1USA News June 30, 2001

This page is sponsored by:

1USA Customer Newsletter
Saturday, July 7, 2001

They paid $600,000.00 to show how slow and inept AOL is...
During the Pepsi 400 Nascar race on Sat. July 7th, AOL's TV advertising showed that
- users on AOL have to find and go to the Keyword page
- then type in the keyword of Nascar
- which opens the Web Browser, goes out onto the Internet, and retrieves the Nascar.Com home page - THROUGH the slow, overworked AOL Proxy.

I guess there's no point in paying to advertise that 1USA Subscribers are connecting directly to the internet and only need to click on http://www.nascar.com to get to the same place, 30% faster, with less Advertising in between, and with less hassle...

Concentrate on your Driving

OK, all you overburdened motorists who spend 99 percent of your time yacking while driving -- hands off.

New York has become the first state to forbid any motorist, starting Dec. 1, 2001 from driving with a cell phone next to his or her ear, except for emergency calls.

Phones in cradles or attached to a headset will still be legal.

Similar laws are pending in 35 states in the U.S., and a growing number of countries, including Austria, Brazil, England, Germany, Israel, Italy, Japan, Switzerland and Turkey, limit cell phone use in cars.

Now, cell phones.
Next targets are: applying makeup and reading newspapers while driving.

Return of Dog Tags of dead American solders to their families
Two businessmen were touring VietNam and ran across Dog Tags of dead American soldiers on a street corner being sold as tourist mementos.
The two businessmen purchased ALL of the dog tags, and are now trying to locate family members of the deceased.
To see a list of the Dog Tags they returned with, visit http://www.founddogtags.com/
Pass the word.

Hotmail and Juno virus threat
Javascript exploit could spawn webmail Melissa virus

A flaw in the web-based email services run by the likes of Yahoo! and Hotmail makes them conduits through which mass mailing email viruses can rapidly spread over the Internet.

That's the serious warning contained in a posting to the Bugtraq security mailing list by a security researcher who said that cross-site scripting vulnerabilities make it possible to replicate Melissa-type worms through Web mail services.

To exploit the vulnerability an attacker would send an email to a victim, within which is a link to a service provider's own server. This link would contain Javascript that executes when the page is loaded and opens a window that could navigate through the victim's in-box, sending messages with the malicious link to every email address it finds in the inbox.

The trick of this exploit is that since the malicious Javascript executes inside a page from the mail service's own server, no domain-bounding error is triggered when the Javascript is controlling the window with the victim's inbox.

Although the exploit requires a user to click on a link, the fact that a malicious email comes from a friend or trusted source and contains a link to a familiar, trusted server works in favour of any worm created which makes use of the security loophole.

The vulnerability was discovered by a white-hat hacker called Matt Parcens who has posted an advisory on the issue and the steps that need to be taken to address the issue.

Both Yahoo! and Hotmail were notified of the issue on May 23rd but it's not known if a fix has been put in place, or which other services might be affected.

Researchers were investigating the issue with a view to developing a fix.

Windows NT and Windows 2000 Web Server software
Another new Major security hole has been found and all Windows web servers running IIS 4 and IIS5 are vulnerable. If any of you are running your own web servers, contact 1USA for details or a Security Assessment.

Upgrade to a new 1USA PC

Order your $299 1USA PC Today - for delivery during Tax-Free week

Failed to execute CGI : Win32 Error Code = 3

This page has been visited times since
You are visitor number today

This page is sponsored by:

	1USA Customer Newsletter Saturday, July 7, 2001

	They paid $600,000.00 to show how slow and inept AOL is... During the Pepsi 400 Nascar race on Sat. July 7th, AOL's TV advertising showed that - users on AOL have to find and go to the Keyword page - then type in the keyword of Nascar - which opens the Web Browser, goes out onto the Internet, and retrieves the Nascar.Com home page - THROUGH the slow, overworked AOL Proxy. I guess there's no point in paying to advertise that 1USA Subscribers are connecting directly to the internet and only need to click on http://www.nascar.com to get to the same place, 30% faster, with less Advertising in between, and with less hassle...

	Concentrate on your Driving OK, all you overburdened motorists who spend 99 percent of your time yacking while driving -- hands off. New York has become the first state to forbid any motorist, starting Dec. 1, 2001 from driving with a cell phone next to his or her ear, except for emergency calls. Phones in cradles or attached to a headset will still be legal. Similar laws are pending in 35 states in the U.S., and a growing number of countries, including Austria, Brazil, England, Germany, Israel, Italy, Japan, Switzerland and Turkey, limit cell phone use in cars. Now, cell phones. Next targets are: applying makeup and reading newspapers while driving.

	Return of Dog Tags of dead American solders to their families Two businessmen were touring VietNam and ran across Dog Tags of dead American soldiers on a street corner being sold as tourist mementos. The two businessmen purchased ALL of the dog tags, and are now trying to locate family members of the deceased. To see a list of the Dog Tags they returned with, visit http://www.founddogtags.com/ Pass the word.

	Hotmail and Juno virus threat Javascript exploit could spawn webmail Melissa virus A flaw in the web-based email services run by the likes of Yahoo! and Hotmail makes them conduits through which mass mailing email viruses can rapidly spread over the Internet. That's the serious warning contained in a posting to the Bugtraq security mailing list by a security researcher who said that cross-site scripting vulnerabilities make it possible to replicate Melissa-type worms through Web mail services. To exploit the vulnerability an attacker would send an email to a victim, within which is a link to a service provider's own server. This link would contain Javascript that executes when the page is loaded and opens a window that could navigate through the victim's in-box, sending messages with the malicious link to every email address it finds in the inbox. The trick of this exploit is that since the malicious Javascript executes inside a page from the mail service's own server, no domain-bounding error is triggered when the Javascript is controlling the window with the victim's inbox. Although the exploit requires a user to click on a link, the fact that a malicious email comes from a friend or trusted source and contains a link to a familiar, trusted server works in favour of any worm created which makes use of the security loophole. The vulnerability was discovered by a white-hat hacker called Matt Parcens who has posted an advisory on the issue and the steps that need to be taken to address the issue. Both Yahoo! and Hotmail were notified of the issue on May 23rd but it's not known if a fix has been put in place, or which other services might be affected. Researchers were investigating the issue with a view to developing a fix.

	Windows NT and Windows 2000 Web Server software Another new Major security hole has been found and all Windows web servers running IIS 4 and IIS5 are vulnerable. If any of you are running your own web servers, contact 1USA for details or a Security Assessment.

	Upgrade to a new 1USA PC Order your $299 1USA PC Today - for delivery during Tax-Free week