Network: Bytes

Click to follow
INTEL SAID last week that an alleged flaw in its new Pentium III serial number system was not a problem with the chip. Intel has provided a software switch in response to privacy concerns over the serial number system, which can be used to track users in cyberspace. A German magazine said it had found a way to bypass the "on-off" switch without a user's knowledge. "What is being discussed... is a possible software hack," said an Intel spokesman. "If they've found something that's real, we will try to create some kind of patch to prevent the security problem."

Manufacturers such as IBM and Dell went one step further and shipped systems with the serial number system disabled. "IBM understands that consumers will continue to embrace the Internet only to the degree that they trust the technology," IBM stated. "There are legitimate privacy concerns raised... IBM plans to disable the processor ID feature at the Bios level in our Pentium III client systems."

Five years ago, when the original Pentium chip was released, a flaw in the way it handled some calculations led to a recall that cost Intel hundreds of millions of dollars.

u

POTENTIAL SECURITY holes in Netscape and Microsoft's Web browsers were reported last week by News.com, with both companies taking steps to combat possible theft of users' private information.

Bennett Haselton, a security expert, demonstrated some code that allows Navigator to upload files without the user's consent. Users have to type in a filename before it can be uploaded, but Haselton's code builds a phrase around a target filename and asks users to type it in, ostensibly to verify their identity. Haselton's JavaScript then strips out the extraneous characters to allow the file to be uploaded.

Netscape said an extra warning dialogue box would be incorporated into future Communicator upgrades. In the meantime, it cautions users against typing in an exact phrase, unless it's a name or password previously selected.

A Spanish bug-hunter, Juan Carlos Cuartango, found that an Active X control problem means Microsoft's Internet Explorer (IE) 4 can be manipulated to allow remote access to the Windows clipboard, which could contain confidential data from another application. Microsoft says a fix will be included in the next service pack, but concerned users can disable scripting in IE's security zone.

u

INTERNET2, A private experimental network to operate at 2.4 gigabits per second, 85,000 times faster than a dial-up modem, has gone live in the US. Over the next five years, 140 universities will be connected to Abilene, a $500m fibre-optic backbone developed by the University Corporation for Advanced Internet Development, Qwest Communications, Nortel Networks, Cisco Systems and Indiana University.

Internet2 is not available to the public, but its technologies will filter through to the Internet. The project will also feed into existing advanced research and education networks, such as the high-performance Backbone Network Service and the Clinton administration's Next Generation Internet, which is being built to be 100 to 1,000 times faster than the Internet.

u

IBM ANNOUNCED last week its "system on a chip" technology, which will be more compact and efficient than conventional products. "Having processing power and data on separate chips was like having the materials you need to do a job in another office," said Bijaran Davari, IBM's vice-president for development.

Mobile phones and hand-held PCs in particular will benefit from the new technology, but IBM also plans to use it in data-communications hardware such as hubs and routers. Design work on products using chips running from 200 to 700Mhz starts this month, but commercial production will not be for another year.

u

CORRECTION: IN the Network section of 1 February ("Squaring up to the US giants") we reported that the US-based web company iXL had bought the UK web firm Green Cathedral. Though iXL did look into buying the company, it did not in fact purchase it.

Comments