said the report is drawn from surveys conducted by groups
such as the American Water Works Association, which found that no
more than 40% of those responding had completed the first stage of
Y2K upgrades by June. Further, the report notes, fewer than 15% of
wastewater treatment facilities are prepared.

The report notes that low water pressure could interfere with
firefighting, and Y2K interruptions could cut stockpiles of water
treatment chemicals.

Jon DeBoers of the American Water Works Association conceded that
survey results were not entirely encouraging but said, "The vast
majority of the water systems have tested most of their critical
components and are confident that they are Y2K-ready."

He told the newspaper that any prolonged power failure would create
great difficulties for water and sewage stations.

"My ultimate sense is that most of the large utilities are going to
be prepared," said Chuck Fox, EPA deputy administrator for water.
"If there's going to be (trouble), it would be with the smaller
utilities."

Link: http://www.usatoday.com/news/washdc/ncsthu09.htm

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 89: 12/14/99
------------------------------------------------------------

The Y2K Water Crisis

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) The Y2K Water Crisis
2) Statistics of the FED's Money Creation
3) The Internet Worldwide Y2K Watch
4) Suddenly on January 3, 2000
5) Anatomy of a Virus

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Water Crisis
------------------------------------------------------------

This Dec. 10 press release from the Center for Y2K & Society lays
it on the line: U.S. cities are facing a water crisis.

LESS THAN HALF OF WATER SYSTEMS MAY BE PREPARED FOR Y2K Government
Panels Misinterpreted Key Information, Says Report Surveys of
drinking-water and wastewater facilities by industry groups
indicate that, at best, less than half these utilities are ready
for the year 2000 rollover, says a report released today by the
Natural Resources Defense Council and the Center for Y2K and
Society.

The most recent detailed industry survey by the American Water
Works Association (AWWA), the Association of Metropolitan Water
Agencies (AMWA) and the National Association of Water Companies
(NAWC), shows that only 20 percent to 45 percent of drinking water
systems were Y2K compliant as of June 1999. Even these low numbers
are optimistic: Of the approximately 55,000 U.S. drinking water
utilities, less than 1 percent have responded to an Y2K industry
survey.

AMWA's two-question follow-up survey of 118 utilities in September
was of little use because it failed to ask if respondents had
completed the final, critical phases of testing and implementation.

And the National Rural Water Association has not released any data
to the public from its recent survey.

The prospects for wastewater treatment are even worse. The most
recent survey of wastewater facilities, taken in July, indicated
that only 4 percent were ready.

Recent government reassurances about the Y2K readiness of drinking
water utilities have been based on a misreading of the industry
data.

The President's Council on Year 2000 Conversion and the Senate
Special Committee on the Year 2000 Technology Problem have both
said that, based on industry surveys, 92 percent of those
responding are "fully compliant." But e-mail correspondence from an
AWWA representative indicates that this figure refers to the
readiness of internal computer systems at the responding
facilities, and not to the state of readiness of the utilities,
themselves.

As for wastewater, the President's Council's final report
inexplicably omitted the Association of Metropolitan Sewerage
Agencies' survey showing that only 4 percent of these facilities
were ready.

In contrast, the Senate Committee's September report found AMSA's
survey results "a cause for great concern," and significant enough
to conclude that "we feel justified in saying we are alarmed by
these statistics."

A July 1999 General Accounting Office (GAO) telephone survey
underscores the lack of preparation by water utilities. GAO polled
21 U.S. cities, and found that only five of the seventeen city-
owned or -operated drinking or wastewater facilities were Y2K-
ready.

"While we cannot predict which or how many systems, this data
strongly indicates some drinking and wastewater facilities could
have Y2K-related problems," says Norman Dean, Executive Director of
the Center for Y2K and Society. "We urge people not to panic, but
to prepare, by storing a gallon of water per person per day for
approximately 10 days."

Y2K-related problems at drinking-water utilities might cause loss
of water supply or reduction in water pressure, lack of adequate
treatment and possible release of toxic or hazardous substances.
Wastewater facilities might discharge untreated sewage due to Y2K
failures.

In a prepared statement, Erik Olson of NRDC warns that the Y2K
problem may not be "over" on January 1, 2000. "Data corruption,
supply chain failures and gradual system degradation could cause
service interruptions for months and even into the next year," he
says.

In addition to recommending that consumers store water, the study
urged that the following steps be taken:

The Environmental Protection Agency should require states to update
their legally mandated water emergency plans to include Y2K. The
agency should also provide troubleshooting and resource teams to
utilities needing assistance with their Y2K plans.

The Senate Y2K committee should work with water trade associations
and relevant government agencies to ensure that information
regarding the Y2K status of individual water utilities is released
to the public.

Governors, mayors, and local officials should immediately update
their emergency drinking-water contingency plans to ensure they are
prepared for Y2K. Government officials, journalists, and citizens
should ask their utilities the 10 Questions for Water Utilities
Regarding Y2K that are appended to the report and included in this
release.

The Center for Y2K & Society -- a project of the Tides Center -- is
a Washington-based nonprofit organization whose mission is to
reduce the possible societal impacts of the Y2K problem.

The Natural Resources Defense Council is a national, non-profit
organization of scientists, lawyers and environmental specialists
dedicated to protecting public health and the environment.

Founded in 1970, NRDC has more than 400,000 members nationwide,
served by offices in New York, Washington, Los Angeles and San
Francisco. More information on NRDC is available at its Web
site, www.nrdc.org.

The full text of the report Y2K Risks in the Water Industry can be
found at www.y2kcenter.org/resources/centerpubs/ .

Link: http://y2kcenter.org/news/1210pr.html

------------------------------------------------------------

2) Statistics of the FED's Money Creation
------------------------------------------------------------

The Federal Reserve is pumping fiat money into the banking system
faster than at any time in history. This is in response to the
FED's assessment of the Y2K threat. Alan Greenspan -- Mr. Inflation
Foe -- has become the premier inflationist in FED history. He is
getting away with it because investors assume that it's temporary,
that it will be reversed when Y2K's effects end.

They are right; they just have underestimated the time frame for
Y2K's effects. The inflation will end with these words: "I'm sorry;
our computer is down."

The stock market just keeps on climbing and Federal Reserve
Chairman Alan Greenspan has been making a massive amount money
available in the financial system, according to a Dec. 10 Reuters
story published by Yahoo!

Is it irrational exuberance or Y2K paranoia? Or Both?

Greenspan has permitted the biggest expansion of money supply in
the Fed's history in the weeks leading up to the end of the year,
when the so-called Y2K computer bug could disrupt financial
systems.

Reuters said M3, the Fed's broad definition of money, which
includes currency, travelers' checks, bank deposits and money
market mutual funds, has climbed $194 billion over the past 13
weeks -- the biggest increase ever.

The money supply increased at an annualized rate of 15 percent,
which is well above the Fed's target growth rate of only 5%.

Just a week ago, M3 went up a huge $36 billion, which would seem to
indicate that the central bank is buying insurance against some
possible disruptions as the calendar changes from 1999 to 2000,
analysts said.

''The money supply has gone through the roof and the increase,
adjusted for inflation, is the biggest in the nation's history,''
said Don Hays, president of The Hays Market Focus Advisory Group,
an investment consulting firm.

''The Fed may be flooding the nation with cash because of jitters
among central bankers that the Y2K computer bug could do more
damage to the financial system than most people expect,'' he said.
.
''This huge liquidity is the reason for the big rally in stocks
since October,'' Hays said. ''It's a replay of the market's run-up
exactly one year ago, when the Fed rushed to flood the system after
the panic from the Russian loan default and the Long Term Capital
Management hedge fund disaster.''

Reuters reported that the Fed came to the rescue of the LTC fund,
which teetered last year on the brink of bankruptcy due to the
global market turmoil. The fund's losses threatened to slam the
financial system, which in turn could have hurt the economy.

There are few signs of panic in the run-up to the new year, when
computers may confuse the year 2000 with 1900, messing up date-
sensitive functions.Corporate America says it is confident that it
has fixed the Y2K problem, but the Fed is apparently not taking any
chances.

Link: http://biz.yahoo.com/rf/991210/44.html

------------------------------------------------------------

3) The Internet Worldwide Y2K Watch
------------------------------------------------------------

David Migoya, Denver Post Online

20 hours before Coloradans will ring in the year 2000 - the first
effects of Y2K already will be felt a world away in New Zealand and
the tiny countries of Kiribati and Tonga.

And millions of people world wide - yourself included, if you'd
like - will be watching on their computers to see what, if
anything, happens.

The real-time view of what is occurring as country after country
crosses into the year 2000 will be shown on a unique Internet site
- www.iy2kcc.org - that will provide up-to-the-minute information
on a variety of important items, such as whether communications and
electrical and financial systems are still working.

[ Ed.: The Y2K Resource Center at -
www.suttondesigns.com/NetsaversCenter - will also be providing
real time analysis ]

"Part of the reason is for an early-warning system for the world,"
said Lisa Pellegrin, communica tions director for the International
Y2K Cooperation Center in Wash ington, D.C. "If problems occur in
New Zealand, and other countries expect the same could happen, the
time difference allows them to help deal with solutions as quickly
as possible."

The center is the brainchild of the United Nations, was funded by
the World Bank and started operat ing in February. To date,
national Y2K coordinators from about 170 countries are part of the
project, an immense worldwide effort to keep everyone in touch with
what could be a global problem.

Their responsibility will be to provide immediate information to
the In ternet-viewing world - provided nothing happens to the
Internet it self when the new year begins.

To ensure the first reports are not affected by any computer or
telecommunications glitch, the center will have an open telephone
line with New Zealand officials, Pellegrin said.

So what happens if Y2K - the name given to the concern that
computers will misread the two-year digit representation "00" as
1900 instead of 2000 - knocks out New Zealand in some fashion?

What's happening a world - and several time zones - away could be
critical to Y2K planners in the Denver area, particularly law en
forcement agencies that need to know whether systems are break ing
down and if those problems are causing civil unrest.

"It's critical that we try to keep aware of anything that might be
occuring, no matter where it is in the world," said Lt. Roger
Hoffner , emergency management coordi nator for Arapahoe County.
Hoff ner said he plans to monitor the real-time Y2K site throughout
the day.

The site is simple to navigate. Countries are listed in
alphabetical order and carry a series of columns - called sectors -
that rep resent various critical operating systems. Those sectors
include energy, communications, finance, health, government
services, cus toms and air, sea and land trans portation.

The sectors will be color-coded with green reflecting no post-mid
night problems, yellow for moder ate problems and red ... well ...
red won't necessarily be bad, Pel legrin mused.

Y2K officials in each participating country also will provide
commentary on what's being done to fix their specific problem, as
well as descriptions of anything else that's relevant, such as
civil un rest.

Pellegrin said usage will be high, but they've upgraded their
system to handle the load.

The site is also generating an immense amount of e-mail, such as
from people worried about their travel plans or concerned for a
relative's well-being.

------------------------------------------------------------

4) Suddenly on January 3, 2000
------------------------------------------------------------

Dan Steele, EE

Your NON-Y2K-COMPLIANT PC makes it to January 3, 2000... but you
are cautious... you might STILL see some Y2K problems. You will
HAVE TO BE DILIGENT about any NEW SOFTWARE that you install,
download, restore from backup, FROM NOW ON.

BUT ... if your system IS Y2K-COMPLIANT and has the Netsavers
NET2000 Total Software Scanner installed, you can easily set up a
system wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well
into next year. This will actually be required, we think.

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT. Problem is, you may also have a HARD TIME TELLING
THESE SYMPTOMS APART FROM THOSE MIMICKED BY Y2K VIRUSES that are
expected to be unleashed next year.

Read on...

* Unexpected expiration of passwords, licenses, security cards,
software etc.

* Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

* Operating system asks if you wish to overwrite an "OLD file" that
is really a "NEW" file

* Operating system DOESN'T ASK if you wish to overwrite a file that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

* Incorrect calculations involving time spans or timing intervals

* Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

* Inability to interface with some external applications

* Software development tools/systems (compilers) that automatically
overwrite "old" versions do not perform properly

* Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

* A non-compliant application is accidentally downloaded and run on
your previously Y2K compliant system!

* A non-compliant application is accidentally installed and run on
your previously Y2K compliant system!

* Developers: Changes made to compiled programs suddenly disappear
and problems that have been fixed suddenly reappear after
recompilation of modules

* Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

* Email is launched with each encounter of specific year 2000 date
problems

* Scheduled processes, Email, or applications, are activated at the
wrong time

* Scheduled processes such as archive or delete functions on files
or email are launched at the wrong time

* System date upon powering up is 1980 or some year in the distant
past, or, system date appears normal but file dates are wrong

* Date display (displayed at the "date" command) is wrong or
different from system date

Most of you are sick of Y2k news. Period. Hey, that's fine IF YOU
HAVE ALREADY TAKEN PRUDENT STEPS. The whole Y2k thing seems unreal,
but like the first cold day in January, we are gonna feel it!

I've got news for you. Layer upon layer, the cumulative affect of
Y2k problems WILL affect you. Your computer WILL give you problems
if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

What was that? Your site/factory/home has backup generators? Good
luck running your computer equipment on a less-than-stellar
generator. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices.

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 24 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

5) Anatomy of a Virus
------------------------------------------------------------

CARLENE HEMPEL, Nando Media

There's something terribly wrong with this machine. It boots up as
always, but right after the Microsoft Windows 98 screen blinks off,
a curious message appears: "Error loading user.exe. You need to
reinstall Windows." And then everything shuts off.

Robert Lilley has met his latest opponent.

A support technician for Nulogix Computer Specialists in Raleigh,
Lilley is standing and staring hard into a 15-inch monitor hung at
eye level. He's forgotten the half-eaten slice of pepperoni pizza
on his work table. There are more pressing matters than lunch.

He hasn't proved it yet, but he thinks there's a virus at work
here, a devilish bit of code whose only purpose is to corrupt
computer systems and reproduce without the user's permission.
That's right, he's a virus buster. And business is booming.

In just the past year, three fast-spreading viruses -- Melissa,
Chernobyl and Explore.Worm.Exe -- erased files and clogged servers
around the world.

Last month, "Bubble Boy" was identified as the first e-mail virus
that could activate by simply being read or previewed in a computer
user's Microsoft Outlook or Outlook Express e-mail program;
Microsoft has since fixed the security hole, but until then, e-mail
viruses were incapable of doing any harm unless the recipient
clicked on the enclosed attachment.

This summer, computer security experts discovered a new virus
called "Win32.Kriz.3862," set to be unleashed on or around
Christmas day and designed to overwrite data in all files on all
available drives.

It can only get worse. In fact, some security experts are bracing
themselves for what could be an onslaught of viruses programmed to
set off around New Year's. One figure circulating puts the number
at 200,000 for that day, which is possible but highly unlikely.

Twelve years have passed since the first virus appeared "in the
wild," or outside a contained lab environment. The "Christma" worm
displayed a Christmas tree and holiday greeting and replicated by
digging into computer users' address books and sending itself via
the Internet to the recipients.

Though it was not destructive, the implications were obvious, and
techie types across the world started to get nervous.

In 1992, there was "Michelangelo," set to erase everything stored
in memory on March 6, the Renaissance artist's birthday.

And the 1995 "Boza" virus, named after a Bulgarian liquor, was "so
powerful that just looking at it will give you a headache," one
industry analyst said at the time.

Estimates range from 10,000 to 40,000 for how many viruses exist,
Chess says, though the number actually loose in the world is fewer
than 200.

But 1999 has been a bumper year -- though in most cases, the
fallout didn't live up to the hype. Chernobyl, which struck in
April, infected hundreds of computers in the United States, not
many thousands, as was expected. Melissa spread to hundreds of
thousands of computers, but that was still less than predicted, in
large part because many users had anti-virus software to protect
them.

It's more than an hour later, and Lilley at Nulogix is still
staring hard at the computer screen, thinking. Like his lunch, many
of his sentences go unfinished. "I'm trying to find ..." he says,
and then nothing. "I'm just trying to think of ..."

With a finger on the keyboard's down button, his eyes scan the
screens and screens of files passing by. It's a last resort, an
attempt to see anything that looks off or odd. Nothing catches his
eye.

The day will end without a solution. Tomorrow, he'll climb onto the
Internet to see if there are any clues in the research. Maybe
Microsoft has some suggestions on its site, he says. "Or maybe ..."
he starts to say, but never finishes.

In the end, he can't confirm what virus he's been dealing with. He
did have to reinstall the entire operating system. Why waste time
figuring out exactly what it was? As soon as he solves it, a new
digital parasite will come along, searching for precious hard drive
to destroy.

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 89: 12/14/99
------------------------------------------------------------

Rail System, Nuclear Reactor, to Shut Down

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) U.S. Rail System to Shut Down Late Dec 31
2) $40 Million Center to Monitor Y2K
3) Nuclear Reactor in Israel Will Be Shut Off for Y2K
4) Y2K Contingency Plans For Texas
5) Russia Deploys New ICBM's in Violation of Y2K Agreement
6) Suddenly on January 3, 2000
7) Y2K Water Crisis

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) U.S. Rail System to Shut Down Late Dec 31
------------------------------------------------------------

dailynews.yahoo.com

In a story published by Yahoo! on Dec. 13, Reuters said that
although millions of dollars have been spent on avoiding the
computer glitch, the railroads and many city subway systems are
reliant on outside supplies of electricity and telecommunications
and have decided to take no chances.

In the nation's capital, where thousands of revelers are expected
to use the Metro to come downtown for ``America's Millennium
Gala,'' the trains will stop at stations with their doors open for
about 10 minutes starting five minute before midnight, a
spokeswoman told Reuters.

The Chicago Transit Authority plans a similar exercise just in case
of problems relating to the old programming habit of allocation two
digits for the year in dates. ''It's just a precaution,'' said a
spokesman.

Freight traffic is traditionally light or absent on any New Year's
Eve so the pause around midnight is not expected to be terribly
disruptive to freight operations.

Norfolk Southern issued advice to customers Monday that it would
begin suspending operations on the afternoon of Dec. 31 and restart
operations beginning with selected trains early on Jan. 1. Normal
operation would resume Jan. 2.

CSX spokesman Robert Gould said the company would coordinate a
brief stoppage of about 19 Amtrak trains through its system near
midnight on Dec. 31. Freight operations would be unaffected,
Reuters reported.

------------------------------------------------------------

2) $40 Million Center to Monitor Y2K
------------------------------------------------------------

Peter Kind, a retired Army lieutenant general, will head a $40
million operations center designed to track how the world fares as
it enters the technologically-challenging Year 2000.

The facility is on upper floors at 1800 G St. N.W. It will
coordinate data collected by existing government emergency centers
and, for the first time, the private sector.

Arrangements have been made for the sharing of centralized
information by the following industries: electric power, banking,
finance, telecommunications, oil, gas, airline, pharmaceuticals and
retail industries.

Link: http://nick.assumption.edu/CV/view1199.html

------------------------------------------------------------

3) Nuclear Reactor in Israel Will Be Shut Off for Y2K
------------------------------------------------------------

Newsday

If it's 100% safe, why are they going to shut it down? And how do
they know that it will come back up?

Israel nuclear reactor near the Negev Desert town of Dimona will be
shut down on New Year's Eve and New Year's Day as a precaution
against Y2K malfunctions, according to a Dec. 13 article in
Newsday.

Israel says the Dimona facility is used for research, though it is
widely believed that Israel stockpiles nuclear weapons there.

Based on photographs taken at the site in 1986 by Israel's nuclear
whistleblower, Mordechai Vanunu, experts said at the time that
Israel had the world's sixth-largest nuclear arsenal.

The prime minister's office said that Israel's nuclear facilities
were checked and found to meet the necessary standards to combat
the millennium bug, and that safety systems were working. In
addition to Dimona, Israel operates a small nuclear research
facility at Nahal Soreg in the center of the country.

Link: http://www.newsday.com/ap/rnmpin0l.htm

------------------------------------------------------------

4) Y2K Contingency Plans For Texas
------------------------------------------------------------

A lot can go wrong. Beginning Dec. 28, the state of Texas is
supposed to be mobilized to deal with these problems. On page 11,
we read that "assistance from other states and FEMA may be
extremely limited to non-existent because of a nation-wide demand
for assistance."

Many computer systems and computer chips embedded in equipment were
not designed to read the date (2000.÷ Thus, upon changeover to the
Year 2000, these systems and equipment may fail or may not function
properly.

Efforts over the past few years have attempted to correct this
flaw. The State of Texas has endeavored to identify and correct
existing systems and processes and believes that most State
operations will be operable through the year 2000.

However, there is no guarantee that all State systems and
operations will be immune from problems, either caused internally
or from outside influences, according to the Year 2000 (Y2K0
Contingency Plan, dated Dec. 9.

The interdependent nature of vulnerable systems may result in an
incremental or cascading series of impacts. Loss of functionality
in one essential service may cause significant disruptions in other
essential services.

While it is anticipated that there will be no major nationwide
catastrophic disruptions resulting from the Y2K conversion, there
may be numerous smaller disruptions occurring simultaneously across
the State and the country. These disruptions most likely will be
localized, of limited duration, and vary from location to location.

A unique aspect of the Y2K problem for emergency management
organizations is that, while each Y2K disruption in itself might
not constitute an (emergency,÷ the cumulative effect of such events
may stress the ability of Government - at all levels - to mount an
effective response.

In addition to the reliance on public utilities and telephone
systems, most law enforcement organizations use special equipment
that can be affected by the millennium transition. This can include
such basic items as police cars, radar guns, radios, and jail
security systems.

The Texas Department of Public Safety (DPS), aware of the critical
nature of these items, has inventoried its equipment that relies on
embedded computer chips. The inventory consists of 20,000 items
including telephone systems, laboratory equipment, vehicles,
and radar units.

TxDPS is preparing contracts for the provision of gasoline for
patrol cars at distribution centers throughout the State. If
telephone systems are damaged, DPS is prepared to use police radios
to coordinate efforts to maintain a safe environment for troopers
and Texas citizens.

TxDPS has primary, alternate, and redundant telecommunications
systems to insure that rapid dissemination of warnings and
notifications are accomplished even though impeded by the failure
of one or more of the warning network components.

Electric power is one of the most important services upon which
Texans rely.

One of the state¦s largest electric utilities has identified 5,000
devices with embedded computer processors in its generating
facilities. Many utility plants are operated with Supervisory
[Control] and Data Acquisition (SCADA) systems that use computers
and sensing devices to regulate the flow of electricity.

Water pumping/distribution facilities and wastewater treatment
facilities also use similar devices. Although only a small
percentage of these systems is at risk, disruption of utilities
could be particularly troublesome for smaller communities that do
not have the technical personnel to solve the problem.

The Public Utilities Commission (PUC) is requiring contingency
plans from the regulated electric and telephone entities. The
Electric Reliability Council of Texas (ERCOT) is also preparing
contingency plans.

Critical public health services, including poison control call
centers and 911 emergency services use the State¦s
telecommunications network. The General Services Commission (GSC)
is the primary provider of telecommunications services for state
agencies, universities, and some local governments. GSC is working
with its major vendors to verify that the state network can operate
through the Year 2000.

However, the network also depends on telephone companies that are
not under GSC¦s control. Even if the largest companies are ready
for the Year 2000, telephone outages might still occur due to the
complexity of the system.

Requests for emergency assistance will be resolved at the lowest
level direction and control facility with appropriate response
resource capabilities.

Unresolved assistance requests shall normally flow upward from
cities to the county, and if unresolved at the county level,
continues upward to the responsible Disaster District, to the State
Council, and, if needed, to other states or the federal government
for assistance support. However, as
stated in paragraph III.B.4, assistance from other states and FEMA
may be extremely limited to non-existent because of a nation-wide
demand for assistance.

Link: ftp://ftp.txdps.state.tx.us/dem/y2kplan.pdf

------------------------------------------------------------

5) Russia Deploys New ICBM's in Violation of Y2K Agreement
------------------------------------------------------------

Boris Yeltsin put his most powerful nuclear missiles on full alert
in what was seen as a dramatic warning to the West over Chechnya,
the Express reported on Dec. 11.

The Kremlin deployed ten new Topol-M missiles - its newest, most
sophisticated and deadliest weapons - in a state of combat
readiness.

The move coincided with President Yeltsin's return to Russia after
a trip to China, during which he hit back at criticism of his
campaign in Chechnya and warned the West to keep its nose out.

"Russia is a great power that possesses a full nuclear arsenal," he
thundered in Beijing. "It is us who will dictate."

The West was told in advance of Russia's deployment, as dictated by
nuclear treaty commitments. But the timing and the rarity of such a
move amounts to a dramatic show of force designed to back Yeltsin's
message, The Express reported.

The intercontinental missiles - with a 6,200 mile range and capable
of striking Britain or America - were put in readiness in the
Saratov region, 400 miles south-east of Moscow.

Russia publicly portrayed the move as a scheduled test of a new
weapon, which replaces its SS-19 missiles, dating to the 1970s.
But observers said the provocative timing could only be linked to
the Chechen crisis - and Yeltsin's anger at the West's hostile
reaction to his bloody military purge in the troubled region.

Many Russian politicians and analysts say Yeltsin is too ill to
rule Russia and have his finger on the trigger of the world's
second largest nuclear power.

In televised comments, even his wife Naina admitted that he had
"never been in such a bad state as he is now" after a bout of
pneumonia which followed a succession of health problems, including
heart trouble, the Express said.

While putting Russia's missiles on alert is seen as posturing
bluster, Britain's foremost independent nuclear expert, John Large,
warned it was a foolish manoeuvre, particularly in relation to the
millennium bug, for which it is feared Russia is still ill-
prepared.

"There was an unwritten agreement for both Russia and the US not to
deploy nuclear weapons before the Y2K period," he said.

"Even if the weapons themselves are OK - which I very much doubt
since their testing system has been effectively down and out for
three years - they would have to work within the strategic defence
system there which is full of Y2K glitches. There is no real need
for it - it is a risk they don't need to take.

"I am not suggesting that these nuclear bombs will go off on their
own, but we do expect to see the defence systems playing up a bit."

------------------------------------------------------------

6) Suddenly on January 3, 2000
------------------------------------------------------------

Dan Steele, EE

Your NON-Y2K-COMPLIANT PC makes it to January 3, 2000... but you
are cautious... you might STILL see some Y2K problems. You will
HAVE TO BE DILIGENT about any NEW SOFTWARE that you install,
download, restore from backup, FROM NOW ON.

BUT ... if your system IS Y2K-COMPLIANT and has the Netsavers
NET2000 Total Software Scanner installed, you can easily set up a
system wherein ALL NEW SOFTWARE IS SCANNED FOR Y2K PROBLEMS well
into next year. This will actually be required, we think.

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically
overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

You have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

7) Y2K Water Crisis
------------------------------------------------------------

This Dec. 10 press release from the Center for Y2K & Society lays
it on the line: U.S. cities are facing a water crisis.

LESS THAN HALF OF WATER SYSTEMS MAY BE PREPARED FOR Y2K Government
Panels Misinterpreted Key Information, Says Report Surveys of
drinking-water and wastewater facilities by industry groups
indicate that, at best, less than half these utilities are ready
for the year 2000 rollover, says a report released today by the
Natural Resources Defense Council and the Center for Y2K and
Society.

The most recent detailed industry survey by the American Water
Works Association (AWWA), the Association of Metropolitan Water
Agencies (AMWA) and the National Association of Water Companies
(NAWC), shows that only 20 percent to 45 percent of drinking water
systems were Y2K compliant as of June 1999. Even these low numbers
are optimistic: Of the approximately 55,000 U.S. drinking water
utilities, less than 1 percent have responded to an Y2K industry
survey.

AMWA's two-question follow-up survey of 118 utilities in September
was of little use because it failed to ask if respondents had
completed the final, critical phases of testing and implementation.

And the National Rural Water Association has not released any data
to the public from its recent survey.

The prospects for wastewater treatment are even worse. The most
recent survey of wastewater facilities, taken in July, indicated
that only 4 percent were ready.

Recent government reassurances about the Y2K readiness of drinking
water utilities have been based on a misreading of the industry
data.

The President's Council on Year 2000 Conversion and the Senate
Special Committee on the Year 2000 Technology Problem have both
said that, based on industry surveys, 92 percent of those
responding are "fully compliant." But e-mail correspondence from an
AWWA representative indicates that this figure refers to the
readiness of internal computer systems at the responding
facilities, and not to the state of readiness of the utilities,
themselves.

As for wastewater, the President's Council's final report
inexplicably omitted the Association of Metropolitan Sewerage
Agencies' survey showing that only 4 percent of these facilities
were ready.

In contrast, the Senate Committee's September report found AMSA's
survey results "a cause for great concern," and significant enough
to conclude that "we feel justified in saying we are alarmed by
these statistics."

A July 1999 General Accounting Office (GAO) telephone survey
underscores the lack of preparation by water utilities. GAO polled
21 U.S. cities, and found that only five of the seventeen city-
owned or -operated drinking or wastewater facilities were Y2K-
ready.

"While we cannot predict which or how many systems, this data
strongly indicates some drinking and wastewater facilities could
have Y2K-related problems," says Norman Dean, Executive Director of
the Center for Y2K and Society. "We urge people not to panic, but
to prepare, by storing a gallon of water per person per day for
approximately 10 days."

Y2K-related problems at drinking-water utilities might cause loss
of water supply or reduction in water pressure, lack of adequate
treatment and possible release of toxic or hazardous substances.
Wastewater facilities might discharge untreated sewage due to Y2K
failures.

In a prepared statement, Erik Olson of NRDC warns that the Y2K
problem may not be "over" on January 1, 2000. "Data corruption,
supply chain failures and gradual system degradation could cause
service interruptions for months and even into the next year," he
says.

In addition to recommending that consumers store water, the study
urged that the following steps be taken:

The Environmental Protection Agency should require states to update
their legally mandated water emergency plans to include Y2K. The
agency should also provide troubleshooting and resource teams to
utilities needing assistance with their Y2K plans.

The Senate Y2K committee should work with water trade associations
and relevant government agencies to ensure that information
regarding the Y2K status of individual water utilities is released
to the public.

Governors, mayors, and local officials should immediately update
their emergency drinking-water contingency plans to ensure they are
prepared for Y2K. Government officials, journalists, and citizens
should ask their utilities the 10 Questions for Water Utilities
Regarding Y2K that are appended to the report and included in this
release.

The Center for Y2K & Society -- a project of the Tides Center -- is
a Washington-based nonprofit organization whose mission is to
reduce the possible societal impacts of the Y2K problem.

The Natural Resources Defense Council is a national, non-profit
organization of scientists, lawyers and environmental specialists
dedicated to protecting public health and the environment.

Founded in 1970, NRDC has more than 400,000 members nationwide,
served by offices in New York, Washington, Los Angeles and San
Francisco. More information on NRDC is available at its Web
site, www.nrdc.org.

The full text of the report Y2K Risks in the Water Industry can be
found at www.y2kcenter.org/resources/centerpubs/ .

Link: http://y2kcenter.org/news/1210pr.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 90: 12/17/99
------------------------------------------------------------

Chronic Y2K Medicine, Y2K Panic

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index3.html

------------------------------------------------------------

Contents:

1) U.S. Tries Averting Y2K Panic
2) China Not Fully Prepared for Y2K
3) Chernobyl 'is millennial time bomb'
4) 219 US Embasies Told To Prepare for Power Outages
5) Y2K and Computer Viruses Could be Explosive Mix
6) Chronic Y2K Medicine

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) U.S. Tries Averting Y2K Panic
------------------------------------------------------------

TED BRIDIS, Associated Press

WASHINGTON (AP) - For people fearful that computers will crash on
New Year's Day, ATMs will run out of cash and traffic lights will
flash red, the White House has a message: These problems already
happen every day somewhere in the United States.

Moving to avert panic at the first sign of any outage related to
the Year 2000 problem, the Clinton administration sought to
reassure Americans by reminding them Monday that technology is not
infallible even without the complication of the Y2K bug.

Households spend 13 hours a year on average without electricity
because of power failures, said John Koskinen, President Clinton's
top Y2K expert. That does not include failures caused by bad
weather, which when they happen average outages of 72 hours.

One to 2 percent of the nation's 227,000 ATMs are inoperative each
day because of mechanical breakdowns or cash shortages, the White
House said. And as many as 15 percent of the nation's 180,000
gasoline stations typically remain closed on New Year's Day because
of lack of demand. And about 1 percent of traffic signals fail and
begin to flash red every day.

The administration worries that a disruption in power or other
essential service will immediately be blamed on Y2K, even though
the failures may coincide with the date rollover but otherwise are
related in no way to the computer glitch.

Koskinen warned that it may take hours or even days to determine
whether a failure is connected to Y2K.

[Ed.: Especially if they are trying to slow down reports so as not
to panic anyone]

The White House also is worried about the American public's
reaction to anticipated failures overseas in countries generally
recognized not to be as prepared as the United States. Most of the
world's time zones will move into 2000 hours before North America.

The United Nations issued a study Monday that cited a ``medium to
high risk'' that Y2K errors could harm public health and safety,
particularly in developing countries. The United Nations' own
coordination center predicted many Y2K mistakes, but it said
businesses and governments will experience only limited damage in
the early days of January.

It called the threat to human life small but ``not zero.''
Inconveniences could range from minor to loss of jobs because of
business collapses, it said.

Koskinen spoke a day before the Office of Management and Budget was
to release its final report on the U.S. government's readiness.
Koskinen said the OMB report shows only about 15 of its more than
6,000 most important computer systems remain inadequately repaired
and tested.

The OMB earlier estimated the government's cost to confront the Y2K
problem at $8.34 billion.

------------------------------------------------------------

2) China Not Fully Prepared for Y2K
------------------------------------------------------------

CHARLES HUTZLER, Associated Press

BEIJING (AP) - Not fully prepared for Y2K, China is accepting that
there will be some year-end computer failures, including the risk
of office towers shutting down, hospitals doing without advanced
surgical equipment and parts of the countryside going black.

China didn't begin work on the Year 2000 computer bug in earnest
until 13 months ago. So it had no choice but to resort to computer-
system triage, focusing money and manpower on critical government
agencies, major cities and industries while leaving the rest to
fend for themselves.

Officially, the strategy has paid off.

The government has said there will be no major disruptions as China
passes into the new year. Chinese and foreign economists claim that
any glitches - which are likely to be felt through the first three
months of 2000 - won't harm the economy.

But behind the optimism lies much unease and uncertainty.

In a country as vast as China, even the government's top Y2K
troubleshooter, Zhang Qi, admits she is not sure how smaller cities
are faring, and many businesses have remained blase despite
official pleading to take the threat seriously.

Y2K problems mainly afflict older computers and the microchips
running many machines that use only two digits to record the year.
By mistaking the ``00'' in 2000 for 1900, many computers could
crash or garble crucial data.

China is a latecomer to the Information Age so most of its
computers are less than 5-years-old.

Only the banking and aviation sectors run the large-scale mainframe
computer networks most susceptible to Y2K problems, said Guo Liang,
an Internet expert at the government-run China Academy of Social
Sciences.

While a relative rarity in a largely rural country where abacuses
are often used to check calculators' results, computers run many
essential services - and Y2K-related problems have already
occurred.

The Public Security Ministry, the national police force, had to
destroy thousands of passports it printed in January because their
five-year expiration dates read 1904, not 2004, a government
website said.

In the national banking system, computers that passed a nationwide
test of the switchover from Dec. 31-Jan. 1 failed when the clocks
were moved ahead to check for problems on next year's Leap Day,
Feb. 29, the central bank reported.

Similar problems cropped up in Beijing - hotels couldn't make
bookings for next year and property leases printed up incorrectly,
said Chen Xinxiang, a troubleshooter for the capital's Y2K task
force.

In keeping with the country's make-do approach, hospitals in
Beijing were ordered to inspect all equipment and mark those
suspected of having Y2K problems with a red tag. That equipment may
not be used over the sensitive New Year's period and again in late
February, Chen said.

``This was done in major hospitals, but we cannot vouch for smaller
ones,'' Chen said. He added that while planned surgeries may be
affected, emergency rooms have been ordered to make sure all
equipment and back-up generators are Y2K-safe.

Specialists in the sectors the government deemed critical rewrote
computer codes and rechecked the results, the government has said.

The national banking system, with deposits worth $1.2 trillion at
stake, has been declared a national model of preparedness but has
ordered paper records be kept as a back-up.

The civil aviation administration ran drills using short-wave
radios to contact airplanes in case communications systems at major
airports and air traffic control centers fail.

Testing outside those sectors, for example in the postal service,
has been less careful, experts familiar with the government's
efforts said.

Foreign firms have also complained that the government's
unwillingness to release information has hampered their efforts to
prepare.

Beijing and Shanghai only this month began verbally assuring
embassies and foreign firms that supplies of electricity, water and
gas will not be disrupted.

IT United asked 18 banks, insurers and electricity, water, gas and
phone companies for written guarantees, but Yang said all refused.

``We believe a written guarantee would be a legal one, and we have
to leave ourselves some space,'' said Zhang Xiaolu, director-
general of the State Power Corporation of China.

------------------------------------------------------------

3) Chernobyl 'is millennial time bomb'
------------------------------------------------------------

ROGER BOYES IN BERLIN

CHERNOBYL and two other ageing Soviet bloc nuclear reactors may
help to fulfil prophecies of millennial disaster if work is not
done swiftly to adapt their computers.

The head of the Vienna-based International Atomic Energy Agency,
Muhammad al-Baradei, has identified three nuclear plants that are
lagging seriously behind in preparing for the Year 2000 software
problem: the Medzamer reactor in Armenia and the Ignalina reactor
in Lithu-ania as well as the still-functioning reactor in
Chernobyl.

The locations have long been a headache for Western experts. Even
after considerable investment, the safety standards are well behind
those in the West. The Medzamer plant, consisting of two
pressurised light water reactors, is in an earthquake zone.It had
to be closed in early 1989 after an earthquake, but by 1995 it was
reopened.

Armenia is dependent on nuclear-generated electricity. Before the
re-opening, residents of Yerevan, the capital, were rationed to two
hours of electricity a day.

There are Western worries about the plant's ability to withstand
another earthquake, about the level of staff training and the plant
emergency planning. But Armenia's dependence on the reactor is such
that politicians refused to close it for tests or maintenance.

Computers are central to nuclear plant safety: they gather, compare
and contrast data received from the different stages of electricity
production and monitor temperatures and possible leakages.

Dr al-Baradei said the "millennium bug" problem in the atomic
energy sector of the former Soviet Union was due to lack of money -
maintenance is chronically underfinanced - and lack of adequate
planning.

The nuclear plant that attracts the most attention is Chernobyl in
Ukraine.

It was there that a meltdown in 1986 triggered the world's worst
nuclear accident. The people of Ukraine and Belarus are still
feeling the consequences of that disaster; much agricultural land
is irradiated and there has been a sharp increase in certain
illnesses.

The Chernobyl reactors are of the RBMK type - graphite-moderated
channel reactors. There are more than a dozen such reactors still
in operation in the former Soviet Union and the chief concern is
about the lack of a sufficiently large steel or concrete
containment structure to block large releases of radiation. At
Chernobyl, the plant's accident localisation system could not
cope with the force of the explosion.

Despite these and other misgivings, one Chernobyl reactor has just
reopened. It was closed for six days after leaks were discovered in
the secondary cooling system for radioactive water. Two other
reactors have been out of operation because of serious technical
defects. The fourth, which blew up in 1986, is buried under a
concrete sarcophagus.

A Chernobyl-style reactor is in operation in Lithuania. The
European Commission has demanded a closure plan for the Ignalina
reactor, threatening delays in Lithuania's entry to the European
Union unless it complies.

The first block has been active since 1983, the second since 1987.
Together they account for 85 per cent of the republic's
electricity. For the Lithuanians, the plant guarantees their
energy, and therefore political independence from Russia.

Electricity exported to Latvia and Belarus is also profitable.
There is no hurry to close the plant.

Despite the safety improvements, introduced largely with the help
of the Swedes, the West is growing increasingly nervous about the
reliability of the plant.

Weak links in the key Western reservations are:

* Accident mitigation systems are very limited.

* If cooling water is lost the reactors produce faster and less
stable nuclear chain reactions.

* All plants have inadequate fire protection.

* Electrical and safety systems are poorly separated.

* There is limited capability for suppressing steam in the graphite
stack.

Only precise computerised control can deal with these problems.
This will be under threat if the "millennium bug" problem is not
solved in the next fortnight.

------------------------------------------------------------

4) 219 US Embasies Told To Prepare for Power Outages
------------------------------------------------------------

http://www.state.gov/www/dept/irm/fs_990909_y2k.html

To protect against any potential negative impacts from Y2K
disruptions, the Department of State has formulated comprehensive
contingency plans, which called for assessments of every aspect of
our 219 embassies and consulates and Washington-based buildings and
annexes' Y2K readiness.

The Department sent out the "Post Contingency Planning Tool Kit" in
February, which addressed the potential resource gaps (equipment,
water, generators, etc.) that could result from Y2K-related
problems.

Again, posts assessed such host country scenarios as the effects of
loss of electricity, water shortages, failure of primary sources of
communications and other events, during the rollover period.

Each embassy had to determine how long they could continue
business operations and maintain the safety and security of their
staff, and indicated what additional resources would be needed to
maintain operations if serious problems developed in the host-
country infrastructure.

Presently, the individual regional bureaus are coordinating
contingency efforts with their respective posts.

------------------------------------------------------------

5) Y2K and Computer Viruses Could be Explosive Mix
------------------------------------------------------------

Dean Takahashi, THE WALL STREET JOURNAL

Already, experts have discovered at least two dozen viruses that
are triggered to go off on Jan. 1 or otherwise are connected to the
calendar change.

BASED IN BEAVERTON, ORE., Avert's new year will kick off at 7
a.m. PST on Dec. 31, which is when the clock will strike 12 and the
year 2000 first break near the Fiji Islands in the Pacific Ocean.

The game plan: to immediately identify, track and fix any
computer virus that springs up as the new year dawns. If a virus
releases its payloads on computers in Tokyo, they hope to race
ahead and stop it by the time clocks strike midnight in London,
eight hours later, or in San Francisco nine hours after that.

What is the team's concern? Already, experts have discovered
at least two dozen viruses that are triggered to go off on Jan. 1
or otherwise are connected to the calendar change. Some are even
deviously disguised as fixes for the so-called Y2K bug, a glitch
that may cause computers that recognize only the last two digits in
a year to confuse the year 2000 with 1900.

Moreover, experts fear some virus writers will devise devious
computer programs that mimic the trouble that could be caused by
the Y2K flaw, making detection difficult or confusing.

The combination of the Y2K bug and attacks by malicious virus
writers who may take advantage of vulnerable systems to unleash
other attacks could be an explosive mix, some security experts
warn. At least seven large companies plan to shut down their e-mail
systems during the date changeover just to avoid viruses, many of
which are spread via e-mail.

W95.BABYLONIA

Worry turned into reality recently with the surfacing of another
Y2K virus masquerading as a Y2K fix. Dubbed W95.Babylonia, the
virus is potentially dangerous, rather than just annoying, as many
are. Every 60 seconds, the virus checks a Web site in Japan that is
used by hackers and virus creators. If it finds something, it will
download a "payload," or instructions that potentially could cause
damage. But the Web site has been shut down.

Two weeks ago, another virus with a Y2K trigger date surfaced. This
virus, called W32.Mypics.Worm, spreads via e-mail, disguising
itself with the ruse of "here's some pictures for you." If a user
clicks on an attachment to the message, the virus sends a copy of
itself to 50 correspondents found in the user's personal address
book. On Jan. 1, 2000, it will try to erase the user's hard drive.

Mudge, a self-proclaimed hacker with computer-security firm L0pht
Heavy Industries Inc., says companies should be on the alert for
free-lance programmers they hire to fix Y2K problems. He says he
knows several programmers who have been hired whose motivations he
considers suspect.

Virus writers are finding new ways to unleash damage. In March, the
Melissa virus took advantage of automated programs known as macros
and e-mail directories to spread at exponential rates. Combined
with clever "social engineering," viruses can be disguised as an
attachment from a familiar source, making it more likely that a
user will open it and trigger the virus.

The recent Explore.Zip and Minizip viruses alter the content in
spreadsheet or word-processing files, damaging them without any
chance of backup recovery. They also can infect machines that share
hard-disk drives, raising the prospect of damage to a user's
machine if a neighbor doesn't practice "safe computing." It is
easier than ever to write a virus. By simply downloading virus-
writing software and plugging in dates, virus writers can score
sporadic, devastating hits.

It may never be known whether virus writers are conspiring on Y2K
triggers. An October report by Carnegie Mellon University's
Computer Emergency Response Team predicted that technicians will be
so busy fixing bug problems that they won't be able to distinguish
between "genuine Y2K events" and "malicious intrusions."

The report added: "The authors can envision the relatively wide
dissemination of several new, possibly destructive viruses, and the
successful exploitation of both corporate and national-security
information systems." But even those worst-case scenarios "reflect
the same kinds of malicious activity that is seen and acted upon
today," the report read.

In other words, although there may be more of them, a Y2K virus may
be no more destructive than viruses that pop up every day.

About 1,000 viruses - some with kooky names such as "Bubble Boy"
and "Mad Cow" - are released every month, and most cause just minor
annoyances. "We're advising our customers to update their antivirus
protection on a daily basis, whereas before they might have done it
once a week or once a month," says Narender Mangalam, director of
security at Computer Associates Inc., a big software maker in
Islandia, N.Y.

Still, the CERT report notes that "significantly enhanced media
attention and hype" will stir virus writers to action at year end.

Whether or not chaos strikes, antivirus companies will be staffed
New Year's Eve to deal with panicky customers. Trend Micro will
have staff on hand in Japan, the U.S., and Germany. Network
Associates will double the size of its antivirus staff, sending
hundreds to five locations around the globe. Many will be taking
calls from customers or monitoring Internet chat groups that virus
writers frequent.

------------------------------------------------------------

6) Necessary Chronic Y2K Medicine
------------------------------------------------------------

Dan Steele, EE

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that
REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically
overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

Do you have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

When is the last time that you had to do a major re-installation of
application software? Application failures usually occur at the
worst times, too. Got a good Y2K-compliant backup? Really??

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 91: 12/20/99
------------------------------------------------------------

MIT's Advisory on Y2K: Beware

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) MIT's Advisory on Y2K: Beware
2) British Police Bracing for Y2K Meltdown
3) Y2K Non-compliance Symptoms
4) PORTABLE GENERATORS and Y2K
5) Last Minute Y2K Fixes

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) MIT's Advisory on Y2K: Beware
------------------------------------------------------------

Peter J. Howe, Globe

AMBRIDGE - If any organization in the world can be counted on to be
ready for the Y2K computer bug, it should be the Massachusetts
Institute of Technology, home to more technologically brilliant
people per acre than maybe any place.

And while some critics already contend that alarmists have
overhyped the risk that the date change-over to Jan. 1, 2000 will
cause computer chips to go berserk, MIT officials are taking
nothing for granted.

MIT has not gone into panic mode, but given the technology
brainpower it represents, the institute's preparations could serve
as a warning to the rest of the world not to downplay the
possibility Y2K could bring serious computer mishaps, power
failures, and technological breakdowns.

In other words, beware.

Besides ensuring an ample supply of flashlights, cots and blankets,
and hiring elevator technicians to be on site on New Year's Eve,
institute officials are urging that every one of MIT's estimated
20,000 computers and servers that can be shut down be turned off no
later than Dec. 30, a full day before computer clocks begin
flipping over to 2000.

''If you don't need the machine on and you shut it down, you have
that much more time to deal with any issues that come up,'' said
Gerald Isaacson, who is leading Y2K efforts for MIT.

While it is far from an official dictate, MIT's recommendation
seems to reflect a growing consensus among computer experts that
people who can should avoid having their computers on and avoid
surfing the Web or logging on for electronic mail during the time
the world's clocks change over to 2000 - what some specialists call
''crossing the millennium boundary.''

''I think it's a smart piece of pragmatic advice that MIT is giving
its community,'' said Gary Beach, publisher of the 135,000-
circulation CIO magazine in Framingham, a publication for top
computer systems managers.

Because Jan. 1 will arrie in New Zealand as early as 7 a.m. Eastern
Standard Time on Dec. 31, and any problems there could ripple
across global computer networks, Beach said, ''I would advise
people here to turn off their computers no later than 7 a.m. on the
31st and kick them back on the morning of Jan. 2. ''

Ken Donoghue of Stratus Computer Corp. in Maynard, which manages
systems that must run around the clock every day for critical uses
such as processing credit card and banking transactions, said he
also thinks MIT's advice is wise for those who can heed it.

''If it's not going to affect your ability to do business, why not?
What's the downside?'' Donoghue said.

In order not to lose MIT's trove of pioneering research, the
institute, which estimates it has more than 2,200 research labs and
facilities, is also urging professors and students to back up data
no later than Dec. 30 on a central storage system. Automated
transfers of data to the storage system regularly scheduled for the
31st of each month are being moved up 12 hours to begin at 6 a.m.
on Dec. 31.

The Y2K issue relates to fears about the date changing over from
12-31-99 to 1-1-00. Some computers and microchips found in
everything from automobiles to appliances might read the new two-
digit date, ''00'', as being 1900 rather than 2000, and shut down
or malfunction.

The theory behind shutting computers off well ahead of that date
change is that should a problem develop, it would be far easier to
fix when rebooting the computer a day or two after the new year
than it would be if the computer were on, connected to the Net, or
running a program at the moment the date changes.

Some specialists also fear that computers will be exposed to
computer viruses sent by electronic mail timed to wreak havoc on
Dec. 31.

Last month, university executive vice president John R. Curry
issued a lengthy set of warnings and recommendations that filled
two pages of the institute newspaper ''Tech Talk.''

MIT originally planned to shut down all its elevators for 30-minute
periods straddling both the Greenwich Mean Time change to 2000,
occurring at 7 p.m. New Year's Eve in Boston, and again for 30
minutes beginning at 11:45 p.m. on the 31st.

That plan was based on fears that power failures related to Y2K
could leave someone stuck between floors if they happened to be
riding an elevator right as midnight arrived in London or Boston.
Tests have shown the computer chips in elevator microprocessors
throughout the campus are fine, and MIT's own power plant, which
serves most of the campus, is expected to be fully Y2K-ready,
Isaacson said.

Isaacson said officials have since concluded that ''the cure may
have been worse than the potential problem'' and will leave
elevators running all of New Year's Eve. But, he said, ''We have
elevator mechanics who are normally on call who will be on site''
to work on any problems that arise.

Curry also warned researchers that ''it may be safest to curtail
[if possible] the more hazardous experiments during the transition
weekend, as safety systems and emergency response resource
capabilities may be strained.'' It also urged scheduling hazardous
waste pickups early.

In an interview, Curry said, ''It's awfully hard to prepare for
everything that's unforeseen,'' and added that ''we have to be sure
there's not a psychological snowballing. Things go wrong in our
labs every weekend. Things go wrong on our desktops every day.
We've got to be sure we understand what's really inherently Y2K''
if any problems arise over the New Year's holiday.

All of MIT's residence halls already have cots and blankets in case
of a power failure or civil disaster unrelated to Y2K. Just to be
safe, however, MIT officials, with help from a crew of students
hired to help on New Year's Eve, will be setting many of them up
ahead of time.

One factor that helps the situation is that most of MIT's 9,900
students will be gone for vacation starting next week.

However, many people on the MIT campus are less than anxious about
Y2K. Frank Dabek, a senior from Cincinnati who is editor of the
student newspaper ''The Tech,'' said, ''I certainly don't plan to
turn my computer off over the holiday, but for people who can, it
certainly wouldn't hurt.''

''People that I've interacted with are not worried'' about Y2K,
Dabek said. ''Most people are more worried about finding a good New
Year's Eve party.''

And CIO publisher Beach said, ''Why would anybody want to be
sitting at their computer on New Year's Eve unless they absolutely
had to?''

------------------------------------------------------------

2) British Police Bracing for Y2K Meltdown
------------------------------------------------------------

Lead Article in London Y2K is a bigger story in the British press
than it is in the U.S. press. It always has been.

The Financial Times and the Times have consistently run articles on
Y2K. The article published Dec. 18 in the Times of London said
police are braced for a New Year meltdown. Casualty units are
doubling the number of doctors on duty and making plans to cope
with anything from injured drunks to terrorist attacks.

The biggest known threat to public safety is the unprecedented 36
hours when pubs and bars will be allowed to serve alcohol - from
11am on New Year's Eve to 11 p.m. on New Year's Day.

The unpredictable danger is posed by the so-called Millennium Bug.
Although few now fear the computer glitch will cause chaos, a
police officer has been sent to Sydney, 12 hours ahead, to observe
any problems in Australia and report back to Scotland Yard.

The Times said British officers on attachment to embassies in the
Far East and Middle East will also alert London. Government
ministries, commercial institutions and the oil and mining
industries have ordered satellite telephones in case communications
break down.

The scale of the potential threat can be measured in the size of
the police operation, with an estimated national bill of ·50
million. Almost every force in the country has cancelled all leave
for the millennium celebrations.

According to The Times, the Metropolitan Police force is putting
12,000 officers on duty in London - on a normal Saturday night,
there are fewer than 500 on the streets of the capital.

New Year's Eve typically sees just 1,600 officers on duty. Crowds
of up to 3.5 million are expected in the centre of the capital,
according to the latest government and police estimates. No other
city in the world is planning millennium celebrations on the scale
and complexity of London.

Scotland Yard is organising the largest public safety operation
mounted in Britain and providing an emergency liaison centre for
the whole country. The weather forecast suggests a mild night,
which will help to swell the crowds.

The main concern is crowd control and safety. The alert for an
attack from Irish republican groups is still high but the threat
has receded slightly. Latest intelligence assessments suggest there
is little danger from millennium cults.

Ian Johnston, the Assistant Commissioner in charge of the
millennium policing operation, said: "The big challenge will be
the great movement and unpredictability of crowds." Most traffic
will be banned from Central London in the hours around midnight.
Only people working or living in the area will be allowed access by
car.

Link: http://www.the-
times.co.uk/news/pages/tim/99/12/18/timnwsnws01031.html?999

------------------------------------------------------------

3) Y2K Non-compliance Symptoms
------------------------------------------------------------

Dan Steele, EE

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

Do you have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

4) PORTABLE GENERATORS and Y2K
------------------------------------------------------------

A large number of people have gotten a Portable Generator (10,000
watts or less) to help offset power outages that are expected
during the Y2K Crossover and beyond.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

5) Last Minute Y2K Fixes
------------------------------------------------------------

**Complete Y2K Information for Windows 98 systems:
http://suttondesigns.com/NetsaversCenter/Y2k/y2kwin98.html

**Complete Y2K Information for Windows 95 systems:
http://suttondesigns.com/NetsaversCenter/Y2k/y2kwin95.html

**Complete Y2K Information for Windows 3.X systems:
http://suttondesigns.com/NetsaversCenter/Y2k/y2kwin3x.html

The Y2K Hardware Clock fix and Software Applications Fix

http://home.cnet.com/software/0-3662-7- 1481532.html?st.cn.3662-7-
1481527.txt

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 92: 12/23/99
------------------------------------------------------------

Threat of Net Attack Mounts

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Detroit: Fill Your Bathtub With Water
2) Wells Fargo Sends CD Notices: Jan. 1, 1900
3) Nations Ranked by Y2K Stability
4) Threat of Net Attack Program Mounts
5) Y2K Non-compliance Symptoms
6) Security Hole Found in Norton Antivirus 2000
7) Last Minute Y2K Fixes

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Detroit: Fill Your Bathtub With Water
------------------------------------------------------------

Here is some down-to-earth advice for Y2K: fill your bathtub with
water. Do it before Dec. 30.

The Detroit water system says it's been working hard for years to
get ready for the new millennium. But just in case, it wouldn't
hurt to fill the tub on New Year's Eve, the Associated Press
reported in a Dec. 21 story published by the Detroit Free Press.

Nearly half of Michigan residents rely on the Detroit Water and
Sewerage Department -- about 4 million customers in 126
southeastern Michigan communities.

The department said it has been working since 1997 to eliminate any
problems related to Y2K computer glitches and make sure that water
service continues without interruption.

In a statement, it said it "has put in place a Y2K readiness team
as well as a six-step plan to address Y2K issues as recommended by
the U.S. Environmental Protection Agency."

The water department said it has spent more than $50 million on Y2K
preparedness, the AP story said.

Even so, it is urging people to take some precautions:

--Storing three days worth of emergency water. It recommends one
gallon per person per day.
--Filling the bathtub with water no later than 10 p.m. Dec. 31 for
use in washing and flushing the toilet.
--Conserving water if pressure lowers.
--If electricity fails, turning off the water at the water meter to
prevent frozen pipes.

http://www.freep.com/news/statewire/sw3049_19991221.htm

------------------------------------------------------------

2) Wells Fargo Sends CD Notices: Jan. 1, 1900
------------------------------------------------------------

Wells Fargo sent out renewal notices for its certificates of
deposit. The renewal date: Jan. 1, 1900.

The bank refuses to say how many were sent.

Bank officials blame a vendor. One official says -- I am not making
this up -- that this may not have been a Y2K-related error. It may
have been just a routine error.

Banks and their regulators had just about soothed everyone's fears
of a financial Y2K meltdown when the ball drops in a couple weeks,
stressing the millions of dollars and thousands of hours they have
spend addressing the problem, says a Dec. 20 article published by
the San Francisco Business Times.

Then the certificate of deposit renewal notices went out from Wells
Fargo.

At least some customers with CDs about to expire received notices
last week that their accounts will come up for renewal in January -
- January 1900, that is.

Wells refuses to say how many customers received the faulty
computer-generated notices. It blames the glitch on a statement-
printing vendor whose computers had a tough time translating Wells'
computer tapes.

The goof was discovered Dec. 13, Conway said, and Wells will mail
corrected statements with a note of apology by year's end.

"I don't even know if this is a Y2K incident," Conway said. "When
statements are printed, there are occasional errors made in the
documents. This could very easily be a routine kind of error."

[Ed.: Sure. right.]

------------------------------------------------------------

3) Nations Ranked by Y2K Stability
------------------------------------------------------------

International Monitoring (IM), a technology consulting group based
in Britain, has ranked nations around the world according to their
preparedness for Y2K.

The firm sought third-party verification of each government's
reports on cleansing computers and embedded circuits of the
millennium bug, and it based its ratings on the risk of disruptions
in a given country's power, telecommunications, finance and
transportation infrastructures.

IM predicts 10 percent of Y2K failures will occur on Jan. 1, with
most of the rest occurring in the days and weeks that follow.

Nick Gogerty, an IM senior analyst, thinks the majority of bug-
related troubles won't be directly related to systems failures but
rather follow-up events.

"Most large system errors, and we've done research on this, aren't
purely technical in nature," he says. "They involve two or three
coincidental errors. So it's technology failing followed on by
human error."

The rankings:

Best prepared (least at risk):

Bermuda, Chile, Canada, United States, Australia, Hong Kong,
Singapore, Denmark, Ireland, Netherlands, Sweden, Switzerland,
Britain, Israel.

Better prepared:

Benin, South Africa, Bahamas, Barbados, Grenada, Mexico, Panama,
Puerto Rico, Trinidad & Tobago, Fiji, Japan, New Zealand, South
Korea, Sri Lanka, Taiwan, Thailand, Belgium, Finland, France,
Germany, Hungary, Norway, Portugal, Spain, Syria.

Moderately prepared:

Italy, Lithuania, Macedonia, Poland, Ukraine, Yugoslavia, Bahrain,
Iran, Jordan, Kuwait, Lebanon, Morocco, Saudi Arabia, Sudan,
Tunisia, United Arab Emirates, Yemen, Colombia, Costa Rica, Haiti,
Honduras, Jamaica, Paraguay, Peru, Suriname, Uruguay, Venezuela,
China, India, Indonesia, Malaysia, Myanmar, Nepal, North Korea,
Pakistan, Philippines, Armenia, Austria, Bulgaria, Czech Republic,
Georgia, Greece, Botswana, Cape Verde, Chad, Republic of Congo,
Djibouti, Eritrea, Ghana, Kenya, Malawi, Mauritania, Mauritius,
Mozambique, Rwanda, Seychelles, Tanzania, Argentina, Brazil,
Dominica, Dominican Republic.

Less prepared:

Central African Republic, Congo (former Zaire), Ethiopia, Guinea,
Guinea-Bissau, Lesotho, Namibia, Nigeria, Senegal, Swaziland,
Gambia, Bolivia, Ecuador, Guatemala, Cambodia, Laos, Samoa,
Vietnam, Albania, Bosnia, Croatia, Estonia, Latvia, Romania,
Russia, Turkey, West Bank & Gaza Strip.

Worst prepared (Most at risk):

Liberia, Madagascar, Niger, Somalia, Belize, El Salvador,
Bangladesh, Moldova, Tajikistan, Egypt, Oman, Qatar.

Inadequate information:

Angola, Burkina Faso, Burundi, Cameroon, Comoros, Ivory Coast,
Equatorial Guinea, Gabon, Mali, Sao Tome & Principe, Sierra Leone,
Togo, Uganda, Cuba, Guyana, Nicaragua, Azerbaijan, Macau, Mongolia,
Papua New Guinea, Tonga, Belarus, Cyprus, Iceland, Kazakhstan,
Kyrgyzstan, Slovakia, Slovenia, Turkmenistan, Uzbekistan, Algeria,
Iraq, Libya.

------------------------------------------------------------

4) Threat of Net Attack Program Mounts
------------------------------------------------------------

Stephen Shankland, CNET News.com

A new and potentially more dangerous version of an Internet attack
program has been posted just in time for the holidays, and another
is on the way.

A new version of a malicious program called the Tribe Flood Network
(TFN) is more powerful and harder to detect than an earlier
version, according to experts. And an updated sister program called
Trinoo is due to be released next week.

Few incidences of their use have been publicly acknowledged, but
experts are warning sites to prepare against attacks that may
coincide with New Year's. Widely anticipated problems owing to the
Y2K computer glitch may provide cover for other mischief.

The program works like this: A TFN attacker secretly embeds
software into hundreds of computers. Then, at a selected time, a
command is issued that prompts the infected computers to swamp a
target Web site or server with messages in a method of attack
called "denial of service."

The program doesn't damage the "infected" computers or the target,
but the sudden flood of messages typically knocks out the target
system.

Although it's possible for target computers to protect themselves
by ignoring messages from attacking computers, it's hard to
identify which computers are attacking--especially when there are
hundreds. This fundamental vulnerability of networked computers
makes protecting against denial-of-service attacks extremely
difficult.

The existence of TFN was reported earlier this week. The new
variant, called TFN2K, is potentially more dangerous in that it can
enlist machines based on both the Windows NT and Unix operating
systems to deliver the flood of messages, according to Gia Threatte
of the Packet Storm Web site, which publishes security-related
software so system administrators can protect against attacks and
intrusions.

TFN2K also adds the ability to act on a single command, a
stealthier mode of operation than the previous version (which
required the controller to send a password), and encrypts
communications, making the infecting messages harder to detect,
Threatte said.

Further, TFN2K sends decoy information to throw hunters looking for
the source off the scent.

The purported author of the TFN family, who goes by the name
"Mixter," sent a version of TFN2K to Packet Storm. Packet Storm
said it also expects a new version of Trinoo from Mixter.

With the new software being released now and the "2K" allusion to
the new year in the name of the program, it appears that a computer
attack could occur during the holidays.

"I don't really think you're going to see any serious attacks using
this until New Year's," Threatte said. On Jan. 1, though, people
likely will try to "cause a little mischief," she said.

Other security watchers concur. The consensus of a Year 2000 bug
workshop at Carnegie Mellon University's Computer Emergency
Response Team was that "it is possible that intrusion attempts,
viruses and other attacks will be focused on the time around 01
January 2000 under cover of Y2K incidents," CERT said.

CERT has warned, "We are receiving reports of intruders
compromising machines and installing distributed systems used for
launching packet-flooding denial-of-service attacks." CERT said
that attackers generally gained unauthorized access to these
computers through well-known weaknesses, reinforcing the message
that system administrators must stay up-to-date on keeping their
systems secure.

Detection of attacks and their ultimate source isn't easy. Trinoo
and the TFN family obscure the address of the actual attacker by
hiding the person in control behind two layers of computers. The
attacker lays the groundwork by breaking in to several computers,
installing master software on some and attack software on others.

When it's time for the attack, a message is sent to the master
computers, which in turn is relayed to the drone computers that
do the attacking by flooding the target with "packets" of
information.

Compromised computers that can be infected with the attack software
have become a kind of currency, with attackers trading names and
information about them over Internet Relay Chat ( IRC )
discussions, Threatte said.

Threatte defended Packet Storm's philosophy of publishing attack
software for all to see. "If we don't make it available, there's no
way you can protect against these things," Threatte said. Sprint,
for example, recently called upon Packet Storm's information to
more quickly fend off an intruder.

Other, more dangerous versions of distributed attack software are
circulating, but Packet Storm doesn't have them, so they're harder
to detect, Threatte said.

Packet Storm, a five-person group based in Palo Alto, Calif., is no
stranger to controversy. It's now owned by security consultants
Kroll-O'Gara after being embroiled in a debate with its former home
at Harvard University and hacker chronicle site AntiOnline.

Threatte foresees a time when coordinated denial-of-service is more
serious. "Distributed attack tools right now are kind of in their
infancy," she said.

New improvements could involve a self-replicating "worm" version
that would automatically spread the attack software to new
computers. After several generations of spreading, the worm could
erase itself from the original computers used to launch the worm,
severing ties with the true origin. The worms could monitor several
sites on the Internet for a sign that triggers the time and target
to attack.

------------------------------------------------------------

5) Y2K Non-compliance Symptoms
------------------------------------------------------------

Dan Steele, EE

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

Do you have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://www.suttondesigns.com/NetsaversCenter/index4.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

6) Security Hole Found in Norton Antivirus 2000
------------------------------------------------------------

'We do not intend to create a "patch" since the issue is one we
understand and do not view as a "bug" or security flaw.'
- MARIAN MERRITT, Symantec

THE PROBLEM is twofold. Confirmed by tests conducted at KeyLabs, a
technique employed by Norton AntiVirus 2000 on Windows 95/98/NT,
which can scan e-mail messages in real-time, unfortunately leaves a
TCP/IP port wide open to Internet-borne attackers. What's
more, the AntiVirus 2000 application left guarding the port itself
is assailable and can in certain situations crash the host machine.

On paper, Norton's idea of automatic e-mail virus scanning
sounds compelling. The open port used by AntiVirus 2000 houses a
Post Office Protocol (POP) server, which acts as a proxy for the
actual POP server. When you download an e-mail message, the proxy
stands between you and the real POP server, giving AntiVirus 2000
the time and leeway it needs to scan the incoming stream for virus
signatures.

But this technique creates two potentially dangerous situations.
First, it makes your computer visible on the Internet, thereby
creating an open invitation to hackers. "Hackers scan a range of IP
addresses," explained computer consultant Timothy J. McNitt. " If
they find a POP server, they start poking."

Second, the proxy application that runs on this port (port 110) can
act as an entry point for attackers. KeyLabs testing uncovered a
number of buffer overrun vulnerabilities within the proxy server
(called POProxy).

"By sending a string of more than 256 characters to the server from
a telnet application within the USER command," stated BugNet
engineer Ken Brady, "we could repeatedly crash POProxy."

More interestingly, by telling AntiVirus 2000 to temporarily
suspend e-mail virus scanning, and then sending a series of telnet-
borne buffer overrun statements to the proxy server on port 110,
BugNet testers were able to crash the Windows 98 SE host - though
with no consistency.

The situation on Windows NT doesn't get much better. According
to tests conducted both at KeyLabs and w00w00 Security Development
(WSD), a buffer overrun statement sent to POProxy on a Windows NT
machine will cause Dr. Watson to push CPU processor utilization to
100 percent for approximately 30 seconds before crashing POProxy.

Symantec is aware of AntiVirus 2000's behavior. "In Norton
AntiVirus 2000, we do make a port available when we implement the
e-mail scanner," said Marian Merritt, group product manager. "And
whenever you make a port available, you open a potential security
hole." However, Symantec maintains that such behavior does not
warrant an action. " We do not intend to create a 'patch' since the
issue is one we understand and do not view as a 'bug' or security
flaw," Merritt continued.

According to Symantec, POProxy is a "pass-through" proxy
server, which doesn't store any account information or grant any
access to the local file system or to any e-mail accounts on the
real POP server.

If IT managers are still concerned, the company suggests that they
instruct their firewalls to simply disallow all incoming POP
connections. This will ensure that outsiders can't scan for open
POP ports.

For users like McNitt, however, it's not just corporations
that need to worry about this sort of vulnerability. Home users,
who utilize static IP addresses through high-speed connections
(DSL, cable modems, etc.) also need to worry about attracting the
wrong kind of attention.

"If you don't have an internal network and you have file
and print sharing turned off, someone from the outside can't see
you, but that would all change, if you install [AntiVirus 2000's]
POP proxy," he said. "I get random port scans all the time for my
home computer."

If you're concerned about AntiVirus 2000's port policy, you can
merely disable e-mail scanning as follows:

From your Start menu, open Norton AntiVirus 2000.
Click on the Options pull-down menu.
Remove the check mark from the Enable Email Protection checkbox.
Click OK and close Norton AntiVirus 2000.

This will close POProxy and port 110. So, if you want to scan
incoming e-mail message attachments, you'll have to save them to a
temporary folder and then use AntiVirus 2000 to scan those files
for viruses.

You'll also have to hold your breath whenever an automatic e-mail
virus comes out. "If more viruses like Bubble Boy come through,
which don't even require that you open the message, then you'll be
at their mercy," added McNitt.

Even if you disable e-mail scanning, because you can't always
predict an application's behavior, we recommend that you routinely
scan your PC for open TCP/IP ports. You can easily point your
browser to an online scanning service, such as Steve Gibson's
Shields Up!, for example, to see which ports are open, closed, or
operating in stealth mode.

------------------------------------------------------------

7) Last Minute Y2K Fixes
------------------------------------------------------------

http://download.cnet.com/downloads/0-10106-108-
49295.html?st.cn.3662-7-1481532.txt.10106-108-49295

Netsavers NET2000 Total Y2K Software Scanner:
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 93: 12/27/99
------------------------------------------------------------

Getting Internet Ready for Y2K

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Getting the Internet Ready for Y2K
2) CERT Warns Of Incoming Web Attacks
3) Microsoft Claims It's Ready for Y2K
4) Y2K Non-compliance Symptoms
5) AOL 5.0 Unplugs Other Internet Providers
6) Last Minute Y2K Fixes

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Getting the Internet Ready for Y2K
------------------------------------------------------------

DAVID L. WILSON, Mercury News

WASHINGTON -- The people in charge of the Internet would very much
appreciate it if you could refrain from hysteria on New Year's Day
in the unlikely event that your favorite Web site appears to be
ignoring you. Thank you for not panicking. Have a nice millennium.

``There are probably going to be some things that break. But the
things that are going to break are going to be things that we
didn't think about because they're not important,'' said Mike Todd,
president of the Internet Society's Los Angeles chapter, which is
helping the U.S. government monitor Y2K's effect on the Internet.

Todd is part of the national effort to make sure nothing
exceptionally painful happens due to the bug, which will give many
unmodified computer systems the equivalent of a nervous breakdown
because they'll think the ``00'' date in their systems means it's
1900, not 2000.

Officials say they're convinced that they've patched all the
critical software problems, and any new ones discovered next week
will be quickly repaired.

The Internet Society's Los Angeles chapter is working with a host
of other groups as part of the Y2K Cyber Assurance National
Information Center, an effort coordinated by the White House to
monitor and report on Y2K-related Internet and computer problems
around the world.

The world's top geeks say that no serious problems are expected on
the Internet, though some glitches will doubtless crop up.But it's
important to remember that the Internet can be pretty buggy on an
average day. Users are painfully accustomed to Web sites that
operate at sub-snail speeds and e-mail that mysteriously bounces
back from perfectly valid addresses.

Experts fear that any glitch in the works after 1999 will be
attributed to the Y2K bug, which is why they are emphasizing the
need for everybody to remain calm.

Todd and an army of high-tech gurus will be watching the Internet
very closely to correct any problems before they snowball into an
avalanche. Their nightmare scenario is that a bunch of small
failures lead to other, larger failures that could theoretically
bring any system involved to a grinding halt.

The experts say that's not going to happen. The portion of the
Internet in the United States is considered extremely Y2K-
compliant. The international pieces of the Net do face some
problems. But even if a wave of failures starts building overseas,
the ubergeeks who'll be monitoring things will try to isolate the
problem until it's fixed.

A number of U.S. institutions are being extremely cautious and
actually disconnecting from the Internet on New Year's Day. Even
the federal Office of Personnel Management plans to pull the plug
for a few hours, depriving federal employees of access to
electronic information about their benefits for a few hours.

Princeton University will also be off the Internet from 11 p.m.
Dec. 31 until 6 a.m. Jan. 1. ``The university is closed for the
weekend anyway,'' said Ira H. Fuchs, vice president for computing
and information technology at Princeton. ``I certainly think we're
prepared in terms of our own systems and Y2K stuff. But since we're
closed, what's the harm?''

Some, especially those selling security systems, have darkly
suggested that the real danger over the New Year is that computer
``crackers'' -- malevolent hackers who break into systems -- will
try to exploit Y2K confusion or glitches to launch attacks on
computers around the world.

The federal government was once very concerned about this issue,
but now the nation's top Y2K czar says the government has no
evidence that anybody in what's known in security circles as ``the
intruder community'' has any specific plans for New Year's, either
to trigger viruses or to break in to systems.

``At this point we think that there is no significant evidence that
we are going to have increased attacks,'' said John Koskinen, who
chairs the President's Council on Y2K Conversion and is in charge
of the Information Coordination Center, which will be managing all
the information about the rollover developed by groups like those
headed by Todd.

Koskinen said attacks occur every day on the Internet, and in that
sense he expects Jan. 1 to be like any other other. But, he added,
many members of the intruder community launch attacks on systems to
help make them safer. These so-called ``white hat'' hackers tell
system administrators about flaws in their security. Koskinen said
he hopes the white hats will take some time off.

``If anyone out there would like to see if they could take the
Internet down, this would not be a helpful weekend to
demonstrate,'' he said dryly.

``We would like to have them do that on some other occasion,
because obviously those interested in the Internet and other issues
have enough issues going on that weekend. That won't be a helpful
time to try to demonstrate any particular system weaknesses.''

Todd thinks things are so solid in terms of Y2K fixes on the
Internet that he expects the vast majority of any network hiccups
to be due to the standard techno-hooligans. ``If things happen, I'm
going to suspect troublemakers,'' he said.

There is one thing Todd is worried about, however. Internet servers
all use software programs to translate Internet addresses like
auntfrances@... into the string of numbers needed by the
computers that pass data from one box to another across the Net.

In some parts of the world that are relatively new to the Internet,
systems use older versions of the name conversion software that
might not be Y2K ready. Todd said it's possible that we'll see some
failures early Friday morning California time in parts of world
using the older software. But he doesn't expect U.S. users to be
affected, unless they're trying to communicate with an area that's
experiencing problems.

How confident are the tech guru? They're going to begin monitoring
the rollover late in the evening Thursday, well before New Year's
Day in New Zealand, which will be the first industrialized country
making the transition. (When the new year arrives in New Zealand,
it will be 3 a.m. Friday in California.)

They will maintain continuous telephone contact with each other and
monitor a shared trouble reporting system that will be available to
those with the proper password and Web access. They've also got
alternative wireless communications methods set up if both those
systems become inoperable.

------------------------------------------------------------

2) CERT Warns Of Incoming Web Attacks
------------------------------------------------------------

Dick Kelsey, Newsbytes

Within days Web sites may come under attack by two powerful,
elusive intruder programs that bombard sites and servers with
denial-of-service messages, according to computer network security
experts at Carnegie Mellon University's CERT Coordination Center.

The Tribe Flood Network (TFN) and the new Trinoo are currently
under development and are being deployed on the Internet, says
CERT.

"It's a bandwidth denial of service attack designed to consume
available resources on the target's Internet connection," says
Kevin Houle, CERT incident response team leader.

CERT warned on its Web site today, "We have received reports of
intruders installing distributed denial of service tools. Tools we
have encountered utilize distributed technology to create large
networks of hosts capable of launching large coordinated packet
flooding denial of service attacks."

As the world braces for computer and Internet bugaboos associated
with the arrival of the new millennium, Houle says he's not sure
that TFN and Trinoo will wage a mass attack when the clock strikes
12. He says the attacks won't bring down the Internet but they
could cause serious problems for thousands of systems.

To launch an attack, software secretly embedded into hundreds of
computers by TFN is triggered at a specific time, swamping its
targets with denial of service messages.

The Trinoo network is made up of a small number of servers, or
masters, and numerous clients called daemons, says Houle.

"The intruder communicates with the master and the master carries
them out by giving instructions to the daemons," Houle told
Newsbytes. "Then the daemons generate attacks by sending traffic to
a target computer."

The newer system carries more potential for damage because it can
use computers on Windows NT and Unix systems to circulate the
messages.

In all, CERT said, there have been 50 to 100 reports of such
attacks involving thousands of systems. In one, several hundred
daemons that targeted a major university disabled the school's
Internet connectivity for several days.

Finding and destroying master programs is the key to bringing down
an intruder system, but it requires time-consuming, expensive
forensic work, says Houle. By then, the damage is done, he said.
Further, the target may have initial connectivity problems, making
it unable to rely on the Internet for help.

CERT recommends emergency out-of-band communications procedures
with upstream network operators or emergency response teams in the
event of a debilitating attack.

------------------------------------------------------------

3) Microsoft Claims It's Ready for Y2K
------------------------------------------------------------

ASSOCIATED PRESS

Ballmer will be on the phone first thing in the morning on New
Year's Eve, talking with Microsoft's Asian offices and getting an
indication of how Microsoft products, and the world, is handling
the rollover to the year 2000.

"In a way, I'm excited. I'm looking forward to it," said Don Jones,
head of the company's Y2K efforts. "I think we're excited to see
all of our work pay off."

Over the past two years, Microsoft has worked to make the vast
majority of its software Y2K-compliant, from current products like
Windows 98 and Office 2000 to years-old products that aren't even
produced any more.

"We discovered that Microsoft Word 5.0 for DOS, which shipped in
1983, is not compliant," Jones said. "We actually had a few people
still using it, so we shipped them Word 5.5, which is compliant. We
had to scrounge around for the 5 1/4-inch floppies to copy it on,
but we got it out to them."

Some popular Microsoft programs require software patches to
function correctly on Jan. 1. These patches are available on
Microsoft's Web site, and generally take a few minutes to download.
Still, Jones doesn't expect every user will go and actually
download the patch -- some users might not even know how to do it.

"Chances are, even if customers don't download the patches, there
won't be any Y2K issues anyway," Jones said. "We're aware, though,
that some customers won't do the downloads, and we've taken steps
to get information and patches out to them."

Those efforts included distribution of 10 million free Y2K CD-ROMs
in cooperation with Blockbuster video stores, and the creation of a
special hot line for Y2K issues -- 1-888-MSFT-Y2K.

Analysts who have studied the Y2K issue give Microsoft credit for
its preparations in both software and tech support, even though
they probably won't be needed.

"I'm sure that a handful of older computers might need some help,
but really, most people who have had some kind of Y2K exposure have
fixed their critical systems already," said Bob Austrian, Y2K
analyst with Banc of America Securities. "Will there be a few Y2K
problems? Sure. Will they be major issues? No. People have been and
are continuing to get prepared."

Microsoft has seen increased volume on its Y2K hot line -- up to
65,000 calls per week in mid-December, Jones said. However, on its
regular tech support line, only three out of every 1,000 calls have
been Y2K related, Jones said.

Still, Microsoft employees plan to be on the company's campus the
night of Dec. 31 to troubleshoot any unforseen problems. The 300
engineers and support staff who have to work will be able to bring
their families to help ring in the new millennium, though Jones
said the only alcohol allowed will likely be a single champagne
toast at midnight.

"The rest of the time, we want to be awake and alert, just in
case," he said.

------------------------------------------------------------

4) Y2K Non-compliance Symptoms
------------------------------------------------------------

Dan Steele, EE

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

Do you have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

5) AOL 5.0 Unplugs Other Internet Providers
------------------------------------------------------------

Ariana Eunjung Cha, Washington Post

Iris Rache, a 68-year-old real estate agent from the District, may
describe herself as a technology neophyte, but until last month she
had few problems juggling her three online services--America Online
for personal e-mail, RCN Corp.'s Erols as a backup and a
residential-property database service for work. But then she
upgraded her AOL software to the new 5.0 version.

"It said just click here and we'll upgrade you to 5. And so I
clicked. And they upgraded me," she remembered. "And all this other
stuff got screwed up."

She found that she could no longer log on to Erols. And that the
housing database she needed that day to get some information for a
client would not connect.

Rache tried calling AOL but gave up after being on hold for what
she remembered as "forever." She called tech support for the real
estate service, and someone walked her through 40 minutes of
troubleshooting to no avail. She wound up waiting a month until a
tech-savvy friend poked around her machine and tweaked some
settings.

She's got company. Since AOL 5.0 was first released in October,
technical-support call centers for major Internet service providers
competing with AOL--including EarthLink Network Inc., Prodigy
Communications Corp., and AT&T WorldNet--have been bombarded with
calls from customers reporting similar problems.

A company official, who did not want to be named, said AOL should
reimburse other ISPs for the manpower and resources they have been
forced to allocate to help customers reconfigure their computers.
He said that AOL had been alerted to the conflicts by its own beta
testers months before the company created the millions of 5.0 CD-
ROMs in circulation.

Two AOL users confirmed that they had reported these flaws while
testing early versions of 5.0.

Most complaints appear to mirror Rache's: On a Windows computer,
non-AOL Internet software is disabled after they upgrade their AOL
service. A few have reported conflicts with virus software and
other mysterious problems.

Some users have found that they can log on to their other ISP--only
to be greeted with a "Would you like to start AOL now?" prompt. And
some users using AOL's discount "Bring Your Own Access" plan, in
which another Internet provider is used for the actual connection,
now have to dial up to AOL--incurring a $2.50-an-hour surcharge
under that price plan.

Online "help" bulletin boards on AT&T WorldNet and AOL are filled
with irate AOL 5.0 complaints shot through with exclamation points.
The debate has even migrated to AOL's nature-photography forum,
where nearly 40 percent of the 350 messages listed in the middle of
this week talked about Version 5.0 bugs instead of the featured
topic.

The problem, according to technology experts, appears to be that
AOL's network settings basically hijack Windows computers by
overwriting their normal Internet settings in a way that causes
other Internet providers' settings and software to stop working.

The result takes different forms depending on what operating system
you are using (Windows 95, 98 or NT), what your original setup was,
whose software you install first and how you answer a critical
question that AOL asks during installation. In particular,
answering "yes" to "Would you like this copy of the AOL software to
be your default Internet application?" apparently triggers many of
the problems.

AOL spokeswoman Anne Bentley said that more than 7 million of AOL's
20 million members have downloaded the new software and that
members who have complained "seem to be a relatively small number."

But Bill Kirkner, Prodigy Communications Corp.'s chief technology
officer, said that in more than half the cases, remedying the
problem is tedious and time-consuming.

"Sure, it is possible to fix all of these things," he said. "But it
can make the user's experience unpleasant."

Prodigy, which will be the nation's third-largest ISP, with more
than 2.2 million members, after it completes its acquisition of
telephone giant SBC Communications Inc.'s Internet subscribers, has
had to create a five-page instruction sheet for its technical-
support staff.

Kirkner said he can see little reason AOL would choose not to
follow industry-standard practices for Internet software in the way
it had with previous versions: "This is another example of AOL
being the bully on the playground."

Still, AOL's good intentions are of little consolation to
frustrated members, who say the company should use have used its
much-bragged-about easy-upgrade service to distribute warnings
about, and ideally fixes for, potential problems.

Subscriber Steven Way, a psychologist from Paris, Tenn., said,
"Each time I wanted to use anything but AOL, I would have to close
5.0, uninstall the adapters and reboot the system." He solved his
problem by erasing AOL 5.0 and reinstalling 4.0.

With the year 2000 only a week away, AOL 4.0 users considering an
upgrade have an additional worry to ponder: Their current software
may need a Web-browser update to fix year 2000 issues, while the
company reports 5.0 is fully Y2K-ready.

As for Rache, she says the whole experience has led her to consider
switching Internet providers: "Practically everyone is talking me
out of AOL."

------------------------------------------------------------

6) Last Minute Y2K Fixes
------------------------------------------------------------

http://download.cnet.com/downloads/0-10106-108-
49295.html?st.cn.3662-7-1481532.txt.10106-108-49295

Netsavers NET2000 Total Y2K Software Scanner:
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

Netsavers Y2K TSR Scanner Kit:
(for the RTC clock)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html
------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 93: 12/28/99
------------------------------------------------------------

500 MS Products' Y2K Status Questioned!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) 500 MS Products' Y2K Status Questioned!
2) Y2K Problem Symptoms
3) UN Funded IY2KCC Warns of Nuclear Plant Problems After Jan. 1
4) New Guinea's Power Company Bankrupt, Won't Meet Y2K
5) Silicon Valley Companies Met Secretly for Y2K
6) Last Minute Y2K Fixes
7) Seattle Cancels Y2K Countdown

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) 500 MS Products' Y2K Status Questioned!
------------------------------------------------------------

Feilder

Are Microsoft's products compliant? According to Karl Feilder, of
the 500 announcements on the Y2K status of Microsoft products over
the last 20 days, 40% of them require upgrades that are not yet
available. An additional 19% are in the "under revision" category.

Among the laggards is Excel, the dominant spreadsheet. Literally
millions of small businesses rely on Excel.

Research published on Dec. 28 suggests that software vendors are
still moving the goalposts when it comes to the Year 2000 issue,
despite the fact that the world is 10 days away from the end of the
year.

The research, published by Greenwich Mean Time, has prompted Karl
Feilder, the firm's president, to give a serious public warning
over the Year 2000 IT issue, according to a Newsbytes story
published by Computer Currents.

He warns that, in the last three weeks alone, Microsoft has
announced changes in Year 2000 compliance status to more than 500
of its products.

"Other popular vendors have also made important changes," he said,
adding that, of the 500 products to which Microsoft has made
changes this month, 40% require mandatory upgrades which Microsoft
has yet to release, and 19 percent have changed their status from
'Y2K compliant' to 'under revision,'" he said.

Feilder said that, among the products that have changed compliance
status are Excel 95, 97, and Excel 2000. He says this could have
large-scale consequences for the many companies that believe their
Year 2000 projects are complete.

"With these late changes, it's now clear that no company can claim
to be 100% ready for 2000," he said.

"Yes, some of the changes are relatively minor. However, if you
don't apply the latest patches, it could have significant
consequences on your business, depending on how you actually use
the software," he added.

Link: http://currents.net/newstoday/99/12/28/news15.html

------------------------------------------------------------

2) Y2K Problem Symptoms
------------------------------------------------------------

Dan Steele, EE

The following is a list of SYMPTOMS you could see IF your PC is NOT
Y2K-COMPLIANT...

1- Unexpected expiration of passwords, licenses, security cards,
software etc.

2- Operating system file operations give unexpected time results,
e.g., files that are NEW are treated as if they were OLD

3- Operating system asks if you wish to overwrite an "OLD file"
that
is really a "NEW" file

4- Operating system DOESN'T ASK if you wish to overwrite a file
that REALLY IS AN "OLD" file, because system thinks it is "NEW"

5- Incorrect calculations involving time spans or timing intervals

6- Applications that depend on file sorting by date for correct
operation suddenly fail or present illogical results

7- Inability to interface with some external applications

8- Software development tools/systems (compilers) that
automatically overwrite "old" versions do not perform properly

9- Software Tools or Systems (installers) that automatically copy
over older files make "mistakes"

10- A non-compliant application is accidentally downloaded and run
on your previously Y2K compliant system!

11- A non-compliant application is accidentally installed and run
on your previously Y2K compliant system!

12- Developers: Changes made to compiled programs suddenly
disappear and problems that have been fixed suddenly reappear after
recompilation of modules

13- Changes made to programs (updates etc.) suddenly disappear and
problems that have been fixed (security problems, bugs) suddenly
reappear

14- Email is launched with each encounter of specific year 2000
date problems

15- Scheduled processes, Email, or applications, are activated at
the wrong time

16- Scheduled processes such as archive or delete functions on
files or email are launched at the wrong time

17- System date upon powering up is 1980 or some year in the
distant past, or, system date appears normal but file dates are
wrong

18- Date display (displayed at the "date" command) is wrong or
different from system date

Layer upon layer, the cumulative affect of Y2k problems WILL affect
you. Your computer WILL give you problems if IT has a problem.

There WILL be internet sites with problems. Shopping carts, and
other CGI-BIN processes WILL FAIL at some sites because the perl
scripts weren't checked.

Some hosting firms have inadequate electrical backup... electrical
problems and sporadic brownouts will occur, gradually increasing
after January 1. That will lead to less reliable server farms...
sites can't run on air!

Do you have a Portable Generator? Good luck running your computer
equipment on it. The electrical noise will cause computer system
degradation, at least, or in some cases, destruction of solid-state
devices, UNLESS you also use a good Line Conditioner.

http://www.suttondesigns.com/NetsaversCenter/lcy.html

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 10 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

3) UN Funded IY2KCC Warns of Nuclear Plant Problems After Jan. 1
------------------------------------------------------------

It will not be over for the world's nuclear power plants if they
are still operating on Jan. 2.

The world's 430 operating nuclear power plants in 34 countries
should operate normally during the coming millennium date rollover,
but performance problems could pop up in the weeks immediately
following the New Year, according to a report issued today by the
International Y2K Cooperation Center (IY2KCC). The story was
reported by Newsbytes and carried on the Web site of Computer
Currents on Dec. 27.

"Unless Y2K work continues in plants where resources have been
limited, Y2K-produced errors in operational management and
monitoring systems will degrade overall plant performance in the
weeks following the date change," said IY2KCC director Bruce W.
McConnell. "Over time, such a degradation in performance would
reduce the margins of safety and efficiency in these plants."

The report added that while many advanced nuclear plants employ
digital systems that control plant operations and systems that
initiate a reactor shutdown, the majority of digital systems are
used in non-critical functions, such as monitoring fuel usage and
demand load, and processing work orders.

At the same time, however, the report stressed the dependence of
nuclear power plants on the normal performance of "external
infrastructures," including the electric power grid,
telecommunications, water and fuel deliveries, declaring that
"failures in these systems can require plants to modify, cut back
or discontinue operations." .

Newsbytes said the IY2KCC's report also sought to address the
popular belief that the best remedy for reducing the risk of
nuclear disaster over the New Year weekend might be simply to shut
down the reactors deemed most vulnerable to a the millennium bug.
But, the report argued, doing so could create more problems than it
seeks to solve.

"Shutdowns create their own risks. In addition, we note that
keeping plants online increases the stability of the electrical
distribution grid," the report said. "Because of the extensive Y2K
work that has been done and the increased staffing and monitoring
of nuclear power plant operations over the date change period, we
do not believe there is a net safety benefit to a general shutdown
of nuclear power plants during the period."

Newsbytes said the IY2KCC on Monday released a report on the Year
2000 preparedness of 190 countries that participated in its survey.
The study found that most nations should expect a multitude of
inconvenient but non-life-threatening Year 2000-related problems
over the New Year's weekend and for a short time thereafter.

The International Y2K Cooperation Center, was established in
February 1999 under the auspices of the United Nations, with
funding from The World Bank.

Link: http://currents.net/newstoday/99/12/27/news15.html

------------------------------------------------------------

4) New Guinea's Power Company Bankrupt, Won't Meet Y2K
------------------------------------------------------------

Not to be outdone, the phone company said it's noncompliant, too.
Papua New Guinea's state-owned Electricity Commission said it is
bankrupt and expects major disruption to its computing and
accounting systems over the New Year period if it does not get
money to complete Y2K compliance work.

Newsbytes said the country's sole power authority is requesting
government assistance, outside financing or may even raise its
tariffs by up to 25% to cover the cost of Y2K work, according to
local media reports.

The Electricity Commission (Elcom) was appearing before a Papua New
Guinea Parliamentary public accounts committee to report on fiscal
and Y2K progress.

Also before the committee was the country's national
telecommunications provider, Telikom. It also said it needed more
funds to complete Y2K work, but said it wished to recoup the money
from government debtors, said the story, which was published by
Computer Currents.

Link: http://currents.net/newstoday/99/12/25/news1.html

------------------------------------------------------------

5) Silicon Valley Companies Met Secretly for Y2K
------------------------------------------------------------

For three years, almost nothing has hit the media about the concern
of Silicon Valley executives regarding Y2K. It is as if they
believed that a protective shield encircled their world.

This report from Peter de Jager indicates otherwise. He has been
working with a group of the largest companies. Normally, they have
nothing to do with each other in private meetings. They are
competitors. But they were worried about their suppliers, who
generally supply more than one company. They paid $15,000 each to
gain access to information on how suppliers were coping with
Y2K.

In his article on the Year 2000 Web site, De Jager reports that
"From the very early days of my involvement in this debacle, I've
been privy to a number of 'secrets.' The biggest secrets had to do
with the coming together of organizations who were the fiercest of
competitors and yet they realized that to solve Y2K properly they
would have to cooperate, if only to coordinate how they would
exchange data in the coming years.

De Jager says HTC is a formal collaboration between the following
companies;

AM&D, AMD, Arrow Electronics, Celestica, Cisco Systems,
Compaq, Dell Computers, Digital Microwave, Exabyte, HCL America,
Hewlett Packard, IDT, Intel, Jabil Circuit, LSI Logic, LoDan West,
Marshall Industries, MCMS, Motorola, Qualcomm, Quantum, SCI
Systems, Seagate Technologies, SGI, Solectron, Sun Microsystems,
Symbol Technologies, Tektronix and Unisys. Their website is located
at www.hightech2000.com.

"These are not companies you would normally see sitting at the same
table," De Jager writes. "To say they include some of the fiercest
competitors in Silicon Valley is a vast understatement. What could
possibly bring them together and hold them together long enough to
accomplish anything of value? The same thing which caused other
companies to put critical new development to the side, the common
threat known as Y2K."

Link: http://www.year2000.com/y2ksecret.html

------------------------------------------------------------

6) Last Minute Y2K Fixes
------------------------------------------------------------

http://download.cnet.com/downloads/0-10106-108-
49295.html?st.cn.3662-7-1481532.txt.10106-108-49295

Netsavers NET2000 Total Y2K Software Scanner:
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

Netsavers Y2K TSR Scanner Kit:
(for the RTC clock)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

------------------------------------------------------------

7) Seattle Cancels Y2K Countdown
------------------------------------------------------------

Mayor: 'We Do Not Want to Take Chances With Public Safety'

The Associated Press

SEATTLE (Dec. 28) - The mayor has scrubbed the city's planned New
Year's Eve celebration below its trademark Space Needle, where an
estimated 50,000 people had been expected to gather.

''We do not want to take chances with public safety,'' Mayor Paul
Schell said Monday. While federal officials have not advised of any
specific threat to the city, ''it is safer to be prudent,'' he
said.

The 20-acre Seattle Center, which spans below the sky-dotting
Needle just off the city's downtown, is a traditional gathering
point for New Year's Eve revelers.

Afternoon concerts and a circus performance will go ahead as
planned on Friday, and fireworks will still pour from the Space
Needle at midnight. But the Center will be cleared and the gates
locked at 6 p.m., Schell told the Seattle Post-Intelligencer for
its Tuesday editions.

Only a private function atop the Needle will be allowed to go
ahead, he said.

The city's nerves have been strained in recent weeks by tumultuous,
sometimes violent World Trade Organization protests, and news that
a man arrested at the U.S.-Canadian border with alleged bomb-making
materials had booked a hotel room near Seattle Center.

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 94: 12/29/99
------------------------------------------------------------

Jan. 1 to 15: Just the Beginning

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Jan. 1 to 15: Just the Beginning, Says Gartner Group
2) EMA Recommends 7 to 10 Days of Food
3) Oil Production/Refining Y2K Scenarios
4) Big Is Good, Small Is Risky
5) Last Minute Y2K Solutions!
6) UK Unveils Y2K Bug Website

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Jan. 1 to 15: Only the Beginning, Says Gartner Group
------------------------------------------------------------

The first two weeks of January will give us only 10% of Y2K
failures.

The Dec. 28 edition of Nando Times said Y2K computer worries won't
go away this weekend, even if nothing goes wrong. Glitches can be
expected weeks, even months, into the new year. And a few may
linger until 2001 and beyond.

The Gartner Group, a technology consulting firm, estimates only 10%
of all Y2K failures will occur during the first two weeks of
January.Most Y2K planners are aware that Jan. 1 is no magic date,
but they fear a quiet weekend might leave the public with a false
sense of security.

"There is too much focus on New Year's weekend," said Bruce
McConnell, director of the International Y2K Cooperation Center.
"If you think that the only time to worry about the Y2K bug is on
Jan. 1, then you're underestimating the problem."

Besides having new problems appear later in the year, glitches that
strike on Jan. 1 might go unnoticed initially, even after employees
return to work and restart computers, Nando Times said. The full
effects might not be felt until smaller glitches compound and
disrupt business supply chains.

Several weeks must pass, McConnell said, "to have a good idea just
how big an event Y2K is."

Ron Weikers, a Philadelphia attorney specializing in Y2K
litigation, warned companies not to declare victory right away.
Such statements, he said, could come back to haunt them.

If there are any problems involving embedded chips that control
power plants and other major equipment, Koskinen said, they would
most likely strike around Jan. 1.

Beyond that, most glitches will probably be administrative, causing
inconveniences such as incorrect billing - but no catastrophe. And
they'll be more manageable because they won't hit all at once,
Nando Times reported.

Koskinen's group will also look for trouble on Feb. 29, because
some computers might not recognize 2000 as a leap year. Even Dec.
31, 2000, could be problematic because some computers might not be
expecting 366 days next year.

According to the Gartner Group, 30% of all failures will have
occurred before 2000. And problems, growing steadily each quarter,
will peak early in the new year. But they won't completely
disappear until after 2001.

Link: http://www.techserver.com/noframes/story/0,2294,500147594-
500178319-500713361-0,00.html

------------------------------------------------------------

2) EMA Recommends 7 to 10 Days of Food
------------------------------------------------------------

Maybe the D.C. Emergency Management Agency has inside information.
Or maybe D.C. is more vulnerable than most cities.

More amazing: the EMA recommends one month of expenses in cash.

The D.C. Emergency Management Agency's "Y2K Preparedness Guide"
tells readers to "store a supply of seven to ten days worth of
nonperishable foods per person."

Meanwhile, most other jurisdictions have advised being prepared
for only a few days, the Washington Times reported on Dec. 28.
District of Columbia officials are urging residents to prepare for
more than a week without private and public services as the new
year approaches, though most other jurisdictions have advised being
prepared for only a few days.

The D.C. Emergency Management Agency's "Y2K Preparedness Guide"
tells readers to "store a supply of seven to ten days worth of
nonperishable foods per person."

It also warns residents to "set aside enough cash to meet living
expenses for at least a one-month period" and "consider renting or
purchasing a generator."

Peter G. LaPorte, the agency's acting director, said the guide is
not intended to scare residents nor contradict the rosy picture
Mayor Anthony A. Williams painted nine days ago, the Times
reported.

Link: http://www.washtimes.com/metro/news4-19991228.htm

------------------------------------------------------------

3) Oil Production/Refining Y2K Scenarios
------------------------------------------------------------

It seems to me that one of these scenarios will come to pass. I
don't like any of them. If we escape all of them, and nothing bad
happens, then it will not be because we were well-informed in
advance. We have had almost no verifiable information on this topic
over the three years that I have followed it.

In a follow-up note, the author adds this:

Regarding the notion of 1-10 scale... Everyone has their own
opinion and is entitled to it.

I see it as still probably about a 7 I suppose. I think oil is
likely going to be fairly bad relatively speaking, but if every
other aspect of the infrastructure stays up, then the oil industry
will escape devastation and face only some relatively major
problems.

This is from Yourdon's forum (Dec. 27). It is a long post.

http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=002755

------------------------------------------------------------

4) Big Is Good, Small Is Risky
------------------------------------------------------------

The Party Line has been with us from the beginning. Large, complex
systems in the United States are going to be fine because the
managers spent lots of money to solve Y2K. Small organizations will
be in trouble. This includes foreign countries.

Questions:

1. What if the complexity of the big systems turns out to be
greater than the programmers have thought or that the managers were
willing to pay to get fixed?

2. What happened to the year of testing?

3. What about industry-wide testing?

4. Do small outfits supply the large ones?

In a story carried on the Yahoo! Web site, the Associated Press
reported that the big things have been taken care of: Y2K planners
are confident the nation's power grid, telephones, banks and air
traffic control system will run smoothly on New Year's Day.

It's the smaller things they're not so sure about: local
governments, small businesses and health care providers, for
example. Even less is known about how many foreign countries will
fare.

''The smaller the entity, the greater the uncertainty,'' said Cathy
Moyer of the Cassandra Project, a Y2K education group based in
Denver. ''There's great potential for isolated disruption and for
some of that isolated disruption to spread around.''

The AP said major companies and government agencies have
contingency plans and employees on standby to deal with unexpected
glitches. The federal government also set up a $50 million crisis
center for Y2K.

A survey by the National Association of Counties found that, as of
April, one-fourth of counties had no Y2K plan, possibly leading to
incorrect tax bills, for example.

The Education Department reported that more than one-third of
public school districts are still not ready.

Up to 1.5 million small employers did no Y2K preparation, according
to the National Federation of Independent Business.

Also, the AP reported, problems abroad could affect American
companies that have plants abroad or import raw materials.

The extent of preparedness overseas is unclear. Bruce McConnell,
director of the World Bank-funded International Y2K Cooperation
Center, said he has had trouble getting detailed information from
some countries.

Link:
http://dailynews.yahoo.com/h/ap/19991224/tc/y2k_question_marks_2.ht
ml

------------------------------------------------------------

5) Last Minute Y2K Solutions!
------------------------------------------------------------

Dan Steele, EE

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 2 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

6) UK Unveils Y2K Bug Website
------------------------------------------------------------

The government has unveiled a new internet site to report on the
effects of the millennium bug around the world.

Throughout the millennium weekend, the Millennium Centre will offer
live news and information from more than 76 countries.

The website will be run by the Cabinet Office, relying on updates
from Foreign Office consular staff, television and internet news
feeds.

Initial reports from Fiji and New Zealand are expected to arrive
shortly after 1200GMT on 31 December, when they experience the year
2000 date change.

Reports from other countries - including the UK - will follow as
the date change happens.

Foreign Office minister John Battle said the site would be useful
to anyone living or travelling abroad.

"The millennium bug is a global problem and we are trying to ensure
we co-ordinate information about its effects," he said.

"That's so that we can pass on travel advice to people wishing to
go abroad during the millennium.

"We will also be able to tell people what the situation is like for
any of their relatives living overseas."

The millennium bug is a computer glitch which results from dates
being stored in two-digit form on older computers.

It means some computers could interpret '00' as 1900 instead of
2000, causing system failure or unpredictable behaviour.

This has led to fears of disruption on a massive scale, with
predictions of aeroplanes falling out of the sky, nuclear bombs
going off or people's bank accounts being cleared of funds.

Ministers say tackling the bug has been the biggest single project
since World War II, involving every government department and
business.

However, they say they are now confident there will be no material
disruption.

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 95: 12/30/99
------------------------------------------------------------

Avoid Y2K Internet Problems!

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Credit Card Problems in Great Britain
2) Paula Gordon on Government's Y2K
3) Tips To Avoid Y2K Internet Problems
4) Forums to Get Hit With Y2K Glitches
5) Last Chance Y2K Fixes!
6) Web Sites On Alert for Y2K Viruses
7) Y2K Repair Kit!

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Credit Card Problems in Great Britain
------------------------------------------------------------

With less than a week to go before Y2K hits, a British bank finds
that its credit card system is not compliant after all.

"No problem," says the bank. "This will work itself out
automatically." Let's hope it does.

How many of these stories will we see over the next 30 days? What
will these events do to business cash flow?

The millennium bug has struck early, with many retailers' card
machines refusing to process credit and debit card
transactions,according to a BBC story on Dec. 29. But HSBC, which
has issued 10,000 card swipe machines to retailers, says the
machines will be working by Jan. 1.

A software problem has meant that since Tuesday many credit card
terminals have not accepted transactions from credit and debit
cards, such as Switch, Mastercard and Visa.

Credit card transactions are stored on a central computer which
covers a four day period. Hence any transactions which took place
since Tuesday have covered the Jan. 1 date.

Since the problem emerged, many retailers have resorted to pen and
paper to complete credit and debit transactions, the BBC reported.

"Customers can still pay," the HSBC spokeswoman added. "The problem
is a minor one and can be fixed by pressing a series of keys."
She added that the problem would disappear on Jan. 1.

Action 2000, the government body set up to warn about millennium
computer problems, said: "Many people think the millennium bug will
strike as soon as the clock strikes midnight on New Year's Eve.
"The truth is that it could happen any time a computer uses the
date 2000."

Link:
http://news.bbc.co.uk/hi/english/business/newsid_582000/582007.stm

------------------------------------------------------------

2) Paula Gordon on Government's Y2K
------------------------------------------------------------

Dr. Paula Gordon has published a lengthy analysis of the problem.
She was instrumental in organizing conferences at George Washington
University. Now she surveys the threat a few hours before the date
change.

Gordon writes that the Federal government has not fully
comprehended the scope and seriousness of the Y2K problem. They
have therefore not yet begun to address Y2K as a crisis.

The energy crisis of the '70s was very small in contrast with the
fuel shortages that can be expected with the Y2K and embedded
systems crisis. Y2K and embedded systems problems can be expected
to affect all aspects of oil and gas production and distribution,
nationally and globally. This includes on shore and off shore rigs,
refineries, pipelines, and tankers. Several hundred people worked
full time at the Federal Energy Office in the 1970's to avert more
serious problems during the energy crisis.

Yet the President's Council on Year 2000 Conversion has only had a
core staff of ten and none of those individuals have not had the
kind of technological expertise to assess the nature and scope of
the set of problems that can be expected to converge over the next
months and years as a result of the Y2K and embedded systems
crisis.

Impacts on oil and gas production with be only one of many other
problem areas that can be expected.

Second, she says the Federal Government has addressed the threats
and challenges posed by Y2K and embedded systems in very narrowly
focused ways with little attention until November of 1999 to the
seriousness of malfunctioning embedded systems.

The President's Council on Year 2000 Conversion did not publicly
acknowledge until November that the embedded systems aspect of the
Y2K problem had not been adequately understood and addressed. For
further information and background, see

http://www.gwu.edu/~y2k/keypeople/gordon .

The Federal government has also focused its attention primarily on
the mission critical systems of its own agencies and departments.
They have also failed to fully address the non-mission critical
systems.

In addition, the Federal government has not focused adequate
attention on preventing and minimizing impacts that could occur as
a result of the failure of embedded systems in the private sector
or the rest of the public sector.

Third, she says the Federal government has failed to do all that it
could have done and it should be doing now and into the new year to
make ensure the compliance of all those highest hazard systems,
sites, nuclear power plants, chemical plants, hazardous materials
sites and facilities, refineries, oil and gas pipelines, water
purification plants, sewage treatment plants, and dams. Failures in
these highest hazard systems, sites, plants, etc., pose the
greatest risks to public health and safety and to the environment.

Link: http://www.jeffrense.com/politics6/sd.htm

------------------------------------------------------------

3) Tips To Avoid Y2K Internet Problems
------------------------------------------------------------

ASSOCIATED PRESS

--Use the Internet only when necessary this weekend. Phone
companies worry of system congestion if everyone picks up the phone
at once to check for a dial tone. Likewise, simultaneous Internet
usage at home could also cause phone trouble, particularly if
millions flock to lengthy Web simulcasts of New Year's
celebrations.

--Install anti-virus software and get the latest updates before and
after Jan. 1. Anti-virus companies plan to post updates frequently
on their Web sites. Free software is available at
www.microsoft.com/y2k.

--Check for security alerts at www.cert.org. Software and other
safeguards
are available to counter some hacking tools.

--Turn off computers if possible. Some security experts also
recommend shutting down Web sites. Doing so would minimize virus
and hacking attacks, although some viruses could still activate and
spread when computers are turned back on.

------------------------------------------------------------

4) Forums to Get Hit With Y2K Glitches
------------------------------------------------------------

Dan Steele, EE

The man who wrote WWWBoard, which MANY sites use, has just posted a
warning on some glitches.

Whether people can get this fixed in time is a question. I hope the
forums will function, but the posting date may look goofy. The main
thing is this: Will you be able to share information? I hope so.
But I don't know.

We do not know what will be happening on the Web after Jan. 1. It's
another reason to sign up for this Newsletter, so that I can stay
in contact, assuming that e-mail survives and we can still pay our
internet service providers.

------------------------------------------------------------

5) Last Chance Y2K Fixes!
------------------------------------------------------------

Dan Steele, EE

The largest Y2k problems will be cumulative. Line by line the non-
compliant code will begin to take its toll on data that is used to
make decisions, earn a living, protect lives.

Just like the traffic light that goes haywire at the worst time,
there will be singular events that will affect you personally.

Time to really get going. With only 1 days left, you have a
disaster FAST APPROACHING.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

6) Web Sites On Alert for Y2K Viruses
------------------------------------------------------------

ASSOCIATED PRESS

NEW YORK (AP) -- It's shaping up to be a long weekend for computer
experts -- and perhaps for users.

Web site operators and people who run computer systems will be
watching for more than the Y2K bug on New Year's Eve. They will be
on guard for viruses and other mischief spread by hackers looking
for some start-of-the-millennium attention.

The threat has prompted several Web site operators to shut down
beginning on Friday. For some companies, security breaches could
cause greater problems than Year 2000 glitches.

"We are anticipating that there will be some increase," said Kathy
Fithen, manager of a group that monitors online security threats at
Carnegie Mellon University in Pittsburgh. "We are anticipating some
of the intruders will try to masquerade the attack as a Y2K
failure."

At least three viruses are timed to hit on Saturday and could
delete files on infected computers. Five other viruses that struck
earlier pretended to be Y2K fixes or New Year's greetings. Anti-
virus companies have distributed software updates to kill those
viruses, but new forms of attack are possible.

Security experts said many virus writers and hackers might consider
the start of the new millennium -- when the world will be worried
about computer problems anyway -- a chance to get a lot of
publicity.

Widely available automation tools could help hackers crash Web
sites by flooding them with too much traffic. Or an intruder might
change a Web page or subtly redirect traffic to a fake site that
proclaims the end of the world.

Besides the security worries, heavy holiday traffic and isolated
Y2K outages could clog the Net. Leading Internet companies will run
a command center in Washington in conjunction with President
Clinton's Y2K team. It will watch for problems.

The FBI will run a separate center to watch for security breaches.

The Internet is relatively new and constantly evolving, so there is
little outdated, Y2K-vulnerable equipment to worry about. And the
Internet was designed by the military to withstand attack. Even if
portions go down, traffic could still flow through other channels.

But Barbara Dooley, president of the Commercial Internet Exchange
Association, said sporadic problems are likely. Phone and power
problems abroad, for instance, could make portions of the Internet
inaccessible to U.S. computers.

Sites ranging from eBay to the New York Botanical Garden plan to
shut down during the century change. Some are doing so solely out
of concern for power interruptions and other Y2K malfunctions,
while others cited security threats as well.

Broward County, Fla., will prohibit public access to its county
databases and bar employee access to internal e-mail accounts to
keep viruses from spreading. The Web site of the U.S. Office of
Personnel Management will carry only a greeting from its director.

Not everyone shares the concerns, though. Wal-Mart picked Jan. 1 to
launch its redesigned Web site.

------------------------------------------------------------

7) Y2K Repair Kit!
------------------------------------------------------------

Dan Steele, EE

So, you missed catching computer problems at the Roolover. Now some
Y2K problems are beginning to show up? You can STILL catch them,
and reverse the damage.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers NET2000 Total Software Scanner
FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 96: 01/03/00
------------------------------------------------------------

Y2K Status at U.S. Offices

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Y2K Status at U.S. Offices
2) Thousands Face Online Shopping Glitch
3) Y2K Date Glitches
4) President's Council Report
5) Y2K Repair Kit!

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Status at U.S. Offices
------------------------------------------------------------

The Associated Press

WASHINGTON (Jan. 3) - Americans returned to work and businesses and
government offices reopened without major computer problems today
as the nation's Y2K chief predicted a smooth transition for most of
the country but cautioned that some small retailers still could
have difficulties.

On the first day that most Americans logged on to their office
computers, the U.S. banking system opened so smoothly that billions
of dollars in extra currency - distributed to banks to avert any
financial panic - was shipped back to the Federal Reserve.

''We're thrilled with how everything has gone,'' American Bankers
Association spokesman John Hall said, as ATMs worked and balance
and loan information appeared to be accurate.

U.S. securities markets were up and down in early trading today.
The technology-heavy Nasdaq market opened sharply higher and then
dropped below its year-end record, while the Dow Jones industrial
average opened slowly before losing more than 150 points in the
first 90 minutes of trading.

The government's chief Y2K adviser, John Koskinen, said today he
was encouraged that markets and fund transfer systems in Asia and
Europe opened without problems.

Small businesses may not duplicate that success, he said.

''We think a number of small retailers and business who didn't do
the business effectively will find some glitches but we don't think
any of that is going to accumulate in any way to have a noticeable
economic effect on the country,'' Koskinen commented in an
interview.

Koskinen said the country's round-the-clock Y2K center would soon
begin scaling down operations, calling the smooth transition a
''great gift'' and worth the time and effort.

''We geared up for a major potential set of problems and I think
all of us view it as a great victory that we can sit here and talk
about, 'Was it money well spent? Did we have to do it?''' he
commented.

Hopes that phones, financial systems and power would continue to
run smoothly were bolstered after electronic trading at two Chicago
exchanges went off without a hitch late Sunday and overseas markets
reported no major Y2K glitches.

The mom-and-pop shops that didn't take precautions and stayed
closed over the holiday weekend might experience problems with
credit card swipe devices that have not been upgraded, federal
officials cautioned.

''Their judgment has been we're going to wait and see what breaks
and we'll fix it,'' Koskinen, said Sunday. ''The fix will be easy.
The question is whether there's a long line of other people who
need the fix.''

The Small Business Administration planned to monitor businesses for
Y2K problems today through 10 regional and 70 district offices.

While many core services such as automatic teller machines,
telephones and computer networks ran smoothly over the weekend, the
real test came when businesses reopened today.

Koskinen said he expected minor glitches as the work week began in
earnest, taxing systems that have been upgraded to avoid Y2K
problems but have not been tested with live traffic.

''Systems will be tested with millions of transactions,'' said
Koskinen. ''There will continue to be reports of small glitches in
one place or another.''

Banking and securities industry officials expected no major
problems. Phone companies anticipated heavy call volume and data
traffic, but officials said they were fully prepared.

''Everything has been completely tested,'' said Dave Johnson,
spokesman for AT&T.

Schools reopening this week could experience problems. More than
one-third of all public and secondary school districts were
unprepared for Y2K problems that could affect heating, food service
and teacher payrolls, according to a government report released in
October.

''It should not surprise anyone to find that during the week there
will be some reports ... of a particular school that has a
particular problem,'' said Koskinen.

Computers guiding everything from air traffic control systems to
automatic teller machines sailed through the rollover to 2000 with
few major problems. The glitches that did occur, including seven
nuclear power plants that reported minor computer problems, were
quickly corrected and did not affect service.

The Y2K bug infested a computer at the Y-12 nuclear weapons plant
in Oak Ridge, Tenn., but it did not affect operations or workers,
Energy Department officials said Sunday. The exact nature of the
malfunction was not disclosed because the computer controls a
classified function. It was corrected in about three hours, said
Department of Energy spokesman Frank Juan.

But the rollover was not problem-free. A customer returning a movie
to a rental shop in suburban Albany, N.Y., was presented with a
$91,250 late fee after computers showed the tape was 100 years
late. Employees at a video rental store in Florida used pen and
paper because computers failed.

An estimated $100 billion was spent on Y2K preparedness. When no
major problems surfaced, some questioned whether it was necessary.

Koskinen said the money was well spent.

''If they didn't fix the systems, they would not be functioning,''
Koskinen said Sunday.

Experts predict Y2K problems will continue to crop up this week and
for months to come. Some county and city governments as well as
small and medium-size businesses had not yet completed Y2K fixes in
time for the rollover.

------------------------------------------------------------

2) Thousands Face Online Shopping Glitch
------------------------------------------------------------

Thousands of people may have trouble shopping online, as security
software on some older browsers expires.
Older versions of Netscape and Microsoft browsers contain security
software, which expired on 31 December, 1999.

Users may find they cannot shop or bank online until they upgrade
to a new browser.

Already, thousands of Swedes have been unable to bank online, but
Netscape says updating the browser is easy and free.

Out-of-date security

Those affected are users of Netscape's Navigator and Communicator
browsers 4.06 and older, as well as users of Microsoft's Internet
explorer 4.5 for Macintosh and older.

These browsers contain digital certificates, which authenticates
users and encrypts electronic commerce transactions.

VeriSign, makers of this software, say the problem was anticipated
and many similar certificates have an expiry date.

At this stage, the scale of the problem is unclear.

About 150,000 commerce and finance sites support the software.

Netscape estimates there are between five and ten million users who
have not updated their browsers.

Swedish banks

Around 100,000 Swedes have been unable to access their bank
accounts over the internet.

"It is true that some of our internet clients could not access
their accounts as they had an old version of Netscape that stopped
working at the end of the year," Cajsa Renman, a spokeswoman at
Swedish bank SEB, confirmed.

She added: "But only a few people were affected...and for them it
only means going into our homepage and getting an updated version
and it will all work okay again."

------------------------------------------------------------

3) Y2K Date Glitches
------------------------------------------------------------

Ah, the trail of the lonesome date never seems to stop and here's
our early morning clutch of candidates the 3rd day into the 21st
century. We suspect that many more will become apparent as the
world begins to wake up from its collective Hogmanay stupor...

The Dot Com Guy had a severe dose of date dottiness, largely caused
by the big long list of 1.3.19100s on the right of its page...

The world famous Garfield site thinks that it's January 3, 3900.

HP's site clicked over to read January 1, ***DATE INVALID***, but
Carly F's boys got to it pretty quickly and cleaned up its act
three hours after it bombed.

And Microsoft (again), is still screwing up on its wondrous
Terraserver site, which had shown the year as 19100 for the first
two days of this century, but decided to up the ante today by going
for the 192000 number. How many gazillions of dollars will the
Gates family be worth by then?

Interested in the next generation of online finance? Go then to E-
Charge, which agrees that the year is 192000.

At ACD Systems it's also 192000 (this one is getting more popular),
but compounded by the fact that this company has a little logo
which says "Bug Free" in the top left of its page.

At Nerdperfect there was a Nerdimperfect 1900 date shown, but it's
fixed now.

It's still the year 4000 at the Gigabyte motherboard site, and has
been for three days now...

The Y2K Mistakes page, referred to in the body text below, seems to
have doubled in size since this time yesterday, with some more
outstanding examples of ineptitude from around the globe.

There are Javascript bugs in both Internet Explorer and Netscape
which seem to be compounding and in many cases causing these
problems.

Slightly worringly, Gigabyte, maker of mobos to the cognoscenti,
has its English USA page showing the date as 1.1.4000, although on
other pages they get slightly closer with 1.1.2100...

A reader has pointed us to this page which is a capture of
Microsoft's NZ site as it rolled over to January 1, 19100.

There are also problems with Microsoft Hotmail, which the company
has acknowledged. The problem occurs with the Inbox dates. One
reader said that he had several examples. One email which was sent
and received on the 13 September 1999, now shows as being received
on the 9th of November 1900.

The people over at the Millennium Experience, those of the noble
Greenwich dome, have a countdown to the next millenium which
appears to stand today at 364 days.

Consider, this, the home of The Futurist, which is reporting that
the time left to the year 2000 is "-1901 years, 11 months, 29 days,
13 hours, 32 minutes, 45 seconds".

This Pokemon site shows today's date as being the 2nd of January,
3900. We thought this might be on purpose, but Mike Galloway, at
Merlin Online, has put us right.

He says: "The date on the PokTmon web site is as a result of a bug
in the script used to get the date. They should have used more
robust checking! This sort of bug may catch many others out at
well. The problem is they are using "(1900+today.getyear())" to
generate the year.

"This only works for years prior to 2000. For 1999 say the getyear
object returns 99 so adding 1900 gives you 1999. For 2000 and later
getyear returns the actual year - so of course 1900 + 2000 gives
3900." Thanks for that.

This Russian site rolled over to 2.1.100, but the problem has now
been fixed.

The Sherman's Lagoon cartoon site has some Y2K funnies up there,
but its own archive is listing one as being dated 1/1/100.

A reader says he has noticed that this date -- 1/1/100 -- is
cropping up in reports he is creating, and wonders if there is some
problem with Perl scripts causing the unusual date change.

Again, a reader comes up trumps with the answer. He says: "It's
more a problem with programmers not understanding the way Unix (and
Unix-based systems such as the Perl language) represent the year in
dates.

"Unix represent dates in a structure called tm, which has the
member

int tm_year; /* years since 1900 */

and consequently the Perl documentation says:

* localtime EXPR

"Converts a time as returned by the time function to a 9-element
array with the time analyzed for the local time zone. Typically
used as follows:

" # 0 1 2 3 4 5 6 7 8
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
localtime(time);

"[...] $year is the number of years since 1900, that is, $year is
123 in year 2023, and *not* simply the last two digits of the year.
If you assume it is, then you create non-Y2K-compliant programs--
and you wouldn't want to do that, would you?

"Naturally, this is also the reason for the 19100 bug, where people
just put 19 in front of $year when printing it.

"Naturally, the Perl community has been quite verbal about this
issue for a long time now, see here."

And still on programming, surely Fujitsu should be ashamed of
itself, shouldn't it? Here we have a Fujitsu Cobol support and
rollover page where the date is January 2, 3900, a bit like Pokemon
(above)...Fire the programmers!

The US Naval Observatory admitted that it had a similar problem to
Auckland Airport, see below, and that its clocks were reporting the
date as 1.1.19100. The Jack Tars are working to fix the problem.

The World Metereological Organization was not content to skip 17
millenia but went for 170 millenia.

The local council at Poole, here in Blighty, failed to survive the
Y2K problem at its Web site. Citizens! Watch out for your council
tax forms.

This Amiga site has a for sale section, and all postings there have
flipped over to 1.1.100. Is the Amiga platform Y2K compliant, or is
this site running on a PC platform, we ask ourselves.

IRC chat at Lineone misreported the date as 1 January 19100,
although this now appears to be fixed.

Richard adds that the police computer system that went down at Zero
Hours on 1.1.2000 (see below), was a planned outage. However, the
IT department neglected to tell the cops it was happening!

AOL has had its problems too. Netfind has decided to date itself as
19100, while there are also one or two glitches in chat room 1, and
emails are being transmitted very slowly...

Chris Moyles, a DJ BBC Radio One mentioned the small problem the
station had with its Web site on his programme yesterday (see
below), and the BBC has now fixed the problem, but its first stab
at a fix was to put the date as 1 January 0020...

ZD Net reported seven US nuclear power stations had "minor" Y2K
glitches, while there were two reports from Japan on the 1st of
January of problems with monitoring systems, one of which related
to a nuclear power station. Bloomberg reported today that up to a
dozen Japanese brokerages have had "minor" problems with Y2K dates
developed by Nomura.

Finally, and partly because we're getting a tad bored of this,
check out the Y2K mistake site, which lists many many more Y2K
problems, with screenshots so the guilty cannot escape, and
includes our own page -- our datestamp rolled over from 31/12/99 to
1/1/0. Yes, your La Registra was in Year Zero, but we've now fixed
the problem.

As we were ready to pack in for today, one of our readers kindly
sent us a link to this Washington Post piece which suggests that
the Pentagon withheld a serious glitch caused to one of its
satellite systems at rollover time...

Many readers reported that Apple's dates were also slightly
screwed, with its Web site showing that the year at clickover was
20100. That now seems to be fixed.

At the Swiss Info site, there is a clock which is currently
reporting that the time in Chatham, New Zealand, is Saturday,
January the 1st, 19100.

Auckland Airport reported: "No problems so far" and spoilt that by
posting the date as the 1st of Jan, 100...

Internet Explorer 4.01 for Apple Macintosh:

Some certificates embedded in Internet Explorer 4.01 for Apple
Macintosh will expire at midnight on December 31, 1999. Attempting
to access a secure site after that date may result in the user
receiving an "expired certificates" warning. The problem will not
exhibit itself until after midnight on 12/31/1999.

------------------------------------------------------------

4) President's Council Report
------------------------------------------------------------

	 * The Y2K-related technical difficulty with the
distribution of Notices to Airmen (NOTAMs) has been fixed. The
Weather Message Switching Center Replacement in Atlanta, GA,
stopped recognizing and processing certain kinds of NOTAMs because
of a software problem involving a failure to recognize years ending
in "0" in the NOTAM time and date code.

	 * Since the problem was discovered, the FAA implemented a
(work-aroundÿ that rerouted these notices through an alternative
computer path while it developed a repair for the software problem,
which involved a single line of code, which was installed Saturday
night and will be tested over the next 24-48 hours to insure proper
operation. This work around was not visible to the user who
continued to receive timely and complete information.

	 * The Bureau of Alcohol, Tobacco and Firearms is reporting
a problem with its Firearms Licensing System, which issues licenses
to deal in the business of making or selling firearms. The problem
is under investigation. If necessary, the system will revert to the
manual issuance of licenses.

	 * Government Buildings: GSA reported several additional
glitches.
		 1. Chicago, Ill vThe Archives Building (Federally
owned building). A computer used by the energy management system
was not able to recognize the correct date because of a Y2K problem
and instead displayed the date as Jan. 4, 1980. No building
operations were affected. The system was reset manually and is
functioning.
		 2. East St. Louis, Ill (Federally owned). An access
control system had a Y2k related problem and it has now been placed
in manual mode.
		 3. Benton, Ill (The Federal Building). The security
system did not print the correct date because of a Y2k problem and
instead printed 1982. The unit was manually reset and is currently
functional.State and Local

	 * The State of Alaska was advised by a vendor about a
potential bug in its the Unemployment Insurance Program. A patch is
being applied and contingency plans have been implemented.

	 * Glitches hit government computers in Hong Kong and
mainland China. Police testing the sobriety of drivers in Hong Kong
had to enter birth dates on breath-testing machine because of an
apparent Y2K malfunction. Courthouse computers in Italy mixed up
prisoner dates by 100 years. A few ATM machines shut down. But
there were no reports of calamitous failures some feared - and
stock markets responded. U.S. markets followed the rest of the
world with a smooth start to the first trading day of 2000.

------------------------------------------------------------

5) Y2K Repair Kit!
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 97: 01/04/00
------------------------------------------------------------

New Viruses Show Up Post-Y2K

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) New Viruses Show Up Post-Y2K
2) Some New Y2K Troubles
3) Sophos Warns On Trio Of Trojan/Virus Programs
4) Message Boards Catch Y2K Bug
5) Kozmo Customers Get Surprise Y2K Bills?
6) Y2K Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) New Viruses Show Up Post-Y2K
------------------------------------------------------------

Stephanie Sanborn and Michael Lattig

Computer Associates this week posted three alerts about viruses and
a worm, all of which are unrelated to the Y2K rollover, while Panda
Software is alerting users about a virus that arrives as an HTML
document.

CA released alerts about three potential threats to businesses:
Feliz.Trojan, a Portuguese "Happy New Year" Trojan, a Word macro
virus called "Armagidon," and "Wscript/Kak," an e-mail worm virus
that targets Microsoft Windows 98 systems running Outlook Express
5.0.

So far, only Wscript/Kak has been reported in the wild, said Simon
Perry, security business manager at CA.

Wscript/Kak spreads through e-mail and does not require a user to
open an attachment. Using a known Internet Explorer 5 exploit, the
worm writes its code in the Windows startup directory and creates a
copy of itself in the System directory. The worm then changes
installed Outlook Express 5.0 "Identity" settings to default
signatures and attaches its script code to every e-mail message.

"[Wscript/Kak] does require a reasonably specific environment,
Windows 98 using Outlook Express," Perry explained. "However, it
must be realized that [environment] is the vast majority of home
users and it's a reasonable percentage of the desktop environments
in businesses as well, so there is reasonably high potential that
it can cause infection in the general user community and cause some
kind of damage there."

Armagidon infects Word documents and is also spread through e-mail,
as well as shared drives and floppy disks. Once an infected
document is opened, an execution of the "FilePrint" function will
trigger a payload that replaces one ASCII character with another.

The "Happy New Year" Feliz.Trojan is "a fairly specific and
primitive virus in that it's hard-coded," according to Perry. The
Trojan virus deletes several system files and then produces an
image of a face with the message "Feliz Ano Novo!" which means
"Happy New Year." Once the user hits "exit," several message boxes
in Portuguese will pop up before exiting and the computer may not
be able to boot up afterward.

"[Feliz.Trojan] is going for the default settings, and most systems
are installed in the default manner," said Perry. "If it does
delete these files, then that computer is basically going to be
left in an unusable state - it will require quite a lot of work to
get that system up and running again."

Although these attacks are not Y2K-related, their timing may fool
those who believe any glitch in their systems is related to the
date rollover.

"In terms of what are we going to be seeing over the next couple of
weeks, I think we'll see the Trojan horse-type viruses, the viruses
that are very much network-based, e-mail-centric, and are typically
focused on replicating themselves in an attempt to flood systems or
create lots of unwanted mail or messages."

Perry advised companies to make sure their anti-virus solutions are
up-to-date and to practice caution with their e-mail messages.

"It must be remembered that a lot of businesses haven't opened up
and a lot of PCs haven't been turned on, and it is very, very
important that people maintain a sense of heightened caution
through the following weeks," he added. "New viruses are always
coming out and I think the danger is that people will take their
eye off the ball because they think everything is okay. What we're
saying to people is, celebrate the fact that we've gotten this far,
but realize that it's not all over yet, and it's worth keeping a
focus on."

Another virus being reported by Panda Software on this first
workday post-Y2K, officially called W32/HTM.H4[H04.2048, arrives as
an HTML document and searches users' hard drives for directories
containing documents with HTM, ASP, HTT, and HTML file extensions.

Once that is done, the virus infects EXE, CPL, and SCR files in the
current folder and in system directories such as C:\Windows and
C:\Windows\System documents, increasing them in size by 23549
bytes.

The damaging effect of this virus, which has yet to be found in the
wild and is classified as a low-risk for potential infections by
Panda, is the deletion of external vaccine files and the virus
signature files of several anti-virus manufacturers.

The virus accomplishes this by first creating a file in the root
directory called [H4[h04.DLL, then creating three new BAT files
that, when executed, compile [H4[h04.DLL and convert it into a
Windows virus. The virus does not infect files smaller than 10,000
bytes, and is encrypted using an XOR operator with a Dword mask.

Protection against possible infection from W32/HTM.H4[H04.2048 is
already available to registered Panda Antivirus users.

------------------------------------------------------------

2) Some New Y2K Troubles
------------------------------------------------------------

Erich Luening, CNET News.com

The new year is marching forward smoothly, with only minor glitches
related to the Year 2000 technology problem.

The Y2K glitch has yet to disrupt any key infrastructure systems,
with just a few minor problems affecting individual computer
systems that were able to be fixed within a few hours or so,
according to government officials and industry observers.

However, some warn there is still plenty of time for the bug to
wreak havoc as more and more businesses bring their complete
systems back online.

"My concern is that some will let their guard down because we are
still overly focused on the next few days rather than the next few
weeks, especially for embedded systems," said Leon A. Kappelman, an
associate professor at the University of North Texas and Y2K
expert.

One fairly high-profile Y2K issue: Software giant Microsoft said it
is experiencing two Year 2000-related problems that affect software
for viewing Web pages and using its free email service, Hotmail.

Microsoft's Internet Explorer software is displaying the date as
3900 on some Web pages when it reads outdated programming language
commands scripted in some sites, Bloomberg reported. Microsoft also
experienced a "minor" glitch in its Hotmail email program that can
cause an error in some message dates.

"We are likely to see glitches pop up here and there in the coming
days and weeks, but I think they will be localized and transitory
and will not pose a threat to the nation's economy," John Koskinen,
the White House point man on Y2K, said in a press briefing late
yesterday.

Out of 36 state governments surveyed by the White House yesterday
afternoon, 18 reported no glitches, minor or otherwise. The other
18 states reported a wide range of minor non-disruptive Y2K
problems.

Koskinen said several states have encountered glitches in licensing
processes, motor vehicle division problems either in issuing
renewal licenses or conducting drivers license testing. Others
reported cosmetic date-related problems, such as printing out the
wrong dates for functions.

Industry organizations have also reported a small amount of
problems related to the Y2K glitch.

The Airports Council International reported that on Jan. 1, a
telephone system at the Birmingham Airport showed the date as
December 32. It didn't affect operations and was fixed.

Also in the transportation sector, the White House reported a cargo
discharge monitoring computer at a West Coast port went offline
when it activated Jan. 2 to transfer cargo. The computer support
team on site got the system up and running correctly after just 2
hours. Reasons for the malfunction weren't known, though
authorities are still investigating the failure.

The small business community, long a big concern by many analysts
who worried about the community's lack of effort to prepare for
Y2K, is reporting no significant failures related to the technology
problem, according to the White House.

However, a small Portland, Ore.-based trucking firm could not
access any of its accounting information yesterday. According to
the Small Business Administration, the business will have to
purchase an upgrade to the system to make it Y2K-compliant, and the
agency is assisting the company in getting the upgrade.

The U.S. Postal service reported that a small number of automated
retail scales displayed the Jan. 1, 2000, date when first started
yesterday morning. The date was easily corrected, but officials
said a few receipts may have Jan. 1, 2000, printed on them instead
of Jan. 3.

In addition, the Federal Emergency Management Administration (FEMA)
experienced a Y2K problem with a database of reservists and regular
staff that FEMA uses to deploy personnel when a disaster is
declared. The system apparently went down right after the rollover.
A workaround has been developed. As of late yesterday, the code had
been repaired, and testing of the system was underway. The system
is expected to be re-deployed later this week.

Federal Housing and Urban Development officials reported some minor
glitches with some of its systems, including one with the Single
Family Insurance System that prevented users from terminating
Federal Housing Administration mortgages. The system has been
repaired.

The White House Y2K team headed by Koskinen will continue
monitoring the Y2K front on a day to day period over the week. The
team is expected to hold a briefing at the end of the week.

------------------------------------------------------------

3) Sophos Warns On Trio Of Trojan/Virus Programs
------------------------------------------------------------

Nate Mook, eFront

Sophos has issued a warning on three malicious code programs
observed over the weekend - two Trojans and one worm.

The programs - Two trojans (Troj/Kill98 and Troj/Zelu) and one
virus (W32/AntiQFX-A) - were the result of customer queries, the
firm said, and, so far, the good news is that they have not been
seen in the wild.

The IT security firm said that when the file is run, it attempts to
delete all files on the "C:" drive, making itself extremely
obvious.

Troj/Zelu is also a Trojan horse. Also known as ChipTec Y2K or Y2K
Trojan, the worm appears to have been distributed at the end of
1999 as a "Y2K fix."

On some PCs the program crashes before it can do any harm, but on
others Sophos said it will pretend to fix Year 2000 problems on a
computer while really overwriting the hard disk.

Last, but not least, is W32/AntiQFX-A, a 32-bit worm program that
masquerades under the name MSCDEX.EXE (the filename usually used by
a CD ROM driver).

Sophos reported that the program tries to copy itself to other
computers on the network in an attempt to activate when they are
next rebooted. For this reason, the company said that PCs may be
re-infected quickly after they are thought to have been cleaned.

The IT security company said that since the virus needs write
access to network shares on other computers in order to infect (or
re-infect) them, it will find it hard to spread on networks where
sensible security practices are in place. Sophos' Website is at
http://www.sophos.com. Reported by
Newsbytes.com, http://www.newsbytes.com.

------------------------------------------------------------

4) Message Boards Catch Y2K Bug
------------------------------------------------------------

Elizabeth Clampet, InternetNews.com

Although the rollover to the year 2000 was overall a non-event,
some companies were bitten by the Y2K bug, including some users of
InfoPop Corp.'s Ultimate Bulletin Board .

Ultimate BBS provides message board technology to more than 100,000
Web sites including Prodigy and Warner Brothers online. Like most
companies preparing for Y2K, most sites using the service had no
problems, but a few ended up slipping through the cracks.

Visitors to sites such as Investorville.com and internet.com
properties Intranet Design Magazine and MyDesktop.com message
boards were presented with messages containing incorrect dates,
such as Jan-02-100.

A company official said users need to upgrade their programs to
version 5.41 in order to solve the bug.

A fix has been posted for any other Y2K problems within Ultimate
BBS systems, and can be found here:

http://www.scriptkeeper.com/ubb/Forum3/HTML/000419.html

------------------------------------------------------------

5) Kozmo Customers Get Surprise Y2K Bills?
------------------------------------------------------------

ALLYSON LIEBERMAN

Local Kozmo.com customers received more than videos and snacks over
the Christmas holiday -- they got billed for items they never
ordered.

About 100 New York Kozmo-users who have accounts with the web-based
service that guarantees delivery of entertainment and convenience
items in under an hour were mysteriously charged random fees during
the week between Christmas and New Years.

"I was charged $57 on Dec. 26. And $77 on the the 29th. And I
haven't used Kozmo in weeks," said Michael Auerbach, a New York-
based Kozmo customer who said he knew of two others in his office
who were also bogusly billed.

"When I called customer service, they said it was a computer glitch
and that they were hoping people would call in to report the
charges. But that's ridiculous. I'm never going to use Kozmo
again," he said.

A spokeswoman for Kozmo said the random fees were a mistake.

"A few people were billed incorrectly -- less than 100 people in
New York -- but it's all been taken care of," said Alison Blume.

Blume said the site sent out e-mails to customers who received
false charges and also sent the overbilled New Yorkers 5,000 Kozmo
points -- valued at $50 -- to remedy the situation.

------------------------------------------------------------

6) Y2K Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 98: 01/06/00
------------------------------------------------------------

Sun Server Attacks, Y2K Questions

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) FBI Probes Sun Server Attacks
2) Still Possibility for Y2K Trouble
3) Questions on Y2K Outcome
4) Companies Hit by Y2K Bug and Virus
5) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) FBI Probes Sun Server Attacks
------------------------------------------------------------

Steven J. Vaughan-Nichols, Sm@rt Reseller

A new and deadlier style of denial of service attack is targeting
government Internet sites. The Federal Bureau of Investigation,
CERT (the Computer Emergency Response Team) and the SANS Institute
all have issued warnings within the past couple of days of Trojan-
horse software attacks affecting Sun Microsystems servers.

CUMULATIVELY, over the last few months, at least several hundred
Solaris systems have been infected with Trojan horses using such
programs as trinoo, the Tribe Flood Network (TFN), TFN2000, and/or
stacheldraht (the German word for "barbed wire"). The Trojans then
launch coordinated denial of service attacks from the infected
systems, which overwhelm other Solaris- and non-Solaris-based sites
with sheer traffic volume.

How bad are these attacks? According to Alan Paller, director of
research for the SANS Institute, an international community of
system administrators and analysts, these attacks can deliver up to
2.4 billion packets in 10 minutes on a target site. That's more
than enough to bury any system regardless of its security, traffic
control or firewalls.

Security groups like SANS and CERT are working on methods of
detecting and defeating the Trojans.

Sun was preparing a statement regarding the Trojan attacks, but had
yet to release it by press time.

More information on the technical side of the problem is available
via CERT Advisory CA-2000-01 Denial-of-Service Developments and
SANS Flash Alert for Solaris Users.

------------------------------------------------------------

2) Still Possibility for Y2K Trouble
------------------------------------------------------------

By FRANK BAJAK Associated Press Writer

NEW YORK (AP) - The Y2K bug's biggest risk was never to power
grids, missile systems or telephone exchanges but rather to the
complicated backroom systems on which the world's corporations and
governments run.

And that's why the vast majority of Year 2000 computer problems
won't turn up for days, weeks or even months, information
technology experts say.

So forget the somehow widely disseminated misconception that if
planet Earth got past Jan. 1 without any info-disasters we'd be
home free.

Think not of Y2K as an information age earthquake avoided but
rather as a steady stream of gradually more damaging tremors to
come.

For early examples, consider a few of the failures from Monday, the
first U.S. business day of the new millennium:

-Driver's licenses could not be issued in nearly half of New
Mexico's motor vehicle offices.

-A vital payroll computer died at an Alabama company.

-Doppler weather systems shut down for a few minutes in Chicago.

-A small part of a Danish bank's payment system was erased.

Millions of small- and medium-sized businesses worldwide have done
little or nothing about Y2K and will fix on failure.

``Now is the tough time. The next few months are going to be the
toughest Y2K time,'' said Dale W. Way, bug point man at the
Institute of Electrical and Electronic Engineers.

At greatest risk in the private sector are the accounting,
inventory, invoicing, billing and other systems integral to
survival - a crazy quilt of interconnected programs often cobbled
together over decades.

Such ``custom applications,'' also common in government agencies,
are nothing like the control systems at power and water plants,
which are typically spare, easy to maintain and fortified by built-
in redundancy.

Instead, they tend to be a mishmash of different software languages
riddled with updates and patches applied over decades like digital
duct tape that experts say make them especially susceptible to Y2K
errors.

``Every large company says they have some software that they run
routinely without even knowing what it does,'' Way said. ``They are
afraid not to run it - because they're afraid of screwing up if
they don't.''

That's why tampering with such code to try to purge it of Y2K bugs
can often introduce new unrelated errors. Programming is an art,
not a science, and not all programmers are Picassos.

The more complex a system, the more difficult to repair it safely
without introducing new errors.

In administrative and accounting software, errors can show up in
many ways. Systems can simply crash computers; fail to process
certain data and lose it; make an incorrect assumption and corrupt
data; or destroy data completely.

Errors also may not occur until triggered by a particular event.

``A program whose job is to track the pressure in a chemical
plant's boiler ... may not activate until a certain temperature is
reached,'' said Norman Dean, director of the Center for Y2K and
Society, a Washington public interest group. ``And that may not
happen until next week and it may not happen until next year.''

Bug-infected systems are apt not to blow up but rather degrade over
time - linked in many cases to monthly report generation or billing
cycles - and often not even be easily identifiable as Y2K-induced.

Robert X. Cringely, a Silicon Valley commentator, predicts ``Y2K
effects will linger far past January as a patina of rust'' on
information systems.

Or, as the IEEE's Way puts it, the threat has now passed ``from
systems with low intrinsic risk and high repairability to ones with
high risk and low repairability.''

For an idea of the complexity of Y2K fixes in business, consider
the challenge to Mastercard International, which had to scour 7
million lines of code in at least 10 different programming
languages ranging in age from one to 25 years. Or AT&T, which
examined 385 million lines in 3,500 systems and applications.

Neither company has so far reported any Y2K-related failures.

Yet while U.S. states and foreign governments dismantled Y2K
bunkers Monday and a World Bank-funded international Y2K
clearinghouse in Washington canceled all further press briefings,
overjoyed that glitch damage has so far been minimal, big companies
remained igilant.

``Our feeling here at AT&T is that we won't close the book on Y2K
until Feb. 29,'' said company spokesman Dave Johnson. ``First of
all, we need all our billing systems to run a full cycle and then
we want to take a close look at the leap year,''

Leap year? This year has 366 days, while 1900 did not.

The Y2K computer problem will not simply go away.

Due to the extra day issue, it will even nag us on Dec. 31.

As programmer Lane Core likes to say in Internet columns that
harangue what he considers mainstream media's simplistic coverage
of the issue: ``Y2K is not a one-time event. It's a chronic
condition.''

------------------------------------------------------------

3) Questions on Y2K Outcome
------------------------------------------------------------

Question
========
Since some companies did a lot of remediation and other companies
did almost nothing, why no apparent difference in outcome? Since
some countries spent a lot per system (not just total, but per
system) and other countries did not, why no apparent difference in
outcome?

Answer
======

The most likely answer is JER, Just Enough Remediation. Who was
better able to estimate the amount of remediation for a system
better than the system managers, whether in Rome, NY or in Rome,
Italy?

And the amount of remediation necessary was in direct proportion to
the level of computerized automation.  Thus Paraguay did almost
nothing, but needed almost nothing.

The company I used to work for in the Valley did almost nothing
because they are less than 6 years old.

Older companies had to do more.  All that happened in the USA was
TMR, Too Much Remediation.  But as you have pointed out, ad
nauseum, we had the most at stake.

------------------------------------------------------------

4) Companies Hit by Y2K Bug and Virus
------------------------------------------------------------

ALEX LO, SOUTH CHINA MORNING POST

More than a dozen companies and organisations have been hit by the
Y2K bug and one other suffered the first known malicious virus
attack activated by the year change, the Productivity Council said
yesterday.

In the first serious attack by one of 14 viruses linked to the year
2000 rollover, the virus known as W32.Mypics.Worm, attacked a
computer firm's system and destroyed its Bios input-output system.

"In layman's terms, the computer is as good as dead. It would be
difficult to retrieve any data at this stage," said the council's
information technology division general manager Yung Kai-tai.

Since Saturday, the council has recorded 13 Y2K incidents in
addition to the virus attack.

Three were serious, with one system failure and two software
programs that would not function properly.

The council yesterday sounded a warning about 14 viruses that could
strike any time this year, some of which may be spread unwittingly
by e-mail.

"Because of the nature of computer code-writing, designing a 2000-
sensitive virus is much easier than a date-specific virus," the
council's principal IT consultant, Roy Ko Wai-tak, said.

The council is expecting approval for a government grant to set up
a computer emergency response centre modelled on similar
organisations in 90 countries.

Pending approval, the centre could start operations by this summer,
he said.

It would help local companies and organisations in computer
emergencies liaise with similar overseas centres and promote
Internet and computer security.

------------------------------------------------------------

5) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 99: 01/07/00
------------------------------------------------------------

Some Y2K Glitches Covered Up?

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Y2K Glitch Causing Credit-Card Errors
2) Northwest Airlines Y2K Security Glitch
3) Computer Glitch Delays Flights in Northeast
4) IDO's Mobile Phones Fail to Display Date
5) Lack Of Y2K Chaos Halts Hacking, Viruses
6) Y2K After Rollover Repair Kit
7) Dems Patch Security Hole

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Y2K Glitch Causing Credit-Card Errors
------------------------------------------------------------

Bloomberg News

RESTON, Va. (Jan. 7) -- CyberCash Inc.'s credit-card verification
software used by about 100,000 merchants has a Year 2000 related
glitch that's causing some credit- and debit-card purchases to be
recorded twice, the Wall Street Journal reported.

A CyberCash spokeswoman said about 50 merchants told the company
this week they hadn't updated software to fix the problem, as
CyberCash had been urging them to do since the spring; the company
didn't know how many other merchants may have the faulty software.

Credit-card processors noticed an increase in duplicate
transactions Wednesday, but said they were catching the errors and
consumers shouldn't worry about excessive billings, the paper said.

CyberCash is the most widely used online payment processing
service.

------------------------------------------------------------

2) Northwest Airlines Y2K Security Glitch
------------------------------------------------------------

EAGAN, Minn. (AP) -- Northwest Airlines is alerting customers who
recently made purchases on its Frequent Flier Web site that their
credit card numbers and personal information were unprotected
because of a programming glitch.

Northwest spokesman Jon Austin said the risk of hackers getting the
information is small, but one the airline is taking seriously.

``We want to be able to take care of this ourselves because it is a
problem we created and one we want to help resolve,'' he said.

The problem arose when a computer programmer doing maintenance on
the site put the system ** back on line ** but forgot to restore
the security system.

** [ Ed.: This is a Y2K related problem ]

When a customer didn't see a small ``lock'' icon as he placed his
order in mid-December, he notified the carrier that the information
was not secure.

Austin did not say exactly how long the site was unsecured or how
many passengers were affected. Northwest is now notifying
passengers who made purchases at the time about the security lapse.

------------------------------------------------------------

3) Computer Glitch Delays Flights in Northeast
------------------------------------------------------------

The Associated Press

WASHINGTON (Jan. 6) - The Federal Aviation Administration said a
computer problem today that caused flight delays of two or more
hours across the eastern one-third of the nation has been fixed and
is not believed to have been related to Y2K.

[ Ed.: Looks like a Y2K bug to me ]

Flight delays began after a computer at the FAA's Washington center
in Leesburg, Va. began experiencing problems transferring data
about 6:15 a.m. EST, said Drucella Andersen, a spokesman at FAA's
headquarters in Washington.

Normal operations resumed at 9:49 a.m. ``These problems caused an
overload in the computer so the center transitioned to a backup
system,'' she said. ``The exact cause of the failure is not known
at this time. It does not appear to be Y2K-related.''

Delays were experienced by passengers traveling to or from Boston,
John F. Kennedy, LaGuardia and Newark, Philadelphia, Pittsburgh,
Raleigh-Durham, N.C., Reagan National, Dulles International and
Baltimore-Washington International, the FAA said.

The problem occurred in a computer that processes information sent
to the center in Leesburg from various radar systems, other air
traffic control centers around the East Coast as well as flight
plan data filed by airlines and individual pilots, said William
Shumann, another FAA spokesman in Washington.

``The backup system is safe, but it's a much slower system with
less capacity and so we have to hold airplanes on the ground,'' he
said.

Steve Letzler of Baldwin, N.Y., said in a telephone interview that
his wife called him from her cell phone after sitting on the tarmac
at LaGuardia Airport for two hours.

``They were just sitting there,'' Letzler said. ``Everyone was
antsy apparently. She just wanted to know if I had heard anything.
The pilot said that apparently there was some sort of radar
problem.''

On Monday, a computer malfunction at the FAA's center in Nashua,
N.H., delayed flights at airports in Massachusetts, New Jersey and
New York.

FAA officials said a backup computer system was used when the main
computer at the air traffic control center experienced problems for
about three hours Monday night.

Eliot Brenner, FAA's spokesman in Washington, said then that the
problem was not related to Y2K, the term used to describe glitches
that occurred as computers make the rollover from 1999 to 2000. The
FAA's Boston center in Nashua controls flights over more than
160,000 square miles of air space from the Atlantic Ocean to
western New York and from the Canadian border to south of Long
Island in New York.

------------------------------------------------------------

4) IDO's Mobile Phones Fail to Display Date
------------------------------------------------------------

Kyodo News Service TOKYO

IDO Corp. said Thursday some of its digital mobile phones have been
unable to display the date since Jan. 1 due to a programming error.

Although the mobile phone operator said the problem was not caused
by the Y2K computer bug, the disruption occurred as the date turned
Jan. 1, 2000.

[ Ed.: Then it was likely the Y2k bug? ]

IDO said it has received more than 50 complaints by Wednesday from
users of its 508G and 510G digital phones, which were manufactured
by Kyocera Corp. It has sold 140,000 of the devices to date.

They stopped displaying the date when receiving electronic mail
through IDO's electronic mail service for mobile phones, it said.

------------------------------------------------------------

5) Lack Of Y2K Chaos Halts Hacking, Viruses
------------------------------------------------------------

Rutrell Yasin, InternetWeek

The lack of major Y2K computer glitches denied hackers and virus
writers cover to launch attacks as the world passed into 2000,
according to IT managers and security experts. But enterprises are
still on a high state of alert this week.

Prior to the new year, experts predicted that hackers would use Y2K
confusion to launch virus and denial-of-service attacks on
corporate networks. However, since many organizations locked down
their systems over the holidays, fast-spreading malicious viruses
had little chance of wreaking havoc.

Moreover, hackers may have been deterred by the scrutiny of system
administrators, who monitored their networks round the clock for
suspicious activities, experts said. With all of the focus on the
Y2K problem, "anyone would have been a fool to have tried
something," said Mike Higgins, president of Para-Protect, a
security consultancy.

As companies opened for business on Monday, Jan. 3, IT managers
were cautiously optimistic.

"So far, things are running smoothly," said Danny Slagle, a
computer specialist at Breed Technology, a supplier of specialty
auto parts. "As far as new viruses, we're still holding our
breath."

While several antivirus software vendors uncovered more than a
dozen viruses during the days prior to the new year and over the
weekend, no serious outbreaks were reported.

Trend Micro discovered 14 new viruses during the Y2K rollover,
about nine of them at customer sites, a spokeswoman for the vendor
said. Viruses included W97M.Chantal.B, a destructive Word 97 macro
virus that infects documents; VBS_LUCKY2000, an overwrite-type worm
written in Visual Basic Script; and TROJ_Zelu, a file-deleting
trojan pretending to be Y2K-checking software.

The viruses were immediately detected and cleaned up before they
could cause damage, the Trend Micro spokeswoman said.

Network Associates' and Symantec's antivirus teams also said
viruses had little impact on customer sites over the weekend.
Indeed, an InternetWeek survey of 1,086 IT professionals indicated
that viruses weren't a problem for most.

Companies were also bracing for denial-of-service attacks because
of the emergence of new hacker tools, such as trinoo and Tribe
Flood Network, which can be used to launch coordinated packet
flooding and system-crashing assaults.

Para-Protect's Higgins said that early on Dec. 31, hacker chat
groups were lively with boasts about planned targets. But as
Greenwich Mean Time rolled in and there were no major Y2K outages
in Asia-Pacific and Africa, "it got deafeningly quiet," Higgins
said.

Over the next few weeks, companies should maintain a state of
alert, he advised.

Companies that have locked down systems should be careful to
properly configure these systems as they're brought back online. IT
managers should also add fixes for any vulnerabilities that might
have surfaced while the systems were locked down, Higgins said.

------------------------------------------------------------

6) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

7) Dems Patch Security Hole
------------------------------------------------------------

Erich Luening, CNET News.com

The Democratic National Committee has fixed a security hole on its
Web site that could have displayed private information collected
about visitors. The DNC regularly polls its users on political
issues via its Web site. Earlier today, the Center for the Study of
Technology and Society, an online security watchdog organization,
said the DNC site keeps a log of users' Internet protocol (IP)
addresses, which could be read online by anyone with a Web browser.

An IP address is a unique string of numbers that identifies a
computer on the Internet.

The DNC said it wasn't aware of the problem until the center
publicized it in a press release. A DNC representative said the
organization remedied the problem by moving software and data from
an unsecured server to a secure server.

IP addresses can be used to monitor online browsing and other
personal information. A directory of IP addresses viewable online
could make users' computers vulnerable to attack, the center said.

"Collecting user IP addresses is bad enough, but publishing them
online poses a serious danger to unsuspecting users," Adam Keiper,
president of the center, said in a statement.

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 100: 01/10/00
------------------------------------------------------------

Y2K After Rollover

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) CyberCash Blames Y2K For Transaction Dups
2) Are FAA Computer Problems Y2K Related?
3) Y2K Council Reports Y2K Annoyances
4) Y2K War Not Over
5) Why Didn't We See More Y2K Related Failures?
6) Editor's Comments
7) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) CyberCash Blames Y2K For Transaction Dups
------------------------------------------------------------

CNET News.com

Merchants using certain CyberCash software have processed duplicate
credit card transactions as a result of a Y2K-related computer
glitch, company representatives said Friday.

"It reminds us of the fact that Y2K is a serious challenge and a
serious problem," said Jack Gribben, spokesman for the President's
Council on Year 2000 Conversion, which issued a report saying
the foul-up affects mostly smaller retailers. "I would not be
surprised to hear of other glitches."

The data processing snag comes after credit card swipe machines in
Britain supplied by HSBC Holdings succumbed to a Y2K-style bug late
last month and caused delays for thousands of U.K. shoppers. "In
terms of size and scope, and operationally, it is not affecting our
business significantly," said a CyberCash representative. "For us,
it's a couple extra people on the phone issue for a couple of
days."

The problem stems from payment software that merchants failed to
upgrade to levels that were Y2K ready, CyberCash spokeswoman Sydney
Rubin said, adding that the company used various methods to notify
merchants of the need to upgrade.

Rubin said CyberCash did not have an exact figure for the number of
transactions that repeatedly charged consumers' credit cards. "We
don't believe that consumers are in the end going to be aware of
any of this," she said.

------------------------------------------------------------

2) Are FAA Computer Problems Y2K Related?
------------------------------------------------------------

Linda Rosencrance

01/07/2000 Although officials from the Federal Aviation
Administration (FAA) say that this week's computer problems in
control centers in Nashua, N.H., and Leesburg, Va., aren't related
to the year 2000 date rollover, technicians who install and
maintain the equipment aren't so sure.

"Theoretically there could be a connection [between Y2K and the
FAA's computer problems]. Last week a patch was installed and this
week there are computer problems. Is it just a coincidence?" said
Mike Perrone, a national assistant of the Professional Airways
Systems Specialists (PASS), the union representing the technicians
who install and maintain the computers in the nation's air-traffic
control system.

Last week PASS technicians blasted the FAA for ordering them to
install a last-minute software patch to all its host computers --
at the 21 air-traffic control centers across the country -- to fix
a potential Y2K problem, despite assurances by the FAA that all
systems were Y2K-compliant.

FAA officials, however, deny there is a connection, adding that the
problems in the two centers were very different, although they both
occurred in peripheral devices that caused problems in the main
computers.

Thursday flights in the Northeast and parts of the Southeast were
delayed up to two hours when the air-traffic control center in
Leesburg experienced a data-transfer problem between a peripheral
device and the main computer, causing the main computer to
overload.

The FAA said the center than made a transition from the main
computer system, or Host and Oceanic Computer System Replacement,
to a backup system, or Direct Access Radar Channel.

Monday night, a mainframe computer outage at the FAA's air-traffic
control center in Nashua caused flight delays of up to 90 minutes
throughout the Northeast. The FAA said this problem occurred when a
1987-vintage IBM logical disk drive assembly failed, because of a
bad bearing.

------------------------------------------------------------

3) Y2K Council Reports Y2K Annoyances
------------------------------------------------------------

Dominique Deckmyn

01/07/2000 Minor Y2K glitches have struck government agencies
throughout the week, reports the President's Council on Year 2000
Conversion.

Some of the more noteworthy: the Federal Reserve Bank of Chicago
experienced a glitch in transferring $700,000 in tax payments,
delaying payments for one day until the problem was repaired.

Also in the Chicago area, an unnamed bank temporarily interrupted
some electronic Medicare payments, and Medicare contractors were
forced to send diskettes containing processed claims by courier.
That problem was reported fixed on Jan. 6.

"The fact that there continue to be date-change glitches reminds us
that the Y2K challenge was very real," said Council chair John
Koskinen.

After today, Friday, the Council will scale back its activities,
with only a core staff of about 30 to monitor Y2K reports until the
end of the month.

------------------------------------------------------------

4) Y2K War Not Over
------------------------------------------------------------

Metropolitan Computer Times.

Computer owners should continue with their Y2K vigilance because
the Y2K threat is not yet over, National Computer Center (NCC)
Director General Ike Seneres today advised the local market.

Seneres said that future Y2K related problems could come from
viruses that are triggered by the year 2000, or from glitches in
software applications that could not correctly respond to year-
sensitive applications.

"But there is really no cause for alarm, because Filipino computer
experts in the government and private sectors have proven
themselves to be capable in beating the Y2K problem," he clarified.

To address any Y2K-related problems in the coming days, the NCC has
encouraged the government and private sectors to organize their own
Incidence Reporting Teams (IRTs). Seneres added they plan to
eventually support all these IRTs with a national network of
computer emergency response teams, in cooperation with private
sector volunteer Organizations.

Seneres today also encouraged the management of government and
private organizations to purchase licensed anti-virus software as
soon as possible. He said that organizations should not prolong
their anti-virus decisions because delaying their actions could
eventually cost them more money.

------------------------------------------------------------

5) Why Didn't We See More Y2K Related Failures?
------------------------------------------------------------

Matt Hotle, Year 2000 Strategies, Gartner Group

Summary: Perhaps the most-asked question we have received since the
year 2000 date change occurred is why more problems have not been
reported.

One reason is that the year 2000 problem is not about only the
boundary period and therefore must be monitored throughout the
year.

Another factor is that organizations as a result of their spending
are getting what they paid for:
operational software and hardware.

Event: On 1 January and 2 January 2000, GartnerGroup year 2000
analysts were deluged with media requests for interviews. In that
period, the most-asked question focused on whether the year 2000
problem was a "hoax" because so much money was spent but so few
problems were reported.

First Take: Several factors explain why incidents of reported year-
2000-problems have been relatively low since the date change
occurred:

* Problems have already been reported publicly + A number of
problems were reported, from issues in nuclear stations in Japan to
minor aviation-related problems in the United States.

Fortunately, these problems were correctable and their severity was
minor. Said another way, they have been nuisances. However, the
"myth" that no problems were reported is just that.

* Most problems will go unreported publicly + Most organizations
are not required to publicly report year 2000 problems that they
find and fix internally.

Most year 2000 defects that have been found and fixed have not come
to the public's attention + nor will they, in the coming days,
weeks and months.

Although some decry the "secrecy" of such fixes, no regulation
forces such reports.

****************************************************
In most cases, it is not in the organization's best
interest to publicly report failures of any severity.
****************************************************

Many technology asset types have not yet been executed + Over the 1
January 2000 midnight boundary, embedded devices and some hardware,
software and middleware were executed.

Although certain applications were also executed, this did not
occur across-the-board.

However, by the end of the first full week of January 2000, daily
batch cycles for 31 December 1999 will be completed, as will week-,
month-, quarter- and year-end processing for 1999; offline systems
will be brought up; and batch cycles for the first daily run of
2000 will be executed.

This period will show how well application remediation efforts were
performed. Problems will be reported through the year + Previous
GartnerGroup research noted that only 10 percent of problems would
occur in the two-week period around the boundary, and that 55
percent of all problems would be noticed through 2000.

A constant report of daily problems likely will not emerge:
"spikes" of defects will be noted on the first daily, weekly,
monthly, leap year, quarterly, semiannual and annual cycles.
Software will break when transactions are run, and organizations
must ensure they understand when and where date-related
transactions will execute.

Money was spent and problems were fixed + Most organizations began
their year 2000 work in late 1997 or early 1998 in real terms. Most
organizations spent considerable resources (up to 40 percent of
their IT budgets) on year 2000 remediation.

In addition, the usual application development project has as
little as 10 percent to 35 percent of its project budget spent on
testing; year 2000 programs spent up to 75 percent of the budget
ensuring that interrelationships among software components worked
as specified.

As we have long stated, the year 2000 date change would be a no-win
situation for organizations. If they spent huge sums correcting
year 2000 problems and major failures occurred, they would have
spent too little. If they spent exorbitant amounts and experience
few (or no) major problems, then the perception is that too much
was spent!

We prefer the latter. Substantial amounts of money have been spent,
and in this case, it appears (at least initially) that
organizations are getting what they paid for: operational software
and hardware.

------------------------------------------------------------

6) Editor's Comments
------------------------------------------------------------

Dan Steele, EE

The notion of virulent or domino-like spreading of Y2K failures was
always the most speculative doom and gloom scenario. It required
specious reasoning and sloppy statistics.

The fact is that their really were Y2K problems that would've
affected us much worse if IT people around the world hadn't
done their work.

Right now we're in a phase where the media seems to be rushing to
proclaim that Y2K was a non-event -- the same media that said it
was a real threat only two months earlier.

If you're still looking for auditing tools on January 10, 2000, I'd
suggest Cnet's Catchup Y2K program. It does a fine job of auditing
apps. Run it, follow the links to find the updates you need to get
Y2K current. You might also want to run the Netsavers NET2000 Total
Software Scanner, mentioned at the bottom of this newsletter.

If you're still concerned about your PC's hardware clock (seems
like all you wouldn't know now is 2/29/2000 handling) you might
want to pick up Netsavers Y2K TSR Scanner Kit, also mentioned
below. And set your Short Date Style in Regional Settings
to display 4 digit years. And stop worrying. :)

------------------------------------------------------------

7) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 101: 01/12/00
------------------------------------------------------------

Post-rollover Hacker Update

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Hackers Infiltrate Internet Services
2) Young Hacker Arrested
3) Hacks Involved Nuclear Weapons Labs
4) New Windows Virus Discovered
5) Out of The Y2K Woods
6) Y2K Comments
7) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Hackers Infiltrate Internet Services
------------------------------------------------------------

Dale Kasler, Bee Staff Writer

Springboarding from a computer they infiltrated at an El Dorado
Hills company, a group of teenagers embarked on a nationwide
hacking spree last month, stealing passwords from Pacific Bell
Internet customers and even attempting to break into the networks
of two federal nuclear research laboratories, law enforcement
officials said. The teens then bragged about the caper in an online
chat room.

Detectives from the Sacramento Valley High Tech Crimes Task Force
said Tuesday that it appears the group -- which included two
teenagers in El Dorado County and at least one in Los Angeles --
hacked their way into a computer at InnerCite Inc., an Internet
service provider in El Dorado Hills, and then used the machine as a
sort of gateway to break into 26 other Internet service providers
and other Internet-related sites.

The group failed to get into the nuclear labs' computers, but one
or more hackers did swipe about 63,000 customer passwords from
PacBell's Internet service and prompted the temporary shutdown of
InnerCite's service, said Detective Damian Frisby of the Sacramento
Valley Hi-Tech Crimes Task Force.

There was no evidence that the hackers gained access to anyone's
credit card numbers, Frisby said.

The FBI searched the home of a Los Angeles 16-year-old who is
believed to be the ringleader of the incident, said Frisby, who is
also with the El Dorado County Sheriff's Department. The two El
Dorado County teens seem to have been affiliated somehow with the
hackers' group but "so far I haven't been able to show they did
anything wrong," Frisby said.

The 16-year-old in Los Angeles has been released to his parents'
custody but is expected to be charged with grand theft, unlawful
access and other charges, the task force said.

The incident, which took place over the course of several hours
Dec. 5, raised fresh concerns about Internet security.

In a separate case that surfaced over the weekend, a hacker
believed to be in Eastern Europe tried to extort $100,000 from a
Connecticut-based online music retailer, claiming he had copied
300,000 customers' credit-card files. Citing that case, Attorney
General Janet Reno decried the "dark side of the Internet" in a
Palo Alto speech Monday and proposed a new crackdown on hackers and
virus perpetrators.

Experts said the Internet's exploding popularity -- particularly
the rise of online retailing -- will continue to make security an
issue. The more people who log on, the more weak links will occur,
said Barb Rose of the International Computer Security Association.

"I don't think everything's well," said Elias Levy, chief
technology officer at SecurityFocus.com, a Silicon Valley
consulting firm. "It's too easy for people out on the Internet to
break into computers."

The El Dorado Hills scheme began when one of the hackers, who
claimed to be affiliated with a group called "Global Hell," used
his home computer to break into a computer belonging to InnerCite,
an Internet service provider in El Dorado Hills with about 5,000
customers.

InnerCite apparently was targeted because one of the El Dorado
County teens is the grandson "of a very nice customer," said
InnerCite vice president Robert Bruce.

However, it wasn't clear which hacker actually broke into the
InnerCite computer, said Sgt. Mike Tsuchida of the task force.

Bruce said the hacked computer is used to house customers' Web
pages and e-mail files; it doesn't contain credit card information
or user passwords. The company detected the infiltration within
minutes and shut down the Internet service for about two hours, he
said.

From El Dorado Hills, the hacker or hackers started traveling the
Internet, infiltrating PacBell's Internet service, the giant
Internet infrastructure company PSINet Inc. and about two-dozen
other Internet sites, all while hiding behind the anonymity
provided by the InnerCite computer, Frisby said.

But the group didn't stay anonymous very long.

It set off computer alarms by trying to break into the computers at
Sandia National Laboratories in New Mexico and Oak Ridge National
Laboratory in Tennessee, two U.S. nuclear research labs, according
to Frisby.

Tsuchida said the hacker or hackers conducted a "port scan," an
effort to find weak spots in the weapons labs' computers. "It's
like a burglar trying all the doors and windows, trying to feel for
a weak spot," Tsuchida said.

The group got no further than the labs' doorstep.

"They didn't get in," said John German, spokesman for Sandia. "We
detected a large number of port scans in a short period of time."
Sandia then contacted InnerCite, he said. It wasn't clear if
computers at Sandia's sister site in California were targeted as
well.

The group also was traced that day through online chat rooms, where
one or more of the teens began boasting about their exploits,
according to Bruce and Frisby. "These are chat rooms frequented by
hackers," Frisby said.

Meanwhile, InnerCite's security personnel were keeping an eye on
the situation. Rather than "shut the door" by turning off the
infiltrated computer, the company decided to keep the machine
running to track the group's activities, Bruce said.

"They left footprints," he said.

Frisby said InnerCite's monitoring of the group helped crack the
case.

Bruce said the hacker group apparently didn't harm any customer's
Web page or e-mail files, but InnerCite created backup files just
in case some material had been corrupted or deleted.

InnerCite didn't notify customers because no customer account
information was accessed by the group, he said. "We had to make a
judgment call, whether to alarm everybody or clean it up and alert
the feds," he said.

Although security has been stepped up at InnerCite, he said hackers
are becoming increasingly sophisticated and brazen.

"You know, this thing's the Wild, Wild West," Bruce said.

PacBell spokeswoman Michelle Strykowski said the company contacted
the 63,000 customers whose passwords were stolen, essentially
ordering them to create new passwords for themselves by Friday --
or face getting locked out of the system until they comply.

PacBell also is urging its 270,000 other Internet customers to
change their passwords as well; those customers are being notified
in groups "so there's no bottleneck," she said.

"Hackers have proven to the Internet industry that we've got to be
vigilant," she said.

------------------------------------------------------------

2) Young Hacker Arrested
------------------------------------------------------------

HARRISON SHEPPARD

LOS ANGELES -- The teen-ager from suburban West Hills accused of
possessing 63,000 Pacific Bell Internet Services account passwords
is a ``good kid'' who hacked more for bragging rights than for
malicious intent, an investigator said Tuesday.

PacBell has asked for hundreds of thousands of customers to
change their passwords as a result of the discovery, police said.

Investigators said they questioned the 16-year-old El Camino Real
High School student at his school and home and seized his computer
equipment last month. The youngster, who was not identified because
he is a juvenile, could face several felony charges, including
grand theft and unlawful access, said Detective Damian Frisby with
the Sacramento Valley High-Tech Crimes Task Force.

``He seems like a fairly good kid,'' Frisby said. ``It appears
mainly it was for bragging rights as well as to use storage space
on these people's servers.''

The boy is believed to have acquired the passwords while working
from his bedroom, Frisby said. The account passwords from PacBell
and other companies apparently were used to escape detection when
hacking into other computers, Frisby said.

El Camino Real Principal Ron Bauer said FBI agents interviewed the
student on campus and detained him last month.

The teen-ager claimed membership in a notorious hacking group
called Global Hell, which has been the target of an FBI crackdown
since May.

``They're responsible for breaking into dozens of sites including
the White House,'' John Vranesevich, founder of AntiOnline, a
suburban Pittsburgh group that tracks hackers. ``They kept the
FBI's site down for a week. The group is infamous.''

Their average age is 18, he said, but they typically start around
14. Most of them are not malicious, but are the high-tech
equivalent of an inner-city tagging gang.

``They're constantly trying to one-up one another, trying to gain a
better status within their peer group,'' he said.

The juvenile joins a long line of infamous hackers from the San
Fernando Valley. Among them are Kevin Mitnick, a Panorama City
native who led the FBI on a nationwide manhunt after breaking into
numerous systems, and Kevin Lee Poulsen, a North Hollywood man who
pleaded guilty to computer fraud and illegal possession of computer
passwords in 1995.

Los Angeles has probably the nation's second-largest hacker
population, more than Silicon Valley and behind only New York,
according to Vranesevich.

------------------------------------------------------------

3) Hacks Involved Nuclear Weapons Labs
------------------------------------------------------------

Kevin Anderson, BBC News Online

Teenage hackers stole thousands of internet accounts and used them
to scan the networks of two national laboratories involved in the
nuclear weapons programme, authorities in the US state of
California have said.

The five hackers, aged 15-17, hacked 26 internet service providers
in the US and overseas, said Captain Jan Hoganson, of the
Sacramento Valley High-Tech Crimes Task Force in California.

They had a list of 200,000 user accounts from Pacific Bell and were
able to successfully steal the passwords for about 95,000 accounts.

They used these accounts to anonymously scan the networks of the
Sandia and Oak Ridge National Laboratories.

Scientists at Sandia design all non-nuclear components for the
nation's nuclear weapons. Oak Ridge was established in 1943 to
produce plutonium for the nation's first nuclear weapons.

They did not gain access to the labs' networks, but federal
officials described the hackers' activities as "unwelcome visits",
Captain Hoganson said.

"It's like they went to a locked business at night and rattled the
lock," he added.

The hackers have not been arrested but have been contacted by the
authorities.

This is the latest of several high-profile hacks. On Monday, it was
revealed that a hacker had stolen thousands of credit card numbers
from online music seller cdUniverse.

The hacker attempted to blackmail the site, asking for $100,000 or
else he would release the numbers on the Internet.

Some of the cards were used fraudulently to make purchases of more
than $1,000, and some card numbers were posted on a website that
was taken down only last weekend.
In a separate incident, a hacker was able to redirect traffic from
at least nine sites last weekend to a site called HighSpeedNet.net.

The operator of HighSpeedNet told reporters from the technology
site CNET that he himself had been hacked and was also a victim,
not the perpetrator.

LawNet

US Attorney-General Janet Reno has called for a national computer
network to allow law enforcement across jurisdictions to catch
criminals.

"The internet is indeed a splendid tool of wonder, but there is a
dark side of hacking, crashing networks and viruses that we
absolutely must address," she said.

An FBI survey of Fortune 500 companies found that 62% had reported
computer security breaches in the last year.

Ms Reno wants to establish LawNet, an online law enforcement agency
that would act independent of jurisdiction, being able to sweep
across local, state and international borders to pursue criminals.

On a regional level, the Sacramento Valley High-Tech Crimes Task
Force is a model for such an agency.

It was established in 1995 in response to law enforcement
complaints from Hewlett-Packard and Apple, which have plants in the
area.

Ms Reno has in mind something much grander.

"I envision a network that extends from local detectives to the FBI
to investigators abroad," she said.

------------------------------------------------------------

4) New Windows Virus Discovered
------------------------------------------------------------

Steve Gold, Newsbytes

F-Secure says that it has discovered the industry's first Windows
2000 virus, despite the fact that the new Microsoft [NASDAQ:MSFT]
operating system is still several months from shipment.

The new virus is called Win2K.Inta or Win2000.Install and, the
Finnish information technology (IT) security firm says, appears to
be written by the 29A virus group.

The good news for current users of Windows is that the firm reports
that the virus does not execute at all under older versions of
Windows.

"It's a media virus, which means it hasn't been discovered in the
wild, but it is something that is worth noting," said Mikko
Hypponen, F-Secure's manager for anti-virus research, adding that
the virus was probably coded by someone with a beta copy of Windows
2000.

Hypponen told Newsbytes that the discovery of the Win2K.Inta virus
has its parallels with the discovery of the first virus for Windows
95 several months before that operating system started shipping to
the public.

Perhaps fortunately for PC users, Hypponen added that Windows 2000
has several checks on the integrity of executables that will
intercept more traditional forms of viruses.

"There is still a problem with macro viruses, which can run under
Windows 2000 and cause trouble," he said.

Hypponen added that many NT4 viruses will not work under Windows
2000 because of the operating system's checks on the executable's
integrity.

F-Secure says that, because it has received no reports that this
virus is in the wild, the Win2K.Inta virus is not considered to be
a major threat. The most important feature of the virus, the firm
says, is its capability to spread under the new operating system.
"Now we can expect virus writers to include Windows 2000
compatibility as a standard feature in new viruses," said Hypponen.

For the technically-minded, Win2K.Inta works by infecting program
files and spreads from one computer to another when those files are
exchanged. The infected files do not grow in size.

Finjan says that the virus infects files with the following
extensions: EXE, COM, DLL, ACM, AX, CNV, CPL, DRV, MPD, OCX, PCI,
SCR, SYS, TSP, TLB, VWP, WPC and MSI.

This list includes several classes of programs that were not
susceptible to virus infection before, Newsbytes notes. For
example, the virus will analyze Microsoft Windows Installer files
(MSI files), scan them for embedded programs and infect them.

The virus contains the following text string, which is never
displayed: "(Win2000.Installer) by Benny/29A & Darkman/29A"

------------------------------------------------------------

5) Out of The Y2K Woods
------------------------------------------------------------

Birmingham Post

So was the Millennium Bug real? Y2K (remember it was shortening
stuff like this that got us into trouble in the first place)
arrived and the expected computer-generated worldwide mayhem didn't
happen. It was one big yawn.

One large software company had several hundred people on duty over
the New Year and took just three Y2K-related calls!

That's not to say that there haven't been problems, but those that
surfaced have been isolated, were not life threatening and were
quickly fixed.

The most common ones have been down to sloppy programming where the
date has rolled over correctly but hard-coding elsewhere in a
program has converted the date to 19100 or 192000. If you want to
spend an amusing ten minutes feeding off other
people's embarrassment visit http://www.y2kmistakes.com,
www.y2kmistakes.com and view some of the common errors on websites.

Amazingly, even given this bad publicity some sites were still
showing incorrect dates when I looked at them on January 6.

So, was it all a waste of money and just self-seeking by the IT
industry eager to suck yet more money out of customers? For some
media commentators to even raise this question shows the incredible
problems of perception that we in the IT industry face.

We have an immovable project deadline involving millions of lines
of code that have to be checked and tested across thousands of
systems worldwide and we achieve it in time so that our objective
of a smooth rollover of major systems happens without amajor
glitch.

A cause for great celebration for project planning and execution
and a vote of thanks for all those IT staffers who averted a major
global catastrophe, I would have expected.

Not a bit of it, according to some media pundits, which raises in
my mind some interesting cultural observations about our reliance
on technology, without appreciating just what a huge maintenance
effort is required to keep it all running.

Was some money wasted? Undoubtedly. Was it blown out of proportion?
Not by the IT industry.

But back to the Millennium Bug. Are we out of the woods yet?
Probably not - it's in the nature of software that the dependencies
across hundreds of thousands of function points are impossible to
predict.

Once we've gone through a normal monthly businesscycle and done
things such as issued bills and updated aged debtor's lists,
particularly in electronically linked systems, everyone will feel
more comfortable.

Get February 29 out of the way (2000 is an additional leap year
that has to be addedoccasionally because our years are not exactly
365.25 days long) and we can safely say we've beaten the bug.

One very positive aspect to arise from all the work on Y2K is that
organisations have undergone a thorough audit and spring-cleaning
of their systems. For probably the first time they know what is out
there, what is critical and what is not.

Also, there is (or should be) a realisation among business leaders
just how dependent we have become on the business logic embedded in
our software and, more importantly, just how complex it has become.

The most important thing to emerge is that technology cannot be
left to the technologists and business managers cannot turn a blind
eye to software design and interaction and allow a problem of this
magnitude to occur again.

Equally, programmers cannot continue to design systems to fit
inherent technological limitations without a business risk analysis
being understood by their paymasters.

------------------------------------------------------------

6) Y2K Comments
------------------------------------------------------------

Dan Steele, EE

The notion of virulent or domino-like spreading of Y2K failures was
always the most speculative doom and gloom scenario. It required
specious reasoning and sloppy statistics.

The fact is that their really were Y2K problems that would've
affected us much worse if IT people around the world hadn't
done their work.

If you're still looking for auditing tools on January 10, 2000, I'd
suggest Cnet's Catchup Y2K program. It does a fine job of auditing
apps. Run it, follow the links to find the updates you need to get
Y2K current. You might also want to run the Netsavers NET2000 Total
Software Scanner, mentioned at the bottom of this newsletter.

If you're still concerned about your PC's hardware clock (seems
like all you wouldn't know now is 2/29/2000 handling) you might
want to pick up Netsavers Y2K TSR Scanner Kit, also mentioned
below. And set your Short Date Style in Regional Settings
to display 4 digit years. And stop worrying. :)

------------------------------------------------------------

7) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 102: 01/14/00
------------------------------------------------------------

Satellite's Y2K Glitch Was Worse

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Satellite's Y2K Glitch Worse Than Reported
2) NewApt.D, Plage2000 Worms Target E-Mail
3) FAA Y2K Report Withheld
4) Taking a Whack at Hackers
5) Microsoft, AOL on Collision Course
6) Y2K Comments
7) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Satellite's Y2K Glitch Worse Than Reported
------------------------------------------------------------

PAMELA HESS

A Y2K glitch that hobbled an intelligence system was a far more
serious and wide-ranging problem than the Pentagon initially
admitted to; worse, it was self-inflicted -- caused by a software
patch intended to avert any date-related problems in the vital spy
system that failed to work, Defense Department officials told
United Press International.

"The patch was an attempt to not have a problem - in this case, it
gave us one," said one official.

The trouble was not in the satellites in space, but in an imagery
processing ground station at the Army's Fort Belvoir in Virginia. .
. . The ground station is owned by the National Reconnaissance
Office, UPI reported.

But these were not the only satellites rendered useless by the
balky ground station: Two radar imaging satellites, part of the
6100 series, also were feeding their data into the faulty imagery
processing system. These take pictures either day or night by
bouncing radio signals off targets.

The result was three hours of total blindness, and then two days
with just a trickle of the vast flow of pictures normally produced
by five satellites available only to the president, CIA and
Pentagon.

It was the only serious military consequence of the year 2000
rollover, for which the Pentagon prepared at a cost of $3.6
billion, the UPI report said.

Hamre, who first got word of the trouble during a low-key New
Year's Eve celebration with a skeleton crew of Pentagon staff and
reporters, characterized the problem from the start as
"significant."

Hamre explained Jan. 4 that he did not reveal more at the time
because of fears it could compromise national security. If those
rogue states or groups normally under nearly constant surveillance
knew the satellites were technically blind, they might take
advantage of it.

Link: http://www.vny.com/cf/News/upidetail.cfm?QID=57149

------------------------------------------------------------

2) NewApt.D, Plage2000 Worms Target E-Mail
------------------------------------------------------------

Dick Kelsey, Newsbytes

Virus trackers say they have unearthed two new worms, one a NewApt
variant that uses e-mail and executable attachments to overload e-
mail servers and another that could threaten e-mail systems and
eBusiness infrastructures.

NewApt.D is the fourth version of the NewApt family of Win32 worms
first detected "in the wild" last month. Plage2000 is a new worm
and little is known about its history, said Computer Associates
International Inc.

Narender Mangalam, director of security for Computer Associates
International, told Newsbytes that NewApt.D "sends out a lot of e-
mails to bring down e-mail servers by sheer volume. In that sense
it is similar to the Melissa virus."

Melissa left an estimated $80 million damage to computers worldwide
by sending infected e-mail to the first 50 names in Microsoft
Outlook e-mail address books. Melissa creator David Smith, a
computer programmer, pleaded guilty to state and federal charges
last month.

NewApt.D searches Netscape, Outlook and Outlook Express settings to
locate the mail server, then connects to it directly and sends e-
mail using SMTP protocol. E-mail is NewApt.D's only target. "This
particular worm doesn't cause much damage to the computer itself,"
says Mangalam.

CA said the payload variant triggers on March 2 and deactivates on
July 12. The text of the message sent remains the same as the other
NewApt variants (both parts ASCII and HTML).

When the worm installs itself, it modifies the registry entry to
read
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and
creates the value "Scandsks" which point to the installed worm
program.

Plage2000 arrives as an e-mail bearing text that reads,

"P2000 Mail auto-reply: 'I'll try to reply as soon as possible.
Take a look to the attachment and send me your opinion!'"

Then users see

> Get your FREE P2000 Mail now! <

An attachment adopts different filenames such as setup.exe,
images.exe or billgt.exe, which can transmit e-mails to senders of
unread messages in the user's Inbox. CA said it was looking for
more data on Plage2000.

NewApt.D and Plage2000 are among 300 to 400 new viruses introduced
each month, Mangalam estimated.

"We feel that information-wise, it's important for people to know
they exist," he said. "Most have the potential to go into the wild
and cause damage. Many don't."

He said the typical virus writer is a male aged 16 to 25 who simply
wants recognition, although some really do want to cause widespread
damage and don't care if they remain anonymous, Mangalam said.

"We look for certain dates, even obscure dates - people's
birthdays, Christmas, Easter - all of these are big dates" to virus
writers, he said.

While the 2000 rollover came and went with little computer trouble,
post-New Year's Day Y2K problems may still be in the wild, as well
as the leap year date of Feb. 29.

------------------------------------------------------------

3) FAA Y2K Report Withheld
------------------------------------------------------------

Robert MacMillan, Newsbytes

The two leading members of the House Science Committee withheld a
key General Accounting Office (GAO) report on the Federal Aviation
Administration (FAA) and security lapses to avoid a jaundiced
public reaction during the heady days preceding the Year 2000 date
change.

Science Committee Spokesman Jeff Lungren told Newsbytes that
Chairman F. James Sensenbrenner, R-Wis., and Ranking Democrat Ralph
Hall, D-Texas, did not suppress the report, as was reported by the
Associated Press and a Milwaukee newspaper. Instead, he said, they
opted to send a draft version of the report to the White House
before releasing the report within the required 30 days of its
reception in the Science Committee.

The report is scheduled for release Tuesday, but Lungren would not
provide specifics. He said that Sensenbrenner still must approve
the release, but is unavailable because he currently is in Taiwan.
Hall also must give his approval, but also is not in Washington,
D.C., at the moment.

White House officials did not return telephone calls seeking
comment, though Sensenbrenner reportedly told White House National
Security Adviser Sandy Berger that the option to release the GAO
report was Berger's.

Lungren confirmed Sensenbrenner's statement to the Milwaukee
Journal Sentinel that the GAO report shows that security lapses
were committed at the FAA during its attempts to reach Year 2000
compliance.

He said the report shows that some of the outside contractors
brought in to correct Year 2000 problems did not possess the proper
clearance. In addition, he said, the report raised other security
issues that were "larger than just Y2K."

These issues currently remain undisclosed, though Lungren said that
no one has discovered any security "compromises" despite the fact
that the stage apparently was set for them.

Lungren also said that releasing the report in the midst of
uncertainty and concern about unexpected consequences of the Year
2000 problem could have produced an adverse public reaction.

"Sometimes in the public discourse... there was some anxiety with
the Y2K issue, and sometimes things can be taken out of context,"
he said.

As Newsbytes reported, the FAA's Year 2000 preparations were
largely successful, with Administrator Jane Garvey, Senate Aviation
Subcommittee Chairman Slade Gorton, R-Wash., and White House Year
2000 point man John Koskinen all taking commercial flights during
crucial date change times on Dec. 31, 1999.

------------------------------------------------------------

4) Taking a Whack at Hackers
------------------------------------------------------------

Leslie Walker

Many companies are opting to bypass the FBI when they detect a
hacker attack, fearing the kind of publicity that hit Internet
music retailer CD Universe this week after a hacker e-mailed news
organizations to brag that he had stolen credit-card numbers.

While CD Universe called the FBI within an hour of receiving an e-
mail extortion threat, other companies make their first panicked
call to the equivalent of digital Ghostbusters--private security
consultants steeped in the eerie world of hackerdom.

Indeed, the e-security industry is being turbocharged by the rise
of electronic commerce and computer hackers. A new breed of
security firms is being born, and many are hiring "hacker trackers"
to go mouse-to-mouse with intruders.

A digital arms race is underway between hackers, who are
developing tools to make computer break-ins push-button easy, and
the software industry, which is frantically working on tools to
thwart them.

Security risks to the nation's vital computer networks are growing
so fast that government and private industry are scrambling to
address them. President Clinton last week proposed $91 million in
new federal spending to protect computer networks and create a
Federal Cyber Service that would enlist college students in the
anti-hacker wars.

Attorney General Janet Reno chimed in with a call this week for a
national anti-cybercrime network that would function around the
clock.

At Para-Protect and another local company, ICSA.net in Reston,
small armies of "white hat" hackers are fighting the wars 24 hours
a day. Para-Protect's 45 employees and ICSA.net's 100 include
computer whizzes who join underground hacker groups to gain access
to secret Web sites and to monitor hackers.

One Boston security firm that formed last week, AtStake Inc., even
hired eight notorious hackers known for developing hacking tools.
Members of the cadre, known as "the Lopht," claim their mission has
always been to expose, not exploit, security flaws. Now they hope
to get paid for helping banks, brokers and Web stores foil digital
thieves.

"Who knows how hackers operate better than these guys?" said
AtStake founder Ted Julian. He raised $10 million from venture
capitalists on the theory that electronic security is becoming more
strategic to companies in the era of e-commerce, because the degree
of openness and speed of communication between a company's
computers and its suppliers can make or break a business.

"The way most companies have approached security is broken," Julian
said. "The goal of security used to be to lock down systems and
keep people out; the goal now has to be to make everything as open
as possible."

With openness comes risk, which is growing exponentially as
companies move critical functions online. The Internet, after all,
is a public collection of computer networks. Hooking any company's
computers up to it creates potential entry points for hackers to
worm their way behind the company's Web site and steal information-
-even money--from internal databases.

Experts say credit-card numbers are almost never stolen in transit
online--even the CD Universe theft probably occurred on its
internal computer network--and the most serious thefts often
involve an intruder who may spend months watching a company's
network before acting.

The Web site is generally a company's most exposed doorway, and
hackers take delight in passing through. In the past two weeks
alone, Lloyd's of London and Microsoft's Taiwanese operation
announced that their Web sites had been hacked by intruders.
London-based VirginNet, an Internet service provider, issued nearly
200,000 new passwords to customers last week because a hacker
stole the original ones.

Last Saturday, intrusions were logged at more than 40 Web sites by
a popular anti-hacking e-mail list. Especially troubling were
reports of a new kind of Internet attack: domain-name hijackings.

Hackers readdressed the domain names, or Internet addresses, of
half a dozen big Web sites over the weekend so no one could access
them on the Internet. The attack knocked faculty e-mail out of
commission for days at Emory University.

Carnegie Mellon University's Computer Emergency Response Team has
tracked hacking for 11 years and says about half the 30 incident
reports it receives daily involve intrusions. All told, it logged
more than 8,000 incidents last year.

One factor fueling the hacking is free online distribution of
simple attack tools, making it easy for people who don't even know
computer programming to break into Web sites. "These tools truly
are down to point, click and attack," Higgins said.

In his office, Higgins demonstrated graphical tools with command
menus that seemed as easy to operate as Microsoft Word or Excel.

"Shadow Advantis Administrator" probes a target Web site to see
which "ports," or doors, on a computer might be open. It identifies
vulnerabilities any target computer might have.

Hackers then use Internet "scanner" programs to probe thousands of
computers looking for openings.

They download software with names such as "WebCrack 3.0" to crack
weak passwords and "Back Orifice 2000" to install "Trojan horses"
that can launch crippling attacks later.

To counteract the threats, experts say, companies must understand
that security requires far more vigilance than before. Companies
must monitor the arms race almost daily to keep their defenses
current against the latest attack tools.

Mindful that the threats will worsen as high-speed Internet
access spreads through cable lines and digital subscriber phone
lines, researchers in computer labs are developing software agents
to mimic the human immune system by automatically detecting and
defeating invaders.

Commercial implementation, however, remains far away.

------------------------------------------------------------

5) Microsoft, AOL on Collision Course
------------------------------------------------------------

ASSOCIATED PRESS

WASHINGTON (AP) -- Did Bill Gates underestimate Steve Case?

Weeks after the last time America Online Inc. surprised the
technology industry by purchasing Internet pioneer Netscape, Gates
confided he wasn't worried the $10 billion deal among his biggest
rivals might pose serious risks for Microsoft's future.

"AOL," Gates wrote in an e-mail to his top Microsoft executives,
"doesn't have it in their genes to attack us."

Now, a year later, America Online's appetite has grown, fueled by
the market's unfathomable surges in technology stocks, toward its
$145 billion merger with Time Warner Inc. Case, one of the world's
few executives to already beat Gates head-to-head, will become the
new billionaire chairman of the combined company.

The stunning deal gives Case's AOL Time Warner Inc. the ideal
weapon to challenge Microsoft where it considers itself most
vulnerable: a vast network of high-speed Internet lines that can
deliver to consumers a promising new generation of software and
information that don't require Windows, Microsoft's lucrative
flagship operating system that runs most of the world's computers.

This fledgling category of software -- which already includes word
processors, games and digital calendars -- isn't installed on a PC
using Windows like today's programs.

Instead, these programs are delivered and run across high-speed
Internet connections, appropriate for almost any device that can
connect to the Web. The ultimate promise for many is to remove the
industry's intense reliance on Windows, which has earned billions
for Gates & Co.

Until his recent shopping spree, Case struggled with no "fat pipes"
to deliver to his 20 million AOL subscribers this new generation of
bandwidth-hungry software. By comparison, Microsoft's own online
service, MSN, has about 2.5 million subscribers. Case, who once
wrote e-mail comparing Microsoft to Hitler, is increasingly ready
to attack.

Microsoft last year invested $5 billion in AT&T, which alone has
more than 1 million high-speed Internet customers.

"The really important thing about the Time Warner-AOL deal is, it
gives AOL the cable outlet," said David Smith, an Internet analyst
at the Gartner Group. "It means you have both sides that are
armed."

The breadth of the AOL Time Warner combination "will be forcing
Microsoft out as they grow," said Rob Enderle, a technology analyst
for the Giga Information Group. "Tomorrow, they could do a fairly
good job of removing Microsoft as a vendor in the space."

Microsoft, under close scrutiny in Washington as part of the
government's ongoing antitrust lawsuit, can't react as aggressively
or swiftly as it might prefer, but it isn't sitting still.

In a shot across the bow, Gates announced Thursday that Microsoft
will refocus its efforts on what he said were the "next generation
of Internet services" being developed during the next two or three
years.

He compared the revelation to Microsoft's dramatic shift in
strategy in 1995, when the company suddenly embraced the Internet.
"We see ourselves today at that same type of inflection point," he
said.

"You haven't seen anything yet," Gates predicted as he announced
his new role as chief software architect. "The nature of software
will be changing. Software will be delivered in many cases as a
service across the Internet instead of a software product."

For more than two decades, the technology industry has thrived on
the theory that the power of computers increases exponentially over
short periods.

"We're going to bet on the equivalent law for broadband," promised
Yusuf Mehdi, director of marketing for MSN.

"We're going to suck up the cycles that you can get on a fast
connection into really interesting things -- video and audio and
interactive television."

Like Case, who surrendered his title as chief executive officer in
his new company to be chairman, Gates also elevated his longtime
friend, Steve Ballmer, to become CEO at Microsoft but also remains
chairman. Tit for tat.

And for anyone wondering about the future of Windows, Gates dubbed
the new software, "Next Generation Windows Services."

It's shaping up to be quite a battle.

------------------------------------------------------------

6) Y2K Comments
------------------------------------------------------------

Dan Steele, EE

The notion of virulent or domino-like spreading of Y2K failures was
always the most speculative doom and gloom scenario. It required
specious reasoning and sloppy statistics.

The fact is that their really were Y2K problems that would've
affected us much worse if IT people around the world hadn't
done their work.

If you're still looking for auditing tools on January 10, 2000, I'd
suggest Cnet's Catchup Y2K program. It does a fine job of auditing
apps. Run it, follow the links to find the updates you need to get
Y2K current. You might also want to run the Netsavers NET2000 Total
Software Scanner, mentioned at the bottom of this newsletter.

If you're still concerned about your PC's hardware clock (seems
like all you wouldn't know now is 2/29/2000 handling) you might
want to pick up Netsavers Y2K TSR Scanner Kit, also mentioned
below. And set your Short Date Style in Regional Settings
to display 4 digit years. And stop worrying. :)

------------------------------------------------------------

7) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 103: 01/20/00
------------------------------------------------------------

Cyber Shakeout 2000

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Online Credit Card Security
2) Netting Everyone
3) What If the Internet Ran Out of Power?
4) Security and the Single Store
5) Is AOL the next Microsoft?
6) Cyber Shakeout 2000
7) Top 50 Sites of December 1999
8) Y2K Comments
9) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Online Credit Card Security
------------------------------------------------------------

Paul A. Greenberg, E-Commerce Times

Consumer fears of online credit card security were reinforced this
week, as hackers infiltrated the credit card database of health
products supplier Global Health Trax, Inc.

On Monday, the company's old Web site became vulnerable to the
hackers, who gained access to home phone numbers, bank account
numbers, and credit card account numbers of several hundred
distributors. The site has been unused for more than a year.

Growing Concern

This incident comes on the heels of what is generally considered to
be the largest Internet heist to date, when a hacker stole credit
card details from Connecticut-based CDUniverse earlier this month.
In that case, the perpetrator posted stolen credit card information
on the Internet after failing to extort money from the company. The
credit card information was also sold by the thieves, who later
used e-commerce software to bill non-existent purchases to several
of the accounts.

In the Global Health Trax incident, the breach is believed to be an
act of sabotage, and a former employee is suspecting of having
intentionally placed the information on a non-secure part of the
server.

The new report about Global Health Trax renders another blow to
consumer confidence in the safety of shopping online by reminding
us that internal security breaches by current or former employees
can be as serious as external breaches.

"When someone hacks a site, it raises a lot of questions to the
consumer," said Chris Merritt, of Atlanta, Georgia-based Kurt
Salmon Associates. "They are thinking, 'You told me that you have a
secure site, but how do I really know if it is secure?'"

In the case of Global Health Trax, the system is set up for
distributors of the company's dietary supplements to access its
site, and enter credit card numbers on an order form that is e-
mailed to the company.

While this latest heist may have been the result of a deliberate
move on the part of one individual with inside access, the
CDUniverse event was reportedly the direct result of a flaw in the
company's security software.

Shoppers Undaunted by Security Reports

According to consulting and auditing firm Ernst & Young, the number
of U.S. consumers who shopped online in 1999 more than doubled
compared to a year ago. The report says that 39 million U.S.
consumers used the Internet to shop, compared to 8.3 million
Europeans.

The study reported that U.S. consumers made an average of 13
purchases online in 1999, and spent $1,205, while in 1998, U.S.
shoppers averaged six purchases and spent $280.

The study projects that sales will nearly double this year to at
least $45 billion.

------------------------------------------------------------

2) Netting Everyone
------------------------------------------------------------

csmonitor.com

The Internet is wafting humanity into the 21st century. But
Internet euphoria is mixed with numerous Net concerns, and none is
greater than the worry that a substantial part of the population
will be left in the dust as the rest of us glide into cyberspace.

In the United States, statistics analyzed by the Commerce
Department have tended to deepen this worry. The department's 1999
survey of Internet use in American households found an online
"racial ravine" separating white and Asian-American middle-class
Web surfers from black and Hispanic users of the technology.

In fact, this may be more an economic than a racial divide, with
poorer families, understandably, slower to buy the hardware needed
to access the Net. An even more profound reason for a gap in
Internet use is disparity in educational level and literacy. The
new technology emphasizes words, codes, and numbers. Unlike TV
watching, there's nothing passive about understanding and
negotiating the Web.

That said, some powerful factors are pushing toward greater access
to the Internet:

In Congress, bills are pending to require cable systems to carry
high-speed Internet service and to loosen the restrictions on
regional Bell companies to allow them to bring the Internet to
rural areas. Last December President Clinton announced a national
goal of connecting every American to the Net. This is a follow-up
on the administration's long-proclaimed goal of wiring every school
in the country. (The government estimates 80 percent of classrooms
are currently hooked to the Net.)

Increasingly, Internet-capable computers are common in workplaces
and public places like libraries, as well as in homes. The Commerce
Department survey looks specifically at home use, where economic
constraints are greatest. Other surveys asked people whether they
regularly use the Net, without specifying where. Those surveys show
a smaller gap between technology haves and have-nots.

The technology and its cost are ever-changing. Computers to access
the Web have dropped below $1,000. Internet service is typically
worked into the price, lowering the cost of the hardware, though
obligating the buyer to monthly fees.Increasingly, the hardware
will veer away from computers toward even cheaper appliances
designed solely for Internet access. Web-TV is another development.

The economic barriers are coming down. People from all income
groups and ethnic backgrounds are likely to eventually find a way
to bring the Net into their homes.

The educational barrier may be more difficult. The drive to improve
public education should converge with the goal of universal access
to information technology. We need not only Internet access, but
the ability as individuals to make constructive use of this
powerful tool.

------------------------------------------------------------

3) What If the Internet Ran Out of Power?
------------------------------------------------------------

Susan Straight

America's aging electrical grid may need an overhaul and greater
cooperation among Net, electric utility, and telecom companies

The Internet economy is placing new demands on the nation's
electricity supplies -- and some experts say the power grid may
wilt under the pressure. The number of people using the Net will
soon exceed 200 million -- with 80% of the traffic routed through
U.S. servers. There's a growing consensus among industry analysts
that the Net -- which requires 24-hour, 7-day-a-week, fail-safe
power -- will force an overhaul of the country's aging electrical-
grid structure and greater cooperation among Internet, electric
utility, and telecom companies.

Already, the Internet has been responsible for one-half to two-
thirds of the increased demand for electricity in the U.S. in the
last decade, according to Mark Mills, president of Mills-McCarthy &
Associates, a Washington-based energy consulting firm. At a recent
conference at the Center for Strategic & International Studies in
Washington, D.C., Mills predicted that "half of all electricity
within the next decade will be devoted to computers and the
Internet."

Total Internet and computer usage is estimated to soak up about 8%
of the total U.S. electric output, according to David Dortman,
managing editor of the Huber Mills Power Report. That percentage is
likely to continue to grow sharply as Internet use increases
worldwide.

HOW MANY NINES? More usage raises the stakes with regard to
reliability. Power surges and brownouts are Kryptonite to the
cyberworld, with the potential for rendering whole industries and
distribution networks powerless. Mills marvels that while growth in
demand for electricity is in lockstep with gross domestic product
growth (1/3 of GDP involves Internet technology), the telecom and
utility industries haven't worked together more closely to assure
reliability.

Reliability is likely to get worse before it gets better, Mills
cautions. Deregulation of the vertically integrated electric
industry could result in a shakeout, causing heavy financial losses
for some power companies. The shakeout could be similar to what the
airlines went through when they first deregulated, says Mills. When
this happens, the Internet sector will have to adjust, but
makeshift solutions, such as setting up their own emergency-power
operations, "will create more problems in the long run," he
believes.

That's why "realizing the benefits of e-commerce will require
increased attention to the surety of the Internet, electricity, and
other infrastructures," says Sam Varnado, director of the Energy &
Critical Infrastructure Technology Center at Sandia National
Laboratories. While computers are more energy-efficient than
before, Varnado cautions that peak electricity demand last summer
exceeded previous records by 3% to 5%. Power disruptions caused by
system overload are intolerable to Internet-dependent
organizations.

CALL ME UNRELIABLE. Sandia Labs simulated a hypothetical power
shortage in Houston, in which half the city experienced four
separate power outages, while the other half experienced one
continuous power outage for the same amount of time. The four
shorter lapses were considered more disruptive for businesses and
the local economy, the study found, since the inference drawn from
such an experience is that the power supply can't be trusted.
"Companies will move out of areas where electricity is perceived to
be unreliable," Varnado explains.

One way to ensure greater reliability is to modernize urban power
grids with high-temperature superconductor wiring -- a technology
that earned its two discoverers a Nobel prize in 1987. American
Superconductor Corp., a major installer of HTS wiring, recently
replaced some of Detroit's wiring with HTS gear, which takes up
two-thirds less space than traditional wiring and is more reliable.

According to experts at the conference, it may take a lot more
cities following Detroit's lead and retooling their power grids
with HTS to head off the types of power shortages envisioned by
Sandia Labs -- and keep the Internet economy humming.

[P.S.: See http://www.suttondesigns.com for Power Protection
equipment to protect YOUR systems!]

------------------------------------------------------------

4) Security and the Single Store
------------------------------------------------------------

Five years ago, when the web was new, the idea of having a credit
card number stolen online seemed ludicrous.

The real danger, we quickly learned, lurked among the buyers, bad
guys using stolen credit cards to order dozens of pantsuits RIGHT
NOW for delivery to a P.O. box across the country from the address
of the cardholder.

While the Internet is the entry point for hackers, the real jewels
are in authorization systems, which are supposed to be separated
from the Internet by powerful firewalls. Visa, which is based in
the San Francisco Bay area, had its base system compromised in
July, according to London's Sunday Times. Source code files were
stolen, and the hackers reportedly sought a ·10 million ransom.

The Visa hack is a far bigger concern than the CD Universe hack.
Visa's software implements standards that must be met by every
other merchant processor, and the source code gives hints to those
standards that compromise every processor. Given the fact the hack
came from London, it's possible systems were compromised from
there, meaning only a 56-bit encryption key, not the more powerful
128-bit keys common in the U.S., was broken.

What can you do, as a merchant, to protect yourself and your
customers? The most important thing to do is to take card numbers
behind your firewall and erase them from memory after every
transaction.

Another way to ensure safety, Faisal adds, is to break Amazon.com's
patents on its "one-click ordering" system. The Amazon system is
secure, Faisal says, but Amazon is suing everyone who uses it.

The real key to security, of course, is keeping hackers from
getting behind the firewall in the first place. There's good news
here in the Clinton Administration's approval of rules removing
virtually all restrictions on the export of powerful encryption.
But they should make powerful 128-bit encryption standard on all
servers, as well as clients, very quickly. The war against hacking
depends on strong encryption, whatever the risks that other kinds
of bad guys may misuse it.

------------------------------------------------------------

5) Is AOL the next Microsoft?
------------------------------------------------------------

Scot Petersen, PC Week

About a year ago, I wrote an online column about AOL's
extraordinary success, titled "Why AOL rules the world." I told the
story of my friend "Bob," whose online innocence was the key to
AOL's ever-increasing flock. AOL's online training wheels made the
Web easy and accessible for the Bobs of the world, and as long as
there were Bobs and their families, AOL would rule.

Now that AOL has made that prediction come true through its pending
merger with Time Warner, the issue on everyone's mind is what this
means for all of us, AOL subscribers and civilians alike.

First of all, what it means to me and what it means to IT pros are
two different things, since AOL is a consumer service, and at last
week's merger announce ment it was clear that mass consumer dollars
are the prime directive for AOL Time Warner.

Still, several crossover issues will affect all of us in the
technology industry. Since I could wager a hefty sum that no one
can claim he or she hasn't been touched by a Time Warner
publication or doesn't know an AOL subscriber, here's the
breakdown:

Shock You Very Much: Some of us remember AOL's early days·not the
Quantum Computer Services days, but those of the early Mac·when it
was still pretty cool to log on to an online service. In fact, AOL
postdates the Macintosh by a few years, yet here it is, ostensibly
taking over the granddaddy of all publishers.

America On Hold?: Who could forget 1995-96, when AOL didn't seem to
have an open line anywhere and was watching its online world
crumble? To its credit, it buckled down, built a real backbone,
added millions of modems and rode out the storm. It has survived
despite a reputation as a paradise for tech newbies·and predators.
It has prospered in an age of free everything, and it can still
raise its rates with impunity.

1984 Redux: There is a darker side to this proposed merger. AOL's
not exactly in Microsoft's class as a monopoly·not yet, anyway. The
merged entity will be more like a cartel, with hundreds of separate
businesses that report, create, write, publish, disseminate,
record, film and produce news and popular culture.

The "M" Word: As in Microsoft. We saw what happened when a couple
of software geeks got a whiff of the power they had over the
hardware vendors that, it turned out, needed their code.

First, consider the notion that AOL is the No. 1 Web access
provider, but the heart of its business is closed, proprietary
content.

Second, AOL has been decidedly Microsoft-like in the way it has
managed use of its AIM instant messaging services, knocking off
people who were found to be using some other vendor's client
software.

Third, AOL execs have cried for open access to rival broadband
networks, but now that AOL is about to own a 13 million-subscriber
cable network of its own, they have toned down that rhetoric.

See a pattern?

And The Web Shall Lead Them: The least surprising part of this deal
is that we should have seen it coming. Last year's attempted Lycos-
USA Networks merger, even though it failed, signaled a pending
change in the form of virtual media looking to acquire significant
real-world partnerships.

At the end of the day, it won't matter where the revenue comes
from. Time Warner needed Internet-savvy executives calling the
shots and, if nothing else, AOL has proved to be the most savvy of
all Internet companies.

------------------------------------------------------------

6) Cyber Shakeout 2000
------------------------------------------------------------

Charles Cooper, ZDNet News

Is the big Internet shakeup at hand?

I sure hope so.

Over the past year, many a Chicken Little has been proved wrong on
that count. Each time one of these "experts" ranted about the
imminent collapse of cyberstocks, investors would prove the
Cassandras wrong by driving up Internet issues to ever-more-absurd
valuations.

So, is the sky going to fall?

And so a lot of folks walked away from the table smug about their
winnings, convinced the Internet economy worked on a rhyme and
meter all its own.

So much for business cycles. Forget about profits. This was
something entirely different.

Not so fast.

The "dotcom" hype-meisters may still have Wall Street's ear, but
you'd be a sucker to believe the laws of business have been
repealed. What's more, there's gathering evidence to suggest that
the bloom is coming off the rose.

When it reports Q4 results, Beyond.com is expected to come in about
$50 million short of expectation. On Wednesday the company
announced it would fire 20 percent of its staff. The CEO is being
sent packing, and management's solution to the mess is to join the
swelling ranks of business-to-business vendors.

A similar botch is costing the jobs of nearly half the employees at
Value America; the Internet retailer already has a new chairman and
new chief executive. Lots of luck, because with the brick-and-
mortar retail crowd finally getting its act together this outfit is
destined to live in interesting times.

Sure, it's tough on the employees who are going to wind up with
pink slips because of management miscues, but you have to believe
there's going to be more than a little bloodletting before it's all
over.

And here's why that will be just what the doctor ordered:

1. You know the story about the emperor without clothes. One day
the world will wake up to the fact that Jeff Bezos and a lot of his
cyber cronies have been selling wampum, and the sooner the better.

2. The Net is transforming society and the economy. The
carpetbaggers who have jumped onto this locomotive need to be
exposed for the revolution to run its course.

3. A nice, cleansing correction would do wonders to get management
thinking about how to build real, profitable businesses -- a quaint
notion in these gilded times of ours, but one that would be welcome
nonetheless.

------------------------------------------------------------

7) Top 50 Sites of December 1999
------------------------------------------------------------

CyberAtlas

Here are the Top 50 Digital Media Web sites and properties for the
month of December 1999 ranked by unique audience according to Media
Metrix. These rankings include home and work access.

1 yahoo.com
2 msn.com
3 aol.com
4 microsoft.com
5 netscape.com
6 geocities.com
7 go.com
8 bluemountainarts.com
9 lycos.com
1 0passport.com
11 amazon.com
12 hotmail.com
13 Excite
14 tripod.com
15 Real.com
16 AltaVista Search
17 About.com
18 eBay
19 Angelfire.com
20 ZDNet
21 Snap.com Search & Services
22 CNET.com
23 LookSmart.com
24 Xoom.com
25 Goto.com
26 Infospace.com
27 msnbc.com
28 Barnesandnoble.com
29 Hotbot.com
30 eToys.com
31 Weather.com
32 Smartbotpro.net
33 icq.com
34 Askjeeves.com
35 Macromedia.com
36 Buy.com
37 Sony Online
38 Pathfinder.com
39 Earthlink.net
40 CDNow.com
41 Mypoints.com
42 cnn.com
43 ToysRUs.com
44 Americangreetings.com
45 Egreetings.com
46 iVillage.com
47 Entertaindom-Warner Bros. Online
48 iWon.com
49 Directhit.com
50 BizRate.com

------------------------------------------------------------

8) Y2K Comments
------------------------------------------------------------

Dan Steele, EE

The notion of virulent or domino-like spreading of Y2K failures was
always the most speculative doom and gloom scenario. It required
specious reasoning and sloppy statistics.

The fact is that their really were Y2K problems that would've
affected us much worse if IT people around the world hadn't
done their work.

If you're still looking for auditing tools on January 10, 2000, I'd
suggest Cnet's Catchup Y2K program. It does a fine job of auditing
apps. Run it, follow the links to find the updates you need to get
Y2K current. You might also want to run the Netsavers NET2000 Total
Software Scanner, mentioned at the bottom of this newsletter.

If you're still concerned about your PC's hardware clock (seems
like all you wouldn't know now is 2/29/2000 handling) you might
want to pick up Netsavers Y2K TSR Scanner Kit, also mentioned
below. And set your Short Date Style in Regional Settings
to display 4 digit years. And stop worrying. :)

------------------------------------------------------------

9) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 104: 01/21/00
------------------------------------------------------------

Cybercrime, Domain Names, Web Worms

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Cybercrime Growing Harder To Prosecute
2) Chinese "Web Worms" Police Themselves
3) Corel Ousts Microsoft On DOJ Desktops
4) Domain Names Could Be Worth 7 Figures
5) Wiretapping Unwarranted?
6) Can Amazon Save Industry from Shakeout?
7) PORTABLE GENERATORS and Computers
8) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Cybercrime Growing Harder To Prosecute
------------------------------------------------------------

Martin Stone, Newsbytes

U.S. Justice Department officials reportedly called computer crime
a growing menace to corporations worldwide, and admitted that law
enforcement agents face major hurdles in combating it.

A report by Reuters today said Justice and FBI officials concede
there is no such thing as a completely secure computer system. The
warning was voiced Thursday at a conference on cybercrime sponsored
by the Deloitte & Touche accounting firm, the report said.

Who Is Vulnerable?

"The issue isn't who is vulnerable because everyone is vulnerable.
he issue is how are companies going to deal with those
vulnerabilities," Reuters quoted Assistant U.S. Attorney Allison
Burroughs as saying.

The report noted that a recent survey found that 62 percent of U.S.
companies reported security breaches in the last 12 months and that
resulting financial damages totaled almost $124 million (US$).

Computer criminals are harder to identify and have a greater reach
than conventional criminals, Burroughs reportedly said, adding that
prosecution of felons outside U.S. borders is complicated.

Formidable Weapon

Burroughs and FBI Agent Nenette Day warned that encryption, meant
to protect company data, can become a formidable weapon for
criminals wary of leaving electronic footprints, Reuters said.

That statement comes after Attorney General Janet Reno in September
said that the administration would work on making strong encryption
exports easier for US high-tech companies, who traditionally have
been hampered in their efforts to ship the products because of law
enforcement concerns.

The relaxed encryption regulations were announced on January 12th.

Day reportedly told the conference there are large numbers of
computer criminals working every day from home trying to defraud or
otherwise damage corporations. She added that corporations are
often reluctant to report computer intrusions, making
investigations more difficult, the report stated.

------------------------------------------------------------

2) Chinese "Web Worms" Police Themselves
------------------------------------------------------------

Matt Pottinger

BEIJING + In China's mushrooming Internet chat rooms, Big Brother
may not be watching, but Big Mama almost certainly is.

"Big Mamas" are web site employees who lead armies of volunteers to
patrol chat rooms and bulletin boards, using their mouses to zap
risky political commentary, foul language and unwanted
advertisements.

The intricately organised system shows how Chinese users are taking
it upon themselves to keep the Internet orderly + a form of self-
censorship designed to keep the web out of the cross-hairs of a
government distrustful of the information free-flow.

"It's a weird phenomenon, I know," said Oliver Kwan, director of
business development for Netease.com, a popular web site.

"But this shows how mature the Internet has grown in China. It's
self-regulating," he said.

CHINA KEEPS CLOSE TABS ON WEB

To be sure, the ruling Communist Party is constantly prowling for
content that is politically subversive or sexually explicit.

Internet service providers are ordered to put up firewalls against
foreign news and pornography sites. CNN is blocked, along with the
New York Times and some BBC content.

Last year, police arrested several members of the banned Falun Gong
spiritual movement for using the web to organise protests and
spread their faith.

Li Fujun, an associate professor in Henan province, was sentenced
to four years in prison in part because he posted an essay on the
web which said Falun Gong could cure illness.

Web portal sohu.com was forced to shut its office briefly last
spring after a local reporter discovered a link to a pornographic
site. Sohu.com pleaded ignorance, and quickly removed the link.

Many chat rooms were also ordered to suspend operation around the
10th anniversary of the bloody June 4, 1989, military crackdown on
student protesters in Beijing's Tiananmen Square.

But the explosive addition of Internet users in China, whose ranks
more than quadrupled last year to 8.9 million, has meant security
officials face a firehose of information when they attempt to vet
the web.

Where discourse is at its most free-wheeling + in myriad chat rooms
and bulletin boards + the government is at its most hands-off. "Web
worms," as Internet surfers are popularly known, are largely left
to monitor themselves.

KING OF BIG MAMAS

The mama of all "Big Mamas" may be Simon Shium at netease.com.

From a computer at his cramped desk, the self-avowed web addict and
former accountant oversees a hierarchy of hundreds of volunteers he
has vested with virtual patrol badges and the power to censor.

Around the clock, hundreds of Shium's "board masters" preside over
their favourite netease chatrooms.

"Stick to the topic," they sternly admonish when online
conversations stray from advertised themes, such as romantic
relationships, ancient history, technology and philosophy.

Chatters who engage in digital cursing matches or shrill criticism
of the government watch as their comments vanish from screen.
Repeat offenders have their chat room accounts revoked.

Shium, a shy 26-year-old, is a product of the system over which he
now holds sway.

Seduced by the Internet while working as a hotel accountant in the
southern island-province of Hainan, he became a fixture in in a
local cyber cafe.

"I was hogging the computer and the owner was constantly glaring at
me," Shium recalled with a grin as he skitted about chat rooms,
checking in with board masters and responding to messages from his
fans.

In one session, he recalls, he planted himself in front of the
computer on a Friday evening and didn't log off until work the
following Monday.

"I've cut back to about 16 hours a day," he said dead-pan.

Shium's constant online presence as a volunteer supervisor of chat
rooms caught the attention of netease founder William Ding, who
asked him to take a salaried position last summer as a Big Mama in
Beijing.

"There's no strict standard for what may stand and what must be
erased," he said as he vetted a puckish poem about deposed former
Communist Party chief Zhao Ziyang posted on one bulletin board.

"We have basic freedom of speech," he said, allowing the poem to
stand.

POLITICAL APATHY AND FEAR

Kwan said volunteers' jobs are made easier because little
incendiary political commentary shows up in the first place.

"Contrary to what people in the West have imagined, there's very
little negative or political material posted," he said. "The
hottest bulletin boards are love and relationships."

He attributed the phenomenon to political apathy among young
Chinese.

"If you're always a bad boy, you're going to get bored. And people
will get bored with you," he said.

A former official at the Ministry of Information Industry offered
another view about the lack of political commentary: self-
protection.

"It's a matter of looking after your own survival and safety.
That's the attitude people are taking when they get on the web,"
the official said, adding that authorities can trace comments back
to web users.

"If a web site exhibits political issues, it's suicide for the
site."

------------------------------------------------------------

3) Corel Ousts Microsoft On DOJ Desktops
------------------------------------------------------------

Steven Bonisteel, Newsbytes

When Department of Justice (DOJ) lawyers need to spell- check the
documents they prepare for their massive antitrust case against
Microsoft Corp. [NASDAQ:MSFT], they all may soon be using software
from Microsoft rival Corel Corp. [NASDAQ:COSFF].

Corel, based in the Canadian capital city of Ottawa, Ontario, today
announced a three-year, multi-million-dollar licensing deal that
will put its Corel WordPerfect Office 2000 suite on over 55,000 DOJ
desktops, some 16,000 of them using the WordPerfect Law Office
version of the software designed specifically for legal eagles.

In an antitrust lawsuit begin in 1998, 19 states joined the DOJ in
alleging that the Redmond, Wash.-based Microsoft employed a range
of illegal and anti-competitive practices to monopolize the PC
operating systems market.

While a "finding of fact" from Judge Thomas Penfield Jackson in
December buoyed the DOJ's case, the legal wrestling is far from
over. If a final ruling from Jackson expected later this month goes
against Microsoft, it would just be the beginning of a new round of
evidence preceding any decision on sanctions.

Corel said Software House International, a value-added software
reseller headquartered in Somerset, N.J., and with sales offices
across the country, was the contractor for the DOJ bid.

In the past, Corel has complained about gaining access to US
government departments to sell products that compete with
Microsoft's Office suite.

In December, the company filed a lawsuit in a US District Court in
Washington accusing the Department of Labor with unlawful
procurement practices after the department dropped its remaining
WordPerfect software in favor of standardizing on Microsoft's
offering. Corel claimed the department's "sole-source" approach
unfairly locks out Microsoft competitors.

------------------------------------------------------------

4) Domain Names Could Be Worth 7 Figures
------------------------------------------------------------

JASON Z. COHEN, Los Angeles Daily News

LOS ANGELES, Calif. -- What's in a name? More than a million bucks,
if you've got the right one.

Internet address auctioneer GreatDomains.com has four it believes
are worth seven figures.

The auction site eBay for $10 million but the winning bid turned
out to be a hoax.

The remaining three -- Loans.com, Cinema.com and Taxes.com -- are
being sold in a joint auction that will close Jan. 28, said Jeff
Tinsley, chief executive officer of GreatDomains.com.

The auction is being billed as the highest aggregate value sale to
date of domain names, the electronic addresses to Internet sites.

       ``This is going to be big. We have a verified offer for loans
of $1.3 million and offers of over $1 million for taxes and
cinema,'' Tinsley said. ``We've actually received offers in excess
of $3 million for loans.com that are in the process of
verification.''

The verified bids for taxes and cinema stood at $250,000 each as of
Thursday afternoon.

Tinsley values the loans.com domain name at or near the price for
which his company sold business.com: $7.5 million.

He said he believes the larger bidders are holding back until the
end of the auction.

       ``It always happens that way,'' Tinsley said. ``We're not
surprised at all at the offers we've gotten.''

Paying six- and seven-figure prices for the right to use a name is
increasingly common, said Clay Ryder, vice president and chief
analyst for Zona Research, a Redwood City, Calif.-based Internet
Research firm.

       ``The price paid is either absurd or it's not -- depending on
your point of view,'' Ryder said. ``What they spend advertising
them far outstrips the amount of money they pay for the name.''

GreatDomains.com has a strict verification process to protect
sellers as well as buyers who are putting up those huge sums of
money, Tinsley said.

The company's account executives receive the bids, then calls the
company or person who submitted them.

GreatDomains.com also requires some sort of financial verification
as well, Tinsley said. It can be in the form of a bank statement
showing that the bidder in fact has the money or it can be a letter
of credit from the bidder's bank.

       ``They have to show us the money. We're not going to take any
offers that aren't verified,'' he said.

That policy is designed to prevent exactly what happened to
Canadian computer consultant Peter DeJager and his partner Tenagra
Corp. of Houston. The partners auctioned their domain name,
year2000.com, on eBay, but the winning bid and the second-highest
bid both were fakes.

A bid verification policy such as the one GreatDomains.com has
would prevent that problem, Tinsley said.

EBay takes a much less active role in managing the transactions on
its site than does GreatDomains.com, said Kevin Pursglove, eBay
spokesman.

       ``We use the Internet to allow individuals to conduct their
own business,'' Pursglove said.

He said eBay offers bid verification service through outside
contractors at an extra charge, in much the same way eBay offers
escrow service.

Ryder said sellers who are unfamiliar with the ways of the Internet
set themselves up for just such a fall.

       ``Those who are uneducated in the market in which they're
playing are going to lay peril to those who victimize,'' Ryder
said.

Pursglove said the vast majority of eBay customers -- buyers and
sellers -- conduct their transactions with no problems.

       ``Well over 90 percent of the transactions that take place on
eBay satisfy the buyer and the seller,'' Pursglove said. ``Here's
an example where we had a problem and we had a customer who is not
satisfied. We hope to learn from it and if necessary we will have
new policies in place to deal with it.''

------------------------------------------------------------

5) Wiretapping Unwarranted?
------------------------------------------------------------

Declan McCullagh, Wired News

WASHINGTON -- US privacy groups have asked an appeals court to
overturn federal regulations that they say will let cops track Web
browsing and email without a warrant.

The civil liberties organizations say the US Circuit Court of
Appeals for the District of Columbia should unceremoniously trash
the privacy-invading rules drafted by the Federal Communications
Commission.

In a 35-page brief filed Thursday, the groups said that the FCC's
August 1999 response to a 1994 wiretap law goes too far, giving
police too much surveillance authority and the ability to track
mobile phone customers.

"They want to get as much information as they can, even though it's
not explicitly stated in the law," says Deborah Pierce, an attorney
for the Electronic Frontier Foundation.

The legal tussle involves a debate only a lawyer could love: how
easy it should be to spy on different types of communications, such
as the numbers dialed as part of a phone call rather than the
conversation itself.

The Justice Department, which is defending the lawsuit on behalf of
the FCC, says that packet communications, such as the Internet,
should be open for police eavesdropping.

The FCC's so-called interim standard would allow law enforcement to
receive packet communications only by convincing a judge that the
info "likely to be obtained is relevant to an ongoing criminal
investigation being conducted by that agency."

That's much too easy to do and doesn't adequately protect
Americans' privacy, the civil liberties groups argued in their
brief, also signed by the American Civil Liberties Union and the
Electronic Privacy Information Center.

Net-wiretapping should require cops to convince a judge that a
crime is taking place or is about to take place and a tap will
uncover incriminating information about that crime, the groups say.

"Law enforcement could obtain Internet transmissions without a
warrant simply by directing an [easier-to-acquire] order to the
telephone company carrying the packets rather than by seeking a
full warrant against the Internet service provider that receives
those packets," the brief says.

"The FBI is seeking surveillance capabilities that far exceed the
powers law enforcement has had in the past and is entitled to under
the law," said EPIC General Counsel David Sobel. "It is
disappointing that the FCC resolved this issue in favor of police
powers and against privacy."

The government's response is due in March and oral arguments are
scheduled for 17 May, EFF said.

The Center for Democracy and Technology and the Cellular
Telecommunications Industry Association filed a related lawsuit in
November 1999 that has been combined with this case.

------------------------------------------------------------

6) Can Amazon Save Industry from Shakeout?
------------------------------------------------------------

Chet Dembeck, E-Commerce Times Columnist

At the end of 1999, retail analyst Lehman Brothers Holdings
predicted that holiday season failures would force many online
merchants to fold or go up for sale at a rapid rate in 2000.

Despite a well-publicized tripling of e-commerce spending last
year, many online merchants have found themselves falling far short
of the shopping season revenues that they needed to keep their
virtual storefronts open.

Just this past Wednesday, software e-tailer Beyond.com accelerated
the shakeout by announcing that it is restructuring its business by
focusing its marketing efforts on businesses rather than consumers.

The company also announced that it is cutting its work force by
full 20 percent while it searches for a new CEO.

Another e-tailer that crashed this month is online superstore Value
America, which announced a major corporate reorganization as its
stock sunk to $5.75 (US$) per share from a high of $74.25 in April.

Stockholders Take Second Look

In fact, some industry observers contend that the lack of
enthusiasm that stockholders are showing for such high-profile
cyber-stars like eToys, the globe.com and iVillage represents yet
more evidence that the shakeout has really begun in earnest. These
companies' shares have fallen 75 percent or more from their 52-week
highs.

Consequently, some analysts predict that e-commerce startups can
expect a cool reception when they approach venture capitalists and
stockholders to finance them through 2000.

Should The Model Be Changed?

While it has certainly been easy to get caught up in the frenzy of
optimism surrounding last year's e-commerce holiday season, it is
about time for e-tailers to face some rather unpleasant facts.

A recent report by Jupiter Communications concludes that online
merchants that continue to base their sales strategies on price-
driven discounts, deals and free offers will soon find themselves
sinking deeper in the red.

Jupiter asserts that e-tailers must instead begin to focus on
guarantees, dependability, security and brand building.

All Eyes on Amazon

Even giant e-tailer Amazon.com is being affected by the ongoing
shakeout. For example, despite never showing a profit, Amazon's
stock has had a dozen rallies of 20 percent or more since mid-1997.
Yet, since December 10th, Amazon.com's shares have plummeted by 37
percent.

While Amazon's consistent answer to its critics is that the company
is re-investing in infrastructure expansion, it is not co-
incidental that the tension surrounding each of its quarterly
reports increases exponentially.

My belief is that the sooner Amazon.com shows that it is capable of
turning a profit, the more breathing room smaller dot-coms will
have. Moreover, by forging an alliance with a huge brick-and-mortar
retailer sooner rather than later, Amazon.com could also slow down
the accelerating shakeout.

------------------------------------------------------------

7) PORTABLE GENERATORS and Computers
------------------------------------------------------------

A large number of people have a Portable Generator (10,000
watts or less) to help offset power outages that are expected
during the winter.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

8) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 106: 01/24/00
------------------------------------------------------------

Web Con Men, Bug is Alive

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Steer Clear of Web Con Men
2) Storm Knocks Out Power to Thousands
3) PORTABLE GENERATORS and Computers
4) Bug is Alive and Well, Claim Y2K Gurus
5) Millennium Bug Bites One in 14 Businesses
6) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Steer Clear of Web Con Men
------------------------------------------------------------

Robert Winnett, MONEY

A RETURN of 300% to anyone brave enough to invest in "financial
instruments" is offered by Credit Bank International, which is
based in Melchizedek, the so-called Switzerland of the Pacific. The
scheme is administered by Roger Rosemont, official ambassador and
founder of the bank.
Or, if you want to make money out of something more down to earth,
you could sink cash into a Californian worm farm. Unfortunately,
you would not make as much profit - a mere 100% a year is on offer.

Hundreds of people invested more than $10m in these two schemes -
but few ever saw their money again.

The Securities and Exchange Commission (SEC), the American
regulator, says: "Credit Bank International is not a bank,
Melchizedek is not a country and Rosemont is no ambassador." The
worm scheme was similarly lacking in credibility.

But such dodgy schemes are not rare. The internet has caused a
dramatic explosion in fraud - and private investors are the prime
target. There are thought to be hundreds of con artists worldwide,
sending out millions of e-mails to unsuspecting people around the
globe.

The internet is described by some as a "galactic car-boot sale". It
is unregulated, and unscrupulous companies can register in
countries with relatively lax laws.

Although there are excellent bargains and opportunities to be found
online, some may well turn out to be scams or frauds. The principle
of "buyer beware" has never been more important.

Common tactics include encouraging investments in firms or products
that do not exist. A wide array of fictitious technology firms are
attracting investors who are eager to cash in on the big gains in
real high-tech shares. Most offer "guaranteed" or fixed rates of
return. But many of the firms are not listed on recognised stock
markets and are actually dodgy. They promise big returns to
investors in a short space of time.

The first few investors actually receive the bumper returns - and
then boast about the scheme via internet bulletin boards and e-
mails. Other investors then pile in - but never see their money
again.

The Financial Services Authority (FSA), the City regulator,
recently set up an internet-monitoring unit. It investigates about
100 potential internet scams a year - and the number is thought to
be rising sharply.

At the moment it is particularly concerned about copycat internet
sites. Fraudsters set up sites with similar addresses to well-known
banks, building societies or insurers. For example, a site could be
called www.barclay.co.uk rather than the correct www.barclays.co.uk

Investors may unwittingly log on to the site and hand over money or
personal details.

If in doubt, look up the firm's number in the phone book and call
to double-check the site address. Do not rely on any phone number
given on the site because it could be false.

But the protection the regulators can offer is limited. An FSA
spokeswoman says: "If something looks too good to be true, then it
probably is."

You will usually be compensated only if the scheme is legal and
authorised. You can check with the FSA (0845 6061234 or
www.fsa.gov.uk) whether a firm is regulated in this country or
elsewhere in the European Union. If an authorised firm goes bust
you stand a good chance of seeing at least some of your money
again.

However, if you buy shares or investments from a firm based in
another country, you need to bear in mind the difficulty and
expense of pursuing complaints, particularly if the firm is
unregulated. Also do not assume that just because a website has a
".co.uk" address, it is based in this country. Again, you should
check its authenticity with the FSA.

Another popular scam is the so-called "pump-and-dump" scheme.
Fraudsters send out e-mails, or spread information via bulletin
boards, about little-known shares, claiming to reveal inside
information. The aim is to encourage people to buy the stocks, many
of which are held by the fraudsters.

When the conmen have sold their shares - at an inflated price -
they walk away. The stocks then fall to their real value - and the
investor is left with a worthless shareholding.

For example, shares in PSA Inc, an American firm, soared from 50
cents (30p) to more than $5 (+3.25) after 15 people claimed insider
knowledge. But two of the people were convicted fraudsters who made
more than $1m in a fortnight from the scam.

Pyramid schemes are also beginning to appear on the internet, even
though they are illegal. E-mails are sent out promising investors a
return of thousands of pounds in a matter of weeks. But no matter
how the schemes are dressed up, you make money solely by recruiting
new participants.

Top scams and how to avoid them

Pyramid schemes: you are asked to invest money in a non-existent
firm and will be promised a guaranteed and unusually high return.
Any investment scheme in this country must be authorised by the
Financial Services Authority (FSA), the City regulator.
You can check if the firm is registered with the FSA by calling
0845 6061234. If the firm is not registered, do not send any money.

Pump-and-dump shares: Supposed inside information is spread about
small-company shares either over web bulletin boards or via e-mail.
Before acting on share tips, thoroughly research the company at
reputable sites such as www.hemscott.net and www.bloomberg.com. If
the company does not look like a good investment, aside from the
tip, do not buy.

Copycat websites: fraudsters set up websites with similar addresses
to well-known banks, building societies or insurers. Do not give
any personal information or credit-card details without checking,
by telephone, that you have the right site address.

------------------------------------------------------------

2) Storm Knocks Out Power to Thousands
------------------------------------------------------------

By JAMES PILCHER

ATLANTA (Jan. 23) - Rain and freezing temperatures spread a coat of
ice across parts of Georgia on Sunday, knocking out electrical
service to more than a half-million customers.

Many of those households and businesses could be without power
until at least Tuesday as crews struggle over slippery roads to
reach downed lines and ice-coated tree limbs continue to snap,
pulling down more.

``This is the worst storm since Hurricane Opal came through in
1996, and it took six days to get power fully restored for that
one,'' said Georgia Power spokeswoman Becky Blaylock. ``If it keeps
raining and it freezes again ... we could be looking at more people
without power. We're in for a long haul.''

Snow and freezing rain also fell in parts of the southern
Appalachians, and locally heavy rain fell across coastal areas of
Georgia and the Carolinas as the storm pushed eastward and out to
sea.

The rain had been forecast to end late Saturday in Georgia but was
still falling Sunday afternoon. Temperatures in the Atlanta area
didn't warm above freezing until the middle of the day.

Ice accumulated a half-inch thick on trees in parts of northern
Georgia, and the weight of the ice on power lines pulled down
utility poles.

More than 340,000 home and business customers of Georgia Power lost
service statewide, 290,000 of them in the metropolitan Atlanta
area, Ms. Blaylock said. At least 175,000 customers of electric
membership corporations also were blacked out.

Hundreds of utility repair crews were put to work.

``It's just the sheer volume and massive nature of the problem that
makes us go from one spot to the next to the next. We fix one, and
another tree breaks, and causes another outage,'' said Pat Kerley
of the Jackson Electric Membership Corp.

Fallen branches and power lines closed about 20 roads in northern
Georgia, State Department of Transportation spokeswoman Vicki
Gavalas said.

``If my neighborhood is any indication, they're snapping like
matchsticks,'' she said.

Atlanta Hartsfield International Airport remained open, but many
flights were delayed or canceled as crews tried to de-ice the
planes.

Late Saturday, a U.S. Airways jet that had landed at North
Carolina's Charlotte-Douglas International Airport slid onto a
grassy area as it turned onto a taxiway. No injuries were reported.

In central Tennessee, where 3.5 inches of snow fell Saturday, a de-
icing truck nicked the wing of a Northwest Airlines DC-9 at
Nashville International Airport. No one was injured, said Northwest
spokeswoman Mary Beth Schubert.

Parts of South Carolina got up to 6 inches of snow late Saturday,
and traffic on parts of Interstate 85 came to a standstill in
several spots because of slippery pavement and accidents.

------------------------------------------------------------

3) PORTABLE GENERATORS and Computers
------------------------------------------------------------

A large number of people have a Portable Generator (10,000
watts or less) to help offset power outages that are expected
during the winter.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

4) Bug is Alive and Well, Claim Y2K Gurus
------------------------------------------------------------

Gwynneth Flower, MD, Action 2000

Key experts claim that many firms could still suffer death by a
thousand cuts from the millennium bug even though there has been
little sign of disruption in UK businesses so far this year.

In Silicon's first Behind the Headlines programme of the New Year,
Gwynneth Flower, managing director of Action 2000, and Karl
Fielder, Y2K guru and CEO of software outfit GMT, both claimed it's
too early for industry to breath a collective sigh of relief.

Gwynneth Flower, managing director of Action 2000, said: "We always
said it was wrong to focus on the 31st of December. The bug
problems struck businesses before the 31st and is doing so
continuously now and will continue for quite some little time to
come."

Fielder added: "We are still waiting to see what the effect will
be. There are problems out there."

While one survey claimed there had been only 67 major instances of
the bug striking across the world, Flower preferred to focus on the
more minor - but potentially equally significant - incidents, and
added that the UK was right to spend as much money as it did
preparing for the new millennium. "If the UK hadn't prepared
[properly], there would've been chaos," she said.

------------------------------------------------------------

5) Millennium Bug Bites One in 14 Businesses
------------------------------------------------------------

Source: The Independent - London

ONE IN 14 British businesses - 7 per cent - were hit by the
millennium computer bug, the first official Government survey of
the problem showed yesterday.
A further 2 per cent suffered from higher wage costs and a slump in
demand. But one leading expert said it was too early to say the
millennium had had little effect on corporate activity

A survey of 1,114 companies carried out by the Office for National
Statistics in the week to 10 January found that 74 firms were
affected by problems relating to the millennium date change. The
main casualties were 33 businesses that suffered from computer
problems, with 15 having to pay their staff more over the holiday
period and 22 citing low customer demand.

The largest negative effect was in the retail trade. Although only
eight out of 122 business were affected, the victims made up more
than a quarter of total sector turnover. A further 20 per cent of
the hotel and restaurant trade reported problems.

That figure is likely to be have been boosted by a computer problem
that hit 14,000 credit-card machines, supplied to shops by the
banking giant HSBC. The machines read January 2000 as January 1900
and refused to process transactions.

The survey also showed that companies with more than 10 employees
suffered more problems than smaller firms. Robin Guenier, head of
executive director of Taskforce 2000, the independent bug watchdog,
said the results were in line with his predictions.

But he added: "The first real test will be when people come to
their end of month results and they look back over items such as
payrolls and taxation which will cover two centuries at the same
time.

The ONS plans to repeat the survey every week until the end of
February. "Care must be taken in reaching conclusions from such a
small survey," it warned. The fact that Y2K computer problems
failed to materialise is seen as a factor behind Thursday's
decision to raise interest rates. Analysts said that fear of
spreading panic ahead of the new year was the only reason why the
Bank of England did not move in December.

------------------------------------------------------------

6) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 107: 01/25/00
------------------------------------------------------------

Hackers Blast Japan, AOL Security Hole

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Hackers Blast Japan Over Nanking Massacre
2) AOL Security Hole!
3) Hackers Impersonate AOL Users
4) New Information Movie Highway?
5) Instant Messaging Grows Up
6) PORTABLE GENERATORS and Computers
7) Y2K After Rollover Repair Kit

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Hackers Blast Japan Over Nanking Massacre
------------------------------------------------------------

Hackers have raided two Japanese government web sites, leaving a
message on one of them attacking Japan over the 1937 Nanking
massacre.
The homepage of Japan's Management and Coordination Agency was
replaced with derogatory messages about the Japanese in what is
thought to be the first hacking of the country's government
computer system.

According to the Jiji news agency, hackers left a message on the
web site in Chinese, saying: "The Chinese people must speak up to
protest the Japanese government for refusing to acknowledge the
historical misdeed of the 1937 Nanking Massacre."

Hundreds of thousands of people were massacred at Nanking

Hundreds of thousand of civilians were massacred by Japanese troops
during the 1937-38 occupation of the central Chinese city.
Last week, a group of ultra-rightwing Japanese held a conference in
Osaka to deny the massacre, also called the Rape of Nanking.

The Chinese government lodged protests about the gathering. But the
Japanese government, which acknowledges that the incident was no
fabrication, failed to ban the meeting.

Hackers also hit the web site of Japan's Science and Technology
Agency, forcing it to suspend access to the site.

E-mail bomb

After breaking into the web site, the hackers posted a derogatory
message and a trick to gain access to the web site of an overseas
adult magazine.

The message was signed off with the words "Brazil p00 hackerz".

The agency was the target of an "e-mail bomb" last month when it
received several hundred identical e-mails.

Government spokesman Mikio Aoki said the government would launch an
extensive investigation into the hacking incidents and would
possibly seek help from the US which was more advanced in dealing
with hackers.

The government had yet to ascertain whether the two incidents were
related.

------------------------------------------------------------

2) AOL Security Hole!
------------------------------------------------------------

David Cassel, Salon

Pranksters have discovered a security hole that lets them
take control of America Online Instant Messenger accounts whose
owners don't also have separate AOL accounts.

In a demonstration performed for Salon Technology, someone
describing himself as a teenage hacker changed the password on our
account in less than three minutes.

The AIM software -- which allows real-time screen-to-screen
communication -- is used by more than 40 million people, including
millions who are not also fee-paying members of AOL's service.

The security hole is simple: AOL's online service can be used to
change the passwords on AIM accounts. So pranksters open new AOL
accounts using the name of the AIM user they're targeting.

AOL does ask for the AIM password -- but there are ways around this
check. More experienced mischief-makers know how to issue keyboard
commands to open a password-changing screen before the password
check; less-experienced ones know that after the correct series of
responses, the AOL account will still be created, but they won't be
able to log onto it -- a problem that can be remedied with a call
to AOL, which will enable access if the caller supplies the correct
credit card information used to create the account.

The stolen AIM identity allows strangers to masquerade as others
and even invade their personal lives: "Some hackers pretend they
are the victim, and carry on conversations with the person's
friends," says the self-described hacker who demonstrated the
technique. He tells of one prankster who used the account of a
teenage girl to trade messages with her mother -- and pilfer a
credit-card number: "The hacker asked the mom for a credit card
number she could use to buy a CD online."

The loophole echoes a long history of security problems on AOL.
AOL's chat rooms have been awash in password-stealing since at
least 1994, when a software called AOHell automated the process,
allowing users to troll dozens of names at a time. In 1995, AOL
account-breakers discovered a way to bypass the service's password
protection. (The San Francisco Chronicle reported that even Steve
Case's account was compromised.) Through 1997 and 1998, they
accessed high-level screen accounts for more than 30 AOL content
areas.

What's remarkable is this latest incident appears to build on the
accumulated knowledge of AOL's system. Our source cited a summary
of the 1995 breaches that began circulating in 1997.

"I am a student of AOL history," he joked. "I read all about the
old hacks and used them as a basis for finding new ones."

He estimated that since early November, the secret has been passed
to dozens if not hundreds of people, with the knowledge spreading
more widely most recently. ("About three people knew how to do it
up until the first week of January.") He says he's now publicizing
the hole in hopes of prompting an unresponsive AOL to close it.

AOL didn't return our request for a comment -- but the company's
ongoing war with pranksters and malicious hackers has certainly
left it aware of the dangers. The installation process for the AIM
client reminds users that "privacy is very important on the
Internet" -- and says, "Never reveal your password!"

------------------------------------------------------------

3) Hackers Impersonate AOL Users
------------------------------------------------------------

Lisa Napoli, MSNBC

Teenage hackers are pretending to be AOL users, then coercing
friends into divulging personal information.

Since November, a group of teenagers say they have been stealing
AOL Instant Messenger screen names and masquerading as their
rightful owners. The hackers sometimes act as imposters and pilfer
credit card numbers and other personal data from friends and family
of the exploited online users. The hackers demonstrated their
method to MSNBC on Monday.

According to a letter the hackers sent on Sunday to members of the
technology press, they use the names "just for the pure joy of
trying to ruin friendships by insulting friends who have no idea
they are talking to a hacker and not the victim."

The hackers say they have contacted the media because AOL (NYSE:
AOL ) had not responded to their notification to them of the
security hole.

An AOL spokesman, Rich D'Amato, said on Monday afternoon, "We are
aware of the situation and are deploying security measures to
defeat it. When hacker behavior crosses the line into illegal
action, we'll certainly bring it to the attention of authorities."

D'Amato would not specify how many people had been affected or
pinpoint the time line, saying those details could affect the
investigation.

"AOL is so easy to abuse it's pathetic," said TangentX, who says he
is 17 years old and, along with two others, found the security hole
this fall. They discussed it, he said, in special private chat
rooms on AOL for hackers and use of the so-called "exploit" spread.
He estimates that 400 names have been stolen to date.

AOL press materials say that 45 million people have created AOL
Instant Messenger screen names as of last August. The popular
software allows online users to chat privately, almost in real
time, with others who have the software. AOL also owns ICQ, another
popular instant messaging program, which claims 50 million
registered users.

TangentX says he and others have found several ways to make an
instant message screen name into an AOL account without the
password. One involves resetting a password for a screen name
through a security hole. The other involves taking a screen name,
creating an AOL account for it and then changing the password.

When he was given a screen name on Monday afternoon by MSNBC,
TangentX was able to access the account and send an instant message
from the name in a matter of minutes.

------------------------------------------------------------

4) New Information Movie Highway?
------------------------------------------------------------

AMY WALLACE, Times

PARK CITY, Utah-When the history of the Sundance Film Festival is
written, 2000 will be the year of the dot-com invasion.

At ShowBizData.com and Entertaindom's Interactive Lounge on Main
Street, which is the asphalt spine of the festival, an online pitch
contest is videotaping filmmakers' movie ideas and putting them up
on the Web for sale to the highest bidder.

A few doors down, at ReelPlay.com's rented storefront, the promise
of free coffee, free e-mail and a free Web site to promote your
film (made to order, while you wait) is luring filmmakers in from
the cold.

And across the street, at Dolly's Bookstore, there's IFILM.com, one
of a few new online film distributors. Drop off a copy of your film
and they promise to launch it on their Web site right away.

Maybe this is the inevitable legacy of the Blair Witch. A year
after the low-budget horror flick (and Sundance entrant) "The Blair
Witch Project" used the Internet to fuel a $140-million box-office
bonanza, the festival that discovered it has been overrun by
Internet service providers, online film distributors and the people
who write for movie-related Web sites.

In a business where buzz can be as meaningful as reality, the mere
arrival of the dot-com community at Sundance is significant, people
here say, though few can pinpoint exactly why. Particularly in the
wake of the merger of America Online and Time Warner everyone here
knows something is happening--they just don't know what it is.

"It's sort of like the Beatles coming to America," David
Dinerstein, co-president of Paramount Classics, shouted over the
din at the packed IFILM.com party, a hip multimedia bash that was
one of the hottest tickets here.

"Everyone wants to be a part of it. They just don't know what the
new sound is, exactly."

For the many Hollywood executives who are stomping around this tiny
resort town this week in search of new talent and new product, the
influx of companies with names both familiar (Yahoo, EBay and
Excite) and not (ReelUniverse.com and GoodStory.com) hasn't changed
life much--at least not yet. People here like to see movies in
theaters with live audiences, not on computer screens in private.
That, after all, is what film festivals are all about.

"We're intrigued by the possibilities of alternate systems of
distribution, and nobody wants to miss the boat," said Geoffrey
Gilmore, co-director of the Sundance Film Festival, when asked
about the avalanche of Internet-related businesses in town this
year. "They're definitely part of the party. But I'm cynical about
the hype."

High-Tech Companies Build Name Recognition

But it's not the present that has everyone excited, it's the
potential for the future. The Web folks here call it convergence.
Others call it opportunism. Either way, there's no denying that the
intersection of high technology and cinema, already evident in the
explosion of digital filmmaking, has come to the indie festival
circuit.

Some tech companies are clearly here to build brand recognition.
Palm Computing, for example, which makes the hand-held Rolodexes
and schedulers upon which many in the entertainment industry rely,
is here offering to download the entire Sundance film guide into
people's Palm Pilots. Sun Microsystems, meanwhile, whose computer
hardware and software helps power the Internet, is here too, though
its relationship to the movie industry is vague at best.

But as digital filmmaking enters the mainstream, with established
directors like Spike Lee and Mike Figgis making movies for major
studios without ever touching a piece of celluloid, Sun
Microsystems looks a little less out of place here. As the
possibilities for delivering creative content on the Web expand,
the movie industry--and Sundance itself--appears poised on
the brink of change.

"We're showing 17 digital films in six venues here, and that's
never been done before," said Gilmore, who acknowledged that the
festival is evolving with the new technology. "That's a step.
What's it a step to? I don't know. We'll see."

"Hollywood has really woken up to the fact that the Internet exists
and can be used as a tool," said Oliver Eberle, president and CEO
of ShowBizData.com. A former movie producer ("Universal Soldier"),
Eberle says he created his site--a comprehensive database that
tracks film development and production activity and offers daily
box-office reports, market share analyses and entertainment
headlines--to "really level the playing field for access to high-
end Hollywood information."

ReelPlay.com, meanwhile, is pitching itself as a virtual sales
agent for films that lack distribution.

"Let's say you're a buyer in Greece," said Mark Litwak, chairman of
ReelPlay.com. "When you go to a film market, you have to walk up
and down, looking at what's available. Now, you can sit there
before your trip, search by what genre you want to buy, look at the
poster and download the trailer."

The idea is intriguing, though acquisitions executives here say it
doesn't yet make sense for them. Ask the guys who distributed the
movie everyone credits with giving the Internet credibility in
Hollywood if they're visiting any of the Web-related venues here,
for example, and they shake their heads.

"What for?" asked Amir Malin, co-president of Artisan
Entertainment, which released "Blair Witch." Stopping for a quick
coffee after a screening of director Miguel Arteta's new film,
"Chuck and Buck" (which Artisan later bought), Malin said that
while the Internet is a great marketing and information-gathering
tool, it still can't replace the experience of seeing a film in a
theater--neither for acquisitions people nor for regular
moviegoers.

"For us," Malin sniffed before heading out to another screening,
"this is not an Internet conference."

Nevertheless, a growing number of Web sites are seeking to bypass
the traditional film distribution system altogether.

"Filmmakers, do you want direct access to audiences worldwide?" ask
neon yellow flyers (advertising something called FusionXtv.com)
that are stapled to seemingly every telephone pole in town. It is a
question that most filmmakers would answer in the affirmative,
provided, of course, that the audience is really out there.

As broadband technology improves, sites like IFILM.com, an online
distribution and information network for filmmakers and industry
professionals, are banking on the fact that the audience really
exists. And increasingly, they appear to have the corporate and
financial muscle to at least put that belief to the test.

"Just like TV represented a big change in the relationship between
film and the consumer, the Internet will create a completely
different relationship," predicted Skip Paul, co-chairman and CEO
of IFILM.com, which today announced it has secured $35 million in
additional financing. While Paul acknowledged that established
filmmakers may not yet be flocking to his site, "to the 19-year-old
[filmmaker] from Shreveport who hasn't made it yet, the existence
of IFILM makes all the difference in the world."

Web's Not the Only Place Getting Crowded

For Sundance, meanwhile, the Internet influx has only made things
more chaotic. Locals insist that traffic is worse this year than
ever before (no one likes getting stuck, for example, behind the
Shorts Bus, a huge, VCR-equipped mobile home that is rolling around
town promoting an online marketer and distributor of short films,
AtomFilms.com).

And the dot-com media is here in droves. Sundance officials
credentialed 85 Web journalists this year, up from 45 in 1999. The
result: Publicists who book interview time with the creators and
stars of films are besieged.

"Three out of four calls we're getting are from dot-com companies
that want time with talent. There aren't enough hours in the day,"
said Laura Kim, vice president of Los Angeles' MPRM Public
Relations, who in desperation created a new form of press event to
meet the demand: a "dot-com mingle," a Web-friendly reception that
allows filmmakers to schmooze with more journalists at once than is
possible in traditional round-table interviews.

"Half of these outfits aren't even launched yet," Kim observed as
she flipped through a list of sites you haven't heard of yet, like
the soon-to-be-created MovieIndustry.com. "But their reach [will
be] greater than most of the credentialed press, so we can't ignore
them."

------------------------------------------------------------

5) Instant Messaging Grows Up
------------------------------------------------------------

Katie Dean

When people think of instant messaging, most conjure up the image
of teenagers gossiping, flirting, and wasting time.

They don't think of it as a killer app that's reshaping
communications.

Millions of adults are now flocking to IM. They use it for business
negotiations, real-time reminders, medical emergencies, or any time
email isn't fast enough. And the new craze will only keep
spreading, as IM becomes available 24/7 on pagers, televisions, and
handhelds .

IM has been a boon for hearing impaired students at Gallaudet
University . Michael Kaika, director of media relations at the
school, estimates that 70 percent of the students and faculty use
it on a regular basis.

Kaika, who himself is deaf, calls it a "godsend."

"In my line of work, using IM is the best thing since sliced
bread," Kaika said in an interview conducted via IM. "Years ago, I
had to rely on an interpreter to chat with media people. But now,
rarely do I need to do that."

Students often use instant messaging instead of teletype machines
(TTYs) connected to telephones to communicate with friends and
relatives. "I am comfortable in saying that deaf people now rely on
IM more than [on] TTYs," wrote Kaika.

IBM started using instant messaging in a big way internally a few
years ago, and last year released its own product for business
users. Lotus SameTime encrypts instant communications and works
behind a firewall.

"It's gone from an experiment to a mission-critical operation,"
said John Patrick, vice president of Internet technology at IBM .
"It's become a way of life -- a way of doing business."

Patrick said that IBM employees send over 1 million instant
messages a day to each other. Instant messaging has significantly
reduced the amount of email. Instead of quick inquiries cluttering
in-boxes, co-workers can communicate while a question is still
fresh. They don't have to cross their fingers and wonder if or when
the person on the other end will answer.

It's also created what Patrick calls a "backchannel."

IM has also become a critical negotiating tool. Attorneys use it to
pass one another private messages at the bargaining table. And
during phone interviews, employees can remind one another to
discuss a certain topic.

IBM has begun testing a real-time language translation feature for
SameTime. For example, when an English speaker types a message to a
French speaker, the message appears in French, and vice-versa.

Eventually, it will all combine to create a "real-time multilingual
intercom," Patrick said.

Instant messaging is also being used by doctors and their patients
in clinical trials.

------------------------------------------------------------

6) PORTABLE GENERATORS and Computers
------------------------------------------------------------

A large number of people have a Portable Generator (10,000
watts or less) to help offset power outages that are expected
during the winter.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

7) Y2K After Rollover Repair Kit
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 108: 01/27/00
------------------------------------------------------------

New Hack Threat, Virus Update

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) Student Charged With Hacking
2) New Hack Threat Greater Than Imagined
3) Hackers Attack Japan Again
4) Linux Security Hole
5) PORTABLE GENERATORS and Computers
6) Update on Computer Viruses
7) Department of Defense Looks to Feb. 29
8) Y2K Post Rollover Repairs

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) Student Charged With Hacking
------------------------------------------------------------

HOWARD MINTZ, Mercury News

A federal grand jury in San Jose on Wednesday indicted a former
Princeton University student suspected of hacking into the computer
system of a Palo Alto e-commerce company and stealing nearly 2,000
credit card numbers.

In the government's latest attempt to hunt down a computer hacker,
federal prosecutors brought charges against Peter Iliev Pentchev, a
22-year-old native of Bulgaria who is believed to have fled the
United States after school officials confronted him about his
computer activities.

According to the U.S. Attorney's office in San Jose, Pentchev left
the country in late 1998, shortly after the alleged hacking
incident occurred. Law enforcement officials believe Pentchev went
to Bulgaria and were unclear Wednesday what diplomatic obstacles
there may be to returning him to this country to face charges.

The four-count indictment charges Pentchev with violating federal
computer laws by hacking into an undisclosed Palo Alto company
between Nov. 20 and Dec. 19, 1998, stealing at least 1,800 credit
card numbers, as well as user names and passwords of that company's
customers. The indictment does not specify the company, and federal
officials declined to name it.

But Assistant U.S. Attorney Mavis Lee, who is prosecuting the case,
said the hacking incident shut down one of the company's Web
servers for five days and caused enough chaos in its database that
it cost the firm more than $100,000 to restore its security system.

Authorities have no that Pentchev used the credit card numbers to
commit fraud.

Federal law-enforcement officials do not believe there is a link
between Pentchev and a computer intruder who earlier this month
attempted to extort $100,000 from Internet music retailer CD
Universe, claiming to have stolen as many as 300,000 credit card
numbers. The alleged extortionist was suspected of operating
somewhere in Eastern Europe.

That hacker began posting more than 25,000 allegedly stolen card
numbers on a web site Christmas Day. The site eventually was shut
down, and thousands of customers who had shopped at CD Universe
canceled their cards.

In the Bay Area case, investigators said they were able to trace
the computer intrusion to Pentchev because he left evidence in log
files in the company's computer system. ``He wasn't careful about
mopping up after himself,'' Lee said.

Princeton University officials confronted Pentchev about the
allegations in December 1998, and he disappeared shortly
thereafter. If convicted, Pentchev faces a maximum penalty of 17
years in prison.

------------------------------------------------------------

2) New Hack Threat Greater Than Imagined
------------------------------------------------------------

Reuters

It was news a month ago; days later it vanished. The mainstream
press may have forgotten it, but security specialists gathered in
California last week for the sixth RSA Conference to consider the
growing trend in malicious computer assaults called distributed
denial of service (DDoS) attacks.

Using tools called trin00 and tribe flood network (TFN), intruders
can commandeer hundreds, possibly thousands, of separate,
unsuspecting clients to launch a flood which can bring a network
down in a torrent of packets all appearing to come from different
sources, making it impossible to identify the origin.

Dealing with this sort of assault can be maddening for the primary
victim. The clients from which the attack is launched are
themselves intermediate victims who rarely know that their systems
have been compromised. They are in diverse locations around the
world, administered by people who speak different languages, making
it nearly impossible for one victim to explain to another how to
cope with the threat.

Security experts are not optimistic. The tools do not require an
intruder to gain root access to a system, but can be uploaded via a
number of simpler exploits, many of which can be scripted to run
automatically, and even multi-threaded to run very, very fast.
Finding weak systems to use as clients for a distributed attack is
neither difficult nor prohibitively time consuming.

More ominously, DSL and cable modems, which remain connected around
the clock, make it possible to launch attacks through the growing
number of private Linux boxes now online.

"We've already seen these attacks coming through Linux boxes," ISCA
Director of Research Services David Kennedy told The Register. "And
there's no reason why it can't be ported to the Win-32 [operating
system]," he added.

To further complicate matters, merely killing the process during a
distributed flood attack is not adequate to end it. So long as the
hundreds of clients remain infected, an attack can be resumed,
Kennedy says. We note that communicating with the owners and
administrators of hundreds of compromised clients, and gaining
their cooperation, would be virtually impossible. The victim is,
for all practical purposes, at the mercy of the attacker.

The FBI's National Infrastructure Protection Center (NIPC) has
developed an application to detect the malicious tools, though the
first indication that they've been installed will usually be a
phone call from a frantic sysadmin trying desperately to block the
onslaught of packet traffic. We say 'phone call' because a
distributed attack capitalises on so much bandwidth from so many
sources that it literally overwhelms entire networks. Under those
circumstances, e-mail is hardly going to work.

An ISP can turn off the attack, provided its administrators are
well enough acquainted with the problem; but there again, nothing
can stop an attacker from firing up his hundreds of compromised
clients hours or days later if he chooses.

It gets worse; most of the more obvious defences are problematic.
For example, a firewall configured to catch a distributed flood
attack would also interrupt such utility functions as ping and
traceroute, which are commonly used by administrators and power
users, Kennedy noted.

The tools are in constant development within the hacker
underground; new and better versions are released regularly. Most
worrying is a shift to scripted attacks which allow unsophisticated
users, such as bored teenagers, half-assed hacker wannabes and
clueless script kiddies to launch them.

The tools are getting more powerful, slicker and easier to use.
Defences are not. Defences require the infected clients, not the
end victims, to take action. Human nature being what it is, we
reckon the end victims are pretty well on their own.

The NIPC offers an unsettling insight: "Possible motives for this
malicious activity include....preparation for widespread denial of
service attacks."

We wonder what "widespread" means here. If one malicious hacker can
exploit hundreds of clients worldwide and retain them for repeated
abuse, what might a hundred accomplish?

And what effect might that have? Could enough bandwidth be gobbled
up to crash large portions of the Net? Could ISPs be overwhelmed
for hours, even days? Could infrastructure be at risk? The NIPC
refuses to say, but our imaginations are very much stimulated by
the possibilities. And we reckon yours ought to be as well.

------------------------------------------------------------

3) Hackers Attack Japan Again
------------------------------------------------------------

BBC News

The latest hacker raids follow two attacks on another government
website - the Management and Coordination Agency - that prompted
officials to shut down the site.

On both occasions, the hackers inserted a message in Chinese
protesting about a seminar held in Osaka on Sunday at which a
Japanese group denied that the Nanking massacre ever took place.

The Chinese Government had lodged protests about the gathering, but
the Japanese Government did not ban it.

The hackers' message said: "The Chinese people must speak up to
protest the Japanese government for refusing to acknowledge the
historical misdeed of the 1937 Nanking Massacre".

The message was signed off: "Brazil p00 hackerz".

Hundreds of thousands of civilians were massacred by Japanese
troops during the 1937-38 occupation of the central Chinese city.

Computer security

On Wednesday, the Japanese government ordered Internet experts to
find a way of stopping hackers getting into the sites.

There have been at least six hacker attacks on government websites
this week.

It is thought to be the first time a government's computer system
has been hacked into.

Last week officials decided to bring Japan up to US computer
security standards by 2003.

Japan is widely seen as lagging behind the West in efforts to block
cyber-crimes.

------------------------------------------------------------

4) Linux Security Hole
------------------------------------------------------------

Stephen Shankland, CNET News.com

Corel is working to patch a bug with its version of Linux that
could let unauthorized users gain access to machines running Corel
Linux.

A program called Corel Update has a problem that lets ordinary
users take actions ordinarily only reserved for system
administrators.

Fixing the vulnerability is a "top priority for Corel," the company
said, and a fix will be posted on the company's Web site. The
problem was identified by Cesar Tascon Alvarez.

Corel is trying to take on Microsoft with its version of Linux,
aiming for ordinary desktop users. Corel hopes those users will
also will be interested in purchasing WordPerfect and the rest of
Corel's office software suite. The company has a healthy start on
the market, earning $3.2 million in sales in 1999, according to
International Data Corp..

Corel Linux began shipping in November.

Corel also has begun beta testing of its CorelDraw graphics
software for Linux.

Corel planned to release CorelDraw in early 2000, chief executive
Michael Cowpland has said. However, spreadsheet and database
software was scheduled to ship in 1999.

------------------------------------------------------------

5) PORTABLE GENERATORS and Computers
------------------------------------------------------------

A large number of people have a Portable Generator (10,000
watts or less) to help offset power outages that are expected
during the winter.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

6) Update on Computer Viruses
------------------------------------------------------------

Damian Carrington, BBC News Online

An analysis of the most common computer viruses of 1999 shows that
although the threat of new self-propagating viruses is growing,
older viruses are still very common.

1999 top ten (% of reports)

  1. Laroux (XM) 16.7%
  2. Ethan (WM97) 10.4%
  3. Marker (WM97) 9.6%
  4. Class (WM97) 8.2%
  5. Ska-Happy99 (WM32) 7.8%
  6. Footer (WM97) 7.0%
  7. Melissa (WM97) 5.7%
  8. 'Chernobyl' (W95) 5.4%
  9. Form 2.5%
  10. ExploreZip(W32) 1.7%

One boot sector virus, Form, is nearly a decade old but still
appears in the top ten. The table was compiled by anti-virus
software firm Sophos, based on thousands of calls for help to the
company.

The three self-propagating viruses were Melissa, ExploreZip and
Ska-Happy99 which forward themselves by hijacking a computer's
email program. This means that instead of taking months to spread
into the wild, these viruses have the potential to attack globally
within days.

However, Graham Cluley, senior technology consultant for Sophos,
believes that old viruses still pose a major threat: "Some viruses
become so common, they will never become extinct - they will always
lurk on a floppy disk in someone's drawer.

"Also, people may be aware of the latest scare but not the
background threat. It's difficult to get people excited about old
threats."

Spreading out

The most reported virus in 1999 was a macro virus called Laroux and
was first detected in early 1996. Unusually for a widespread macro
virus, Laroux infects Excel spreadsheets rather than a Word
document.

"It may be that people are getting quite cautious about opening
documents, as they may have been hit by that before, but are not so
used to the threat of spreadsheets," says Mr Cluley.

According to Mr Cluley, the key to long-lived viruses is being
virtually invisible. "Viruses which jump up and down with very
destructive payloads draw attention to themselves and effectively
kill themselves off, like lemmings.

"Form does nothing, it just spreads, although it still causes
damage by using up system resources."

Silent but deadly

Whilst having your hard disk wiped by a virus may seem the computer
equivalent of Armageddon, many companies and individuals keep back-
up copies of information. Some of the most damaging viruses are not
destructive at all, says Mr Cluley.

"Some, like Melissa, can forward documents to e-mail addresses
stored on your computer - highly confidential information has
leaked from companies in this way," he says.

And "data diddler" viruses exist which make subtle changes to data
in a spread sheet. "If those are your company results, it could be
very embarrassing," he adds.

The year 2000 will see hoax viruses - email warnings of non-
existent viruses - continue to cause enormous problems believes Mr
Cluley. "In a way they are far more damaging than real viruses as
they set off e-mail hurricanes and you can't disinfect a hoax.

"We had far more people seeking information on a hoax about a game
involving Santa and his elves than any real virus."

Finally, Mr Cluley and other anti-virus experts are awaiting the
sentencing in February of David L Smith, who pleaded guilty to
distributing the Melissa macro virus and admitted causing more than
$80m damage to North American companies.

"We are rather hoping that, depending on what the sentence is, it
may send out a message to virus authors that this isn't cool and
the authorities are prepared to pursue you."

------------------------------------------------------------

7) Department of Defense Looks to Feb. 29
------------------------------------------------------------

Paul Stone, SpaceDaily

Washington -After more than a year of intense preparation -- as
well as media hype and occasional hysterics -- for a millennium bug
that, in the end, barely took a nibble out of key information
systems throughout the world, it might be hard to do little more
than yawn as the next Y2K deadline draws near.

But DoD -- just like it did during the Year 2000 rollover -- is
leaving nothing to chance for the leap year transition period at
the end of February.

Bill Curtis, principal director for DoD's Y2K repair effort during
the past two years, said the Pentagon's Y2K cell will be fully
operational from the end of February through the first few days of
March to monitor and fix any glitches that may occur during the
period.

The Y2K leap year problem results from the fact software developers
long ago failed to add the extra day into their programs. Normally,
"century years" -- 1800, 1900 -- are not leap years. However, when
a century is divisible by 400, as well as by 100 -- such as is the
case with the year 2000 -- it is a leap year. Therefore, unless
systems have been repaired, it's likely they will not recognize the
leap year.

Curtis said Y2K tests conducted during the past 18 months uncovered
almost as many glitches caused by the leap year problem as they did
from the Year 2000 rollover. But he remains confident that the end
of February will just as much a non-event for DoD as Jan. 1.

"I don't believe we're going to see a lot happen over the leap
year," Curtis said. "We had things show up during our [Y2K] testing
that focused people on the issue. I suspect the period will go very
much like the first of January did. The key thing is, if there are
problems, our first team will be right there watching. And if
anything needs to be fixed, we'll fix it."

Except for a satellite-based intelligence system that experienced a
Y2K failure and was inoperable for a few hours, DoD experienced
only a few minor Y2K failures on Jan. 1, and they did not affect
military operations or readiness.

Although the leap year problem is seen as the last major Y2K
battle, Curtis said DoD will watching throughout 2000 to catch
problems that may pop up down the road.

"We have to stay vigilant about our data bases," he said. "Very few
routines in computer code are actually executed in any given time.
Some occur every week, some every month, some quarterly, and some
are yearly updates. So we will likely experience minor problems at
various points throughout the year."

While getting through 2000 without major Y2K problems is a key
goal, the Pentagon will be dealing with Y2K leftovers for years to
come. Curtis explained that many of the system repairs made during
the past two years were only temporary fixes, involving a technique
called "windowing."

Windowing is a programming technique that enables software to
recognize four-digit year fields instead of just two-digit fields,
and thus allowing information technology users to temporarily avoid
the Y2K problem.

For example, a typical windowing fix would reconfigure software so
that years entered as 00-29 are assumed to represent 2000 through
2029, and years entered as 30-99 represent 1930 through 1999.

Essentially, this delays the need for a permanent Y2K fix until the
year 2029. The technique has been widely used in both government
and private industry.

The technique -- at least in the short run, saved the Pentagon
time, money and ensured continued reliability of systems into the
millennium," Curtis said. Some systems were "windowed" for a five-
year period, while others go out as many as 50 years.

"Had we tried to do permanent fixes on everyone's systems during
the past few years there would have been a huge information
technology traffic jam," Curtis said. "Now we can go back and make
the necessary modifications in a coordinated way without impacting
interaction between one system and another."

DoD spent approximately $3.6 billion during its four-year Y2K
repair and testing effort -- an investment of time and money Curtis
said will pay DoD big dividends for years to come.

Looking back on his role as one of DoD's key Y2K managers, he said
Curtis said the military has learned valuable lessons that will
help the department manage information technology in the future.

During the course of the Y2K challenge, he said leaders at all
levels came to appreciate the military's dependency on information
technology.

"We fixed a lot of infrastructure and an awful lot of computer code
got cleaned up," Curtis said. "We've gone into the year 2000 with a
much better set of systems than we had before and a far better
system for maintaining them."

Other benefits he cited included:

* A clear understanding of what systems are systems are vulnerable
to computer hackers and how to better protect them in the future.

* Development of models to manage and track the use of information
technology throughout DoD.

* Better working relationships with both federal agencies and
foreign nations -- all of which DoD worked closely with to ensure
Y2K did not impact either U.S. or overseas installations.

"It was a tremendous effort and we've all learned a great deal from
the experience," he said. I owe a great deal of thanks to those who
led the way, from our top leaders on down to those who were fixing
the problems in systems throughout DoD. They're the real heroes of
Y2K."

------------------------------------------------------------

8) Y2K Post Rollover Repairs
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com

------------------------------------------------------------

Y2K Resource Center Newsletter, Vol. 109: 01/28/00
------------------------------------------------------------

Hacker Raids Alert Japan

by Dan Steele, EE
http://www.egroups.com/list/y2k-resource-center
http://www.suttondesigns.com/NetsaversCenter/index4.html

------------------------------------------------------------

Contents:

1) 'Dancing Baby' Spooks Japanese Government
2) AOL Still Not Taking Messages?
3) ZDNet to Become An Independent Firm
4) AOL 6.0 Details Leaked on Web
5) Hacker Raids Alert Japan
6) Top Level Domain Names Available at eBay
7) Instant Messaging and Online Customer Service
8) Storm Outages Increase Portable Generator Useage
9) Y2K Post Rollover Repairs

------------------------------------------------------------

Send this Newsletter to a friend!

They need only send a BLANK letter to the LINK BELOW to
SUBSCRIBE to the Netsavers Software Newsletter.

y2k-resource-center-subscribe@egroups.com

------------------------------------------------------------

1) 'Dancing Baby' Spooks Japanese Government
------------------------------------------------------------

Reuters

A dancing baby spooked Japan's government on Friday.

The government, struggling to ward off repeated attacks by computer
hackers, found an animated cartoon of a dancing baby on the Trade
Ministry's homepage after a tip-off early on Friday by police who
feared the site may have been raided.

But to the relief and embarrassment of officials at the Ministry of
International Trade and Industry, the cartoon had been inserted by
the site's operators while they were checking for intrusion
attempts.

The ``Dancing Baby,'' a popular computer animation character which
has travelled the world via the Internet and appeared in a
hallucinatory role on U.S. sitcom ``Ally McBeal,'' had been used by
the site operators as one of their tests.

``It's so embarrassing,'' Trade Minister Takashi Fukaya told a news
conference.

Japan has been suffering from raids this week on government
Internet sites by hackers who have left messages attacking the
government and links to pornographic sites.

The baby was quickly removed, a trade official said.

------------------------------------------------------------

2) AOL Still Not Taking Messages?
------------------------------------------------------------

Steven Vonder Haar, Inter@ctive Week

If America Online has devised a new plan for responding to
outsiders offering software compatible with its instant messaging
services, it hasn't told anybody.

During the past six months, AOL has staunchly protected the
proprietary nature of its AOL Instant Messenger and ICQ buddy list
services, blocking attempts by companies from Microsoft to Prodigy
to devise applications that would enable individuals to exchange
real-time messages with users of AOL's messaging services.

So, it came as some surprise this week when start-up NovaWiz
released a version of its Odigo instant messaging service
compatible with the AOL-owned ICQ that was not blocked by AOL - at
least in the first three days after Odigo's release.

AOL's response - or lack of it - had even NovaWiz rivals, such as
Beth Nagenast, product manager of Tribal Voice's PowWow instant
messaging software, stumped.

"AOL could easily block it if they wanted to," Nagenast said of the
NovaWiz offering. "I don't know what to make of it."

AOL officials did not return calls seeking comment.

Tribal Voice last month launched a version of its instant messaging
service that is partially inter-operable with the AOL Instant
Messenger service. AOL blocked the exchange of messages from the
Tribal Voice software only when users of its PowWow software tried
to exchange messages while using access services supplied by Tribal
Voice distribution partners, AT&T or AltaVista.

The implication is that AOL - in the case of instant messaging - is
a benevolent monopolist: It only blocks companies it perceives to
be a strategic threat, said Bill Kirkner, chief technical officer
at Prodigy. He did not expect AOL's inaction in the case of NovaWiz
to signal a new era of open instant messaging standards."I don't
see the evil empire changing policy on this anytime soon," Kirkner
said.

But no one knows for sure because AOL has been largely silent in
recent months in its dealings with other instant messaging
companies. "It's hard for me to guess because they won't talk to
us," Nagenast said.

The silent treatment is doing nothing but encouraging NovaWiz to
continue efforts to build inter-operable instant messaging systems,
said Avner Ronen, vice president of strategic development at the
company.

Building on its work with the ICQ system, NovaWiz is planning to
develop offerings that extend the compatibility of its software
with AOL Instant Messenger and competing products made by Microsoft
and Yahoo!.

"We're not going to stop with ICQ," Ronen said. "We hope to be the
first company that builds a bridge between all instant messaging
systems."

------------------------------------------------------------

3) ZDNet to Become An Independent Firm
------------------------------------------------------------

Reuters

Former trade publisher Ziff-Davis Inc. (ZD.N), said on Friday its
online business ZDNet (ZDZ.N), which currently trades as a tracking
stock, will be converted into an independent company.

Ziff-Davis, which spent the last half of 1999 selling off virtually
its entire portfolio except the online business, will ultimately be
"merged" into ZDNet Inc. by the second quarter of 2000 and will
trade as a single common stock with ZDNet's ticker symbol.

Ziff-Davis' largest shareholder Softbank Corp. (9984.T) would be
the largest shareholder of ZDNet with a 45 percent stake.

"We consider ZDNet a core Softbank holding, as it exemplifies our
long-term strategy of investing in market leaders on the Web," said
Masayoshi Son, chairman and chief executive officer of Softbank.

Softbank announced in July that it would focus exclusively on
Internet properties. Since then, Ziff-Davis has sold off each of
its media and marketing properties one by one. Most recently, it
sold its publishing arm, which included PC Magazine, to a private
investment firm for $780 million.

In November, Ziff-Davis announced the sale of its ZDTV cable
television channel to Microsoft co-founder Paul Allen's Vulcan
Ventures for $205 million. It also sold ZD Education, its business-
to-business learning organization for $172 million and its market
intelligence unit for $106 million.

Ziff-Davis is currently in discussions regarding a possible sale of
ZD Events, which it expects to complete in the second quarter of
2000.

Ziff-Davis will use the money from these transactions to eliminate
its debt and pay dividends to its shareholders, which is expected
to be about $5.00 a share payable in the second quarter.

Each share of Ziff-Davis will be converted into 0.5-0.6 share of
the new independent company, while each share of the ZDNet tracking
stock will be converted into 1.7-1.9 shares of the new company.

The new ZDNet Inc. will have around 150 million shares on a fully
diluted basis. ZDNet to Become An Independent Firm
Reuters

Former trade publisher Ziff-Davis Inc. (ZD.N), said on Friday its
online business ZDNet (ZDZ.N), which currently trades as a tracking
stock, will be converted into an independent company.

Ziff-Davis, which spent the last half of 1999 selling off virtually
its entire portfolio except the online business, will ultimately be
"merged" into ZDNet Inc. by the second quarter of 2000 and will
trade as a single common stock with ZDNet's ticker symbol.

Ziff-Davis' largest shareholder Softbank Corp. (9984.T) would be
the largest shareholder of ZDNet with a 45 percent stake.

"We consider ZDNet a core Softbank holding, as it exemplifies our
long-term strategy of investing in market leaders on the Web," said
Masayoshi Son, chairman and chief executive officer of Softbank.

Softbank announced in July that it would focus exclusively on
Internet properties. Since then, Ziff-Davis has sold off each of
its media and marketing properties one by one. Most recently, it
sold its publishing arm, which included PC Magazine, to a private
investment firm for $780 million.

In November, Ziff-Davis announced the sale of its ZDTV cable
television channel to Microsoft co-founder Paul Allen's Vulcan
Ventures for $205 million. It also sold ZD Education, its business-
to-business learning organization for $172 million and its market
intelligence unit for $106 million.

Ziff-Davis is currently in discussions regarding a possible sale of
ZD Events, which it expects to complete in the second quarter of
2000.

Ziff-Davis will use the money from these transactions to eliminate
its debt and pay dividends to its shareholders, which is expected
to be about $5.00 a share payable in the second quarter.

Each share of Ziff-Davis will be converted into 0.5-0.6 share of
the new independent company, while each share of the ZDNet tracking
stock will be converted into 1.7-1.9 shares of the new company.

The new ZDNet Inc. will have around 150 million shares on a fully
diluted basis.

------------------------------------------------------------

4) AOL 6.0 Details Leaked on Web
------------------------------------------------------------

Executives at AOL are in a frothy lather after a teenager published
details about the company's yet-to-be-released software on his Web
site.

AOL 6.0 -- which is still on the drawing board -- isn't even
supposed to be beta tested until May. It's scheduled for general
release in August.

According to CNET, the youth has already been slapped with a notice
from lawyers to remove the unauthorised material from the site or
face the consequences.

They claim he must have obtained the information from an illegal
source. It seems the confidential information was either hacked or
leaked.

But a message on the site reads: "All information was gained
legally without the use of a third-party source, and without
breaking any laws. The information was posted in a public file
library on AOL."

Unfortunately, no one from AOL was available for comment by press
time so there's no way of knowing whether AOL has egg on its face,
or whether it has a genuine case.

Either way, as of 12:35pm (GMT), the offending site was still
available.

------------------------------------------------------------

5) Hacker Raids Alert Japan
------------------------------------------------------------

GINNY PARKER, Nando Media

Japan's World War II history is the source of bitter memories,
chilly relations with Asia and the subject of heated historical
debate. But this week, the controversy turned high-tech.

Hackers raided government-run Web sites, posting messages accusing
Japan of trying to whitewash its wartime past.

While the messages strike a sensitive spot in Japan, more
importantly the hacker assault set off alarms about the country's
vulnerability to cyber crime.

Despite its love for just about everything high-tech, Japan is far
behind other countries when it comes to fighting crime online.
Critics say the hackers could so easily intrude because officials
are simply not prepared for them.

"The Internet is public, so Japan just can't assume it's safe,"
Eiji Hara of the Cabinet Office for National Security and Crisis
Management said Thursday. "From now on, we'll have to speed up
development of security measures."

Some of the messages - the first violations of Japanese government
sites - alleged that Tokyo denied the Rape of Nanking, the Japanese
army's massacre of civilians during the 1937-38 occupation of the
Chinese city now known as Nanjing.

Intruders also erased data or directed visitors to the Web site of
Playboy magazine.

The government quickly established an emergency committee to
discuss ways to block hackers. The National Police Agency put
together a special headquarters to investigate.

"People are hacking sites all over the world, every day," said Ken
Sakamura, a professor of information science at the University of
Tokyo. "For Japan, it's not a computer problem. The weakness is
with the law and the government's ability to cope."

This year the Defense Agency set aside $123 million to deal with
hackers - an amount criticized in the Japanese media as far too
little.

Sakamura said he suspects the recent attacks originated overseas,
since that's where most hackers operate.

"The Internet connects Japan with the whole world, so the attacks
can come from anywhere," he said. "Net society knows no borders."

The Internet has grown by bounds in Japan in the last year, but it
is still a new concept. The net-shy nation was late getting online,
mainly because of sky-high local phone rates and the relative
unpopularity of personal computers.

And critics say more work is needed as more Japanese go online. For
example, Sakamura said the government should hire more computer
specialists to watch over the national computer network.

The government has begun trying to beef up the country's defenses
against cyber criminals. Last summer, Parliament passed a new law
this summer to outlaw unauthorized access. It takes effect next
month.

The intrusions this week were relentless. On Thursday, several
government agencies and a Japanese newspaper reported being hacked.
In one instance, hackers made 12,000 hits within two minutes in an
attempt to break into the Web site of the National Personnel
Authority, Kyodo News agency reported.

Also Thursday, hackers invaded the home page of the Economic
Planning Agency's National Institute for Research Advancement and
substituted the welcome message with "Nippon is rotten animal" -
using the Japanese word for Japan.

The raids began Wednesday with an attack on the Science and
Technology Agency's home page posting a text in Chinese and English
accusing Japan of shirking responsibility for Nanking.

The long-standing controversy flared this past weekend when a group
held a seminar in the Japanese city of Osaka about the massacre
entitled: "The Biggest Lie of The 20th Century."

China harshly criticized the Japanese government for allowing the
conference. At the event, speakers denied historians' claims that
Japanese imperial soldiers killed as many as 300,000 people in
Nanking.

The Japanese government has long admitted that troops killed tens
of thousands of people, but there's still debate among historians
about the numbers.

------------------------------------------------------------

6) Top Level Domain Names Available at eBay
------------------------------------------------------------

Identify2000.com
e-Relativity.com
e-NewsNow.com
e-GameSpot.com
e-Go2net.com
Go2DomainNames.com
Go2Greetings.com
2000INCORPORATED.COM
NetizensCafe.com
CafeNetizens.com
e-Windows2000.com
Windows2000Guide.com
ByteSavers.com
BackupMySite.com
BestOnlineFilms.com
MoviesNowShowing.com

If any of the above Domain Names are of interest to you, they are
now BRIEFLY available at http://www.ebay.com in the
Computer/Services/Domain Names SECTION!

http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=246645146

------------------------------------------------------------

7) Instant Messaging and Online Customer Service
------------------------------------------------------------

Stephanie Sanborn

FaceTime Communications has expanded its partnership with America
Online, giving companies and customers the option of using instant
messaging as a customer service tool through FaceTime's BizBuddy
service and AOL Instant Messenger (AIM).

Through the service, companies can offer customers a BizBuddy
instant messaging name, which shows up on their AIM screen under
the BizBuddy category, akin to existing "Buddies" or "Co-Workers"
headings. Rather than sending e-mail or dialing a phone number when
they have a question, customers can send instant messages directly
to the company for an immediate response, according to FaceTime
officials.

"Providing top-quality customer service and a great customer
experience for people when they're on the site is becoming
critically important for online e-tailers," said David Hsieh, co-
founder of and vice president of business affairs at FaceTime.
Hsieh added that buyers often lose interest in purchasing when
their questions are not answered quickly.

Hsieh said that companies could have more than one BizBuddy name,
such as a customer service name and a sales service name, to make
sure questions go directly to the correct department. Hsieh also
said that companies would be able to answer questions more quickly
over instant messaging because of the uniqueness of users' screen
names.

"Because people that use instant messaging have their own screen
names, we automatically know who's 'calling' and so [a company] can
pull up all your information before the customer service agent
begins to answer you," Hsieh said.

USBid.com, an electronics-industry auction company, in Melbourne,
Fla., has incorporated FaceTime's service into their company, using
the instant-messaging capability to help customers navigate their
Web site and make offers or deals on available products.

"FaceTime really has gone out and pioneered this notion of taking
this very consumer product, that really hasn't been used for
anything other than our teenage children to talk with each other
after school, and turned it into something that businesses can use
for real-time, outbound communication with customers," said John
Ormesher, vice president of e-commerce at USBid.com.

Instant messaging may seem a powerful tool for receiving quick
answers to queries, but it is still susceptible to the problem of
long waits for an available operator. According to Hsieh, companies
can sidestep possible customer service agent shortfalls due to
instant messaging's online format.

"One of the things that's different about instant messaging is that
the customer service agents can actually juggle multiple customer
conversations simultaneously," Hsieh said. "Typically, we see that
a reasonable customer service agent can have three or four
conversations at once.

That means less bodies can handle more customers, so for most
companies, it will mean much better service times and much lower
wait times, if any. If a company gets swamped, then certainly you
might get put into a queue and placed on hold. Of course, instead
of having to listen to really bad Muzak, you get the option to surf
the Web while you're waiting."

Mark Levitt, research director of collaborative computing at
International Data Corp., in Framingham, Mass., views the scenario
of agents handling several customers at once with a wary eye.

Security issues may also come into play, as customers might be
unwilling to provide personal details - such as giving a social
security number to a credit card company as verification before
receiving their account information - over an instant messaging
client. However, Hsieh said that BizBuddy is "no more, no less
secure than e-mail is."

Nonetheless, Levitt continues to wear his "skeptic hat" regarding
instant messaging in the customer service department, noting that
instant messaging is currently a lightweight service perhaps better
suited to short, brief notes than "thoughtful, carefully-
articulated responses to customer questions."

FaceTime will continue to pursue partnerships with other businesses
offering instant messaging communities. The company signed a formal
partnership with AOL in September of 1999, allowing FaceTime
license to run applications for customer care on the AIM network as
well as technical cooperation to make sure AIM will scale and
provide reliability for business communication.

------------------------------------------------------------

8) Storm Outages Increase Portable Generator Useage
------------------------------------------------------------

A large number of people have a Portable Generator (10,000
watts or less) to help offset power outages that are prevalent
during the winter.

There are a number of SAFETY ISSUES and Proper USE ISSUES that
should be mentioned.

I present a list of URLs to initiate this discussion...

Using PORTABLE GENERATORS With Computers
http://suttondesigns.com/NetsaversCenter/lcy11.html

Using PORTABLE GENERATORS Safely
http://suttondesigns.com/NetsaversCenter/lcy12.html

LINE CONDITIONERS and Y2K
http://suttondesigns.com/NetsaversCenter/lcy13.html

PORTABLE GENERATOR Safety!
http://suttondesigns.com/NetsaversCenter/lcy14.html

GENERATORS and Computers!
http://suttondesigns.com/NetsaversCenter/lcy15.html

HARMONICS and NOISE From GENERATORS
http://suttondesigns.com/NetsaversCenter/lcy16.html

Y2K LINE CONDITIONER
http://suttondesigns.com/NetsaversCenter/lcy17.html

PORTABLE GENERATORS and GFCIs
http://suttondesigns.com/NetsaversCenter/lcy18.html

------------------------------------------------------------

9) Y2K Post Rollover Repairs
------------------------------------------------------------

Dan Steele, EE

If you want to Y2K protect or repair your system, you still can,
even though the rollover has passed.

First, you will need to restore your system to Dec. 31, 1999. That
being done, INSTALL the Netsavers Y2K TSR Scanner Kit or the
NET2000 Total Software Scanner FULL VERSION.

The only things you need to do now is re-enter any data not on the
SAVE that you re-installed.

Netsavers Y2K TSR Scanner Kit: $18
(for the RTC clock in your computer)

http://suttondesigns.com/NetsaversCenter/Y2k/NetY2K/Net2YKdesc.html

Netsavers NET2000 Total Software Scanner: $59.95
(for the RTC clock, operating system, and applications)

http://suttondesigns.com/NetsaversCenter/Y2k/Net2000/Net2000TP.html

------------------------------------------------------------

To Unsubscribe: send a BLANK letter to:
y2k-resource-center-unsubscribe@egroups.com