Aardvark Weekly
New Zealand's Leading Weekly Net-News Online Publication
Net-Industry
Commentary!
You really should use a Java-capable Browser!

Add this ticker to your page
ASB Bank
Please support Aardvark - CLICK THE AD!
Enabled Are YOU Aardvark Enabled?

LISTEN to Aardvark Weekly!

RealAudio 2

RealAudio 5

Get Plug In

Aardvark Daily


Product Review
Epson 600 Colour Printer

Advertise Here?

Email Addresses

Feedback

Right of Reply

For Publication

Click HERE for DAILY Net News

Commentary for: 17 November 1997

A Channel to Nowhere?
IE4 has become a part of everyday life (and strife) for a growing number of Net users - but the vast majority (nearly 70%) prefer to use IE3 or one of the Netscape Navigator versions - so why are some of the big names in the local content business hitching their wagon to the IE4 proprietary channel mechanism?

A good example of this is the NZ Herald - the country's leading daily newspaper. If you troll off to their Web site at www.nzherald.co.nz you'll get a profile of the Wilson & Horton group of publishing companies and even following the links to The Herald itself yields no useful news or content. There is a link titled The New Zealand Herald Online Extra but again - this is just a small amount of feature material - no news here!

You can seek out the channels portion of their Web site by pointing your browser at: http://channels.nzherald.co.nz/herald.asp but if you're using anything other than IE4 then you're in for a disappointment. IE3 works but screws up the placement of the text but Netscape simply draws the graphics without any text at all and none of the links work.

So... why are the Herald putting all their eggs in one basket? Why have they chosen to alienate themselves from 70% of the market by using technology that is only supported on IE4?

One must wonder exactly what Microsoft have offered The Herald in order to give them more or less exclusive distribution of their content and forego the benefits of reaching 70% of the estimated 100,000 Internet users in NZ.

Welcome TV3!
Very quietly, without any fuss or trumpet-blowing, TV3 has gone from "Coming Soon" to "here now" status on their Web site

It seems that Spike Wireless have woken up to their folly and canned the 270Kbyte animated (wannabe video) animated GIF on the front page.

Don't get too excited though.. their programme listings are even worse than TVNZ's used to be - not a link in site! At least now TVNZ are offering some local programme-support pages and links to them from their listings.

The TV3 News page is a bit of a joke though - when I checked on Sunday afternoon there were just two stories and they were more "human interest" than anything. Certainly TVNZ wins that battle hands-down with a news page that is quite respectable; respectable enough in fact to be included in the 7am NZ NewsWires section. (sorry... had to get a plug in there ;-).

The sports section seems quite reasonable - which is important since it's been proven that sports is one of the hottest topics on the Net.

And they've not forgotten the kids - although they seem to have fallen back onto some rather old-fashioned technology to provide an activity for the little-ones. Maybe they should get someone to write them a little "colour a picture" Java applet!

So... what about this site then?

Well it seems to me that it's about 30% finished at the moment - which may be the reason there's been no "official launch". Spike Wireless have apparently conceded the point that those wannabe videos are a waste of bandwidth.

There are no links to off-site content which is a bit of a shame. Seems that both TVNZ and TV3 are reluctant to deliver people to other sites, even though there's some very good "official" and third-party programme-support sites out there. Take a look at the 7am TV Pages and the programme listings there for an indication of how TV schedules can be nicely augmented by links to other sites. I suspect this is an indication that even though traditional broadcasters have come a long way in their understanding of the Net - they still don't quite get it yet.

Good work Spike Wireless, good work TV3 but:

  • Loosen your grip on the reigns a little by adding some links to 3rd party sites
  • Turn off the cookies - there's one for every page!
  • Offer something for those who prefer a no-frames option!

Aardvark will revisit the site in a few weeks to see how it's shaping up.

TV3 getting there, slowly

Walk right in, take what you want!
Security Stupidity
"Is it safe to send your credit card details over the net?"

That's a question which is asked over and over again - both by individuals faced with the temptation of some super cyber-deal they find on the Web and by the media who like to throw the fear of God in to the average Net surfer.

The reality is that all encryption can be broken - it's just a matter of how much time and processing power the cracker has available. Recently we've seen 56bit encryption broken in a matter of weeks by a dedicated group of individuals who pooled resources through the Net - but does that really compromise the safety of your credit-card information when sent through the secure connection facilities of your browser?

Of course not. As far as I am aware, all the scandals regarding stolen credit-card numbers relate to situations where that information has been stored on a server somewhere (in an unencrypted form) and the security of that server has been compromised. I've seen not a single report of secure-transaction data being intercepted and decoded by hackers or crooks.

However, there is a HUGE security threat out there which I've tried to highlight on several occasions and which has a very real potential to compromise all manner of security systems that are used over the Net. Using this weakness, hackers and crims could grab your credit-card numbers, expiry date, name --- and the IDs and passwords you use to access any other secure site on the Web.

Of course I'm referring to the problem reported by the Computer Emergency Response Team in their advisory which can be downloaded from their ftp site.

In summary, the effect of this bug is to allow a savvy Web-site owner to imbed a small Javascript (note: this is NOT Java but JavaScript) program in one of their Web pages which will then monitor and report all keyboard entries made onto your computer. They'll be able to see exactly what you've typed - including your credit card details if you buy something over the Net.

This bug affects virtually all the commonly used browsers, including the offerings from Microsoft and Netscape and it's not hard to write that little JavaScript program!

So how do you protect yourself?

TURN OFF YOUR JAVASCRIPT!

Both Internet Explorer and Netscape allow you to disable the Javascript support on your browser - so do it now because nothing else will prevent a hacker from exploiting this weakness in your browser. Don't think that just because you're behind a firewall or using a secure server you're safe - they won't make any difference in this case.

Okay, I've heard no reports of this bug being exploited - but since it's comparatively quick and easy, far more so than cracking a 56-bit encryption key, it's fair to assume that it poses a far greater risk to your sensitive data.

Unfortunately - some site operators appear to be completely ignorant of this bug and it's potential ramifications so they design their sites to rely on Javascript. A good example of this is the NBR site which refuses to operate correctly if you choose No-Frames and turn off your Javascript. In fact it's worse than that - such a configuration actually produces a Cold-Fusion error message.

So, considering that the problem has been identified and most hackers are aware of it (they tend to visit CERT quite often to find out exactly what the weaknesses in certain systems are); and considering that it's very easy to build sites that will work with or without Javascript enabled - think twice about using a site that won't let you in unless you turn your JavaScript on. If you decide to turn your Javascript back on and use the site, you should, at the very least, turn Javascript back off then exit and restart your browser immediately afterwards so as to flush any such program from your browser's memory.

Here's a bit of fun!
These days, most of us have either an answering machine or some kind of voice-mailbox system attached to our phones. However, if you're like most of us you find it really hard to compose a nice message that doesn't make you sound like an idiot.

Well... relief is at hand! Now you can have someone really famous addressing your callers and avoid the embarrassing task of trying to sound interesting and informative yourself.

The Answering Machine Messages page is a brilliant collection of answerphone messages dictated by famous people (or mimics of famous people). You'll find greetings and instructions from some real classics such as Clint Eastwood, Jimmy Stewart, Elvis, Spock, Beavis & Butthead, Monty Python and more.

So go on, give your voice a rest and your callers a thrill. Download your favourite wav file and stick it on your answering system.

Do you feel lucky? Punk!

TV Chat

I Can't Believe It's True!

Web designers like to showcase their work as a method of attracting new customers and proving their talents. Okay, fair enough - but am I just being too suspicious when I see this site advertising that they've developed the Air New Zealand pages? A visit to the AirNZ sites (US and NZ) show no sign of the designer's work - and just click on the link he's provided.

Are you telling porkies?

There's nothing wrong with the quality of the work but you can't help being more than a little suspicious about the claims.

 
Right of Reply.

Nothing today


New Zealand News Wires

New Zealand News headlines from the best News sites on the NZ Web, all on one page to save you time, money and frustration - updated every 15 minutes.

All the nation's news on one page!

Or...

WorldWires - World news headlines

On TV Today
Turn on your Java!
Add this Remote to your own pages!

Aardvark Daily is a publication of, and is copyright to, Bruce Simpson, all rights reserved
Aardvark's logo created by WebDesign, Aardvark is kindly hosted by Actrix Networks