Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue

TidBITS Logo


This issue offers tax tips and information for U.S. readers, an alert about spoofing and hijacking on the Internet, a possible solution for DeskWriters that can't feed paper, and news about the new Newton 120 and Newton System 1.3. To round out the issue, Adam comments on how he used the Internet after Seattle's earthquake last weekend, and Gerard Martin shares a thoughtful essay about URLs, the World-Wide Web, and the future.


Copyright 1995 TidBITS Electronic Publishing. All rights reserved.
Information: <> Comments: <>

This issue of TidBITS sponsored in part by:


System 7.5 slowpokes have a little more time to act. Apple has extended from 31-Dec-94 to 17-Feb-95 the postmark deadline for those users who purchased a Mac without System 7.5 between 02-Aug-94 and 31-Dec-94 and who wish to upgrade to 7.5. The upgrade is available for a small shipping and handling charge. A request form is available within the U.S. by calling 800/871-6634. At this time Apple says there is no global upgrade program for users outside the U.S.; users can contact their local dealers for information on programs in specific countries. [MHA]

Robert Hess <> wins the "I'll never think about it in quite the same way again" Quote of the Week award. In response to our comment about the little joystick device IBM uses in the ThinkPads and other PC manufacturers use in various other laptops, Robert noted, "It always makes me feel like I'm manipulating someone's nipple." Of course, this could turn into a major selling point for ThinkPads, and the PR folks could have a field day: "The IBM ThinkPad: Power and stimulation wherever you go." [ACE]

eWorld rate drop -- eWorld recently lowered its rates and eliminated its annoying business hours surcharge. eWorld still costs $8.95 per month for subscribers in the U.S. and Canada, but subscribers can log on for four free hours instead of two. After the first four hours, all additional hours cost $2.95 instead of $4.95. Subscribers from other countries are now charged $9.95 per month with one free hour, and then $9.95 per hour after that.

eWorld also announced that they are working on the next version of eWorld for Macintosh software (the first release of eWorld's Windows software is scheduled for release sometime in 1995). The software, called Golden Gate for now, is planned to have better Internet access, increased speed, improved email, plus new multimedia and text-to-speech features.

In additional eWorld-related news, last week eWorld announced that three additional news services have joined its line-up: U.K. News Today (news and business from the U.K.), Global Grandstand (international sports coverage), and World News Watch (reports of news events world-wide) as well as United Press International's consumer news service, called UPI News You Can Use. See TidBITS-237 for more eWorld information. [TJE]

ResNova Software <> announced that the next version of their NovaLink Professional BBS software will support the World-Wide Web along with the already-supported (assuming a dedicated Internet connection) Internet email, Usenet news, and Telnet in and out of the BBS. NovaLink will provide not only a Mosaic-like interface for browsing the Web, but also the capability for users to create their own HTML documents. The addition of Web support is an interesting move on ResNova's part, because in combination with the Internet services already supported, the World-Wide Web provides access to most of the other standard Internet services like FTP, WAIS, and Gopher. There are a few NovaLink BBSes (<>, <>, and <>) already available on the Internet via Telnet or (with a MacTCP connection) via NovaTerm, the free client software available at: [ACE]

Keep Your Doors Locked

by Geoff Duncan <>

The Computer Incident Advisory Capability office (CIAC) issued a notice 23-Jan-95 on two techniques currently being used to compromise the security of Internet hosts: spoofing and hijacking (or tapping). Although neither of these techniques is particularly new, apparently incidence of their use has increased sharply.

The first method, spoofing, involves an attacker "impersonating" a local machine by altering his or her packets to appear as if they originated at a local machine. This in itself is not inherently a threat; however, many local networks are configured so they implicitly "trust" packets arriving from particular hosts (say an administrator's workstation) and do not require authentication on requests from those machines. If intruders successfully impersonate a trusted machine on a network, they could potentially acquire full access to files, mail, accounts, or anything else on that network. The recommended workaround is to configure network routers to block any packet entering from outside and claiming to be from the local domain.

Hijacking, or tapping, involves using a tool called tap to take over existing login sessions on a system. A user or intruder with root access can use tap to execute commands exactly as if they had been typed by the owner of that login session. If that user had connected to a remote system within that session, no authentication would be required to gain access to that remote system. Users of a hijacked session may notice commands appearing as they're typed by the intruder, screens suddenly clearing, or other unusual events. Contrary to net rumors, it appears that the tap tool is available only for SunOS 4.1.x systems.

These threats do not have an enormous direct impact on Macintosh users, although they could have an affect on systems you connect to with your Macintosh, particularly in corporate, educational, or government sites. Check with your system administrator if you think this information may apply to you or your site. CIAC notices, various software, details on mailing lists and other information are available at:

Information from:

Taxing Situation

by Adam C. Engst <>

It's closing in on that oh-so-stressful time of year for U.S. residents when taxes are due. A number of notes regarding taxes have come in this last week, so we figured that we'd bundle them all together where U.S. residents can read them and everyone else can ignore them happily (unless for some reason you have to pay U.S. taxes as well).

Tax Forms Online -- The Treasury Department has finally put up a Web server. Although this may not be inherently exciting, at least the IRS is doing something useful with it: they've put tax information and Adobe Acrobat (PDF) versions of recent federal tax forms online, including the infamous 1040s and their associated schedules.

Forms for the years 1990 through 1994 are available (with a searchable index) and the PDF versions of these forms can be printed and used like normal tax forms (with some exceptions due to special color-coding, including the 1040EZ and the 1099-FAMILY). Typical forms consume a little over 100K in PDF format, and can be viewed and printed with the Acrobat Reader, also available from the Treasury Department site.

In addition, S-Cubed (a division of Maxwell Laboratories, Inc.) maintains the Taxing Times Web service, where they plan to make PostScript versions of tax forms available. Although the site is still under construction (and they don't yet have 1994 forms online) they do have tax forms from some states, plus links to public domain tax software, Canadian Tax forms in Excel format, and the entire U.S. tax code. Thanks to Chris Habig <> for some of this information. [GD]

Sandro Menzel <> writes:

MacInTax users might want to check their MacInTax disks early. Last year I put off doing my taxes (and installing MacInTax) until the fifteenth of April only to find that one of my install disks was bad. Ouch!

Arthur C. Dechene <> writes:

I just discovered a potentially serious bug in MacInTax version 94.0 (HeadStart Version - created 14-Nov-94, 1:29 AM, modified 14-Nov-94, 2:46 PM). It affects anyone who

MacInTax will drop the 30th item on every itemization page (one page in MacInTax holds 30 items, so if you have 70 items, it will drop two, and so on).

I discovered this by comparing a printout of my sales commissions from Quicken 5 with the total amount of income listed on schedule C line 1. It was off by exactly the 30th amount in the Quicken printout. I called Intuit and their tech support person, who was otherwise very helpful, was unaware of the problem. I called back and he told me he had spoken to their programmers and they are aware of it.

I would guess it is too late to keep the bug out of the final version of MacInTax; it will probably require a bug-fix release. Thus, I strongly recommend that if you use itemizations at all, double-check your calculations to be on the safe side. This bug would have caused me to underpay by $300.

DeskWriter Rollers Clean Up Their Act

by Tonya Engst <>

Is your DeskWriter or DeskJet having problems feeding paper or giving you seemingly erroneous out-of-paper messages? If so, you may have dirty rollers.

Hewlett-Packard recently announced a Paper Feed Cleaning Kit, which cleans your rollers and corrects the problem. According to HP, if you have a DeskWriter or DeskJet 510 or 520, DeskJet 550C, or DeskJet 560C - with a serial number beginning with US36 through US43H, or a serial number from ES41711001 through ES45112001 - your printer's rollers may need cleaning once or twice in their lifetime.

HP says they changed their roller rubber specification back in June of 1993, not realizing that the new roller would respond badly to a combination of use, humidity, paper dust, and other factors. In March of 1994, HP switched back to the older rubber formulation.

HP plans to automatically send cleaning kits to the owners of potentially problematic DeskWriters and DeskJets who registered before July of 1994, so contact HP if you didn't register or if you have questions. HP has set up voice/fax numbers specifically for the cleaning kit, and most of the numbers are toll-free. The URL below takes you to a document that explains the problem, includes a fax form, and lists phone numbers for the U.S., Canada, and many parts of Europe (apparently, most of the problem printers were sold in those areas):

Kudos to HP for making an effort to inform people of the problem and ship them the solution.

Information from:
HP propaganda

New MessagePad, System Update

by Mark H. Anbinder, News Editor <>

Director of Technical Services, Baka Industries Inc.

A new MessagePad model introduced today reassures Newton users that Apple plans to continue expanding and supporting this product line. The MessagePad 120 offers a more usable design and more available memory, The unit is available in two basic memory configurations, with 1 MB or 2 MB of RAM.

Physically, the MessagePad 120 features a removable cover, better screen clarity, and a more convenient side-mounted lock for the PCMCIA slot. The PCMCIA slot also supports cards with higher power requirements than earlier Newton models' slots. Apple says the 325 mA slot in the MessagePad 120 (compared to 115 mA in the 110 model) will better support wireless LAN solutions and radio modems, among other devices.

In addition to extra memory, the 2 MB configuration includes Pocket Quicken and an external data/fax modem. Since much of a Newton's RAM is taken up by operating system processes and applications, doubling the RAM more than doubles the amount of memory available to the user.

At the same time, Apple introduced Newton System 1.3, with separate versions available for MessagePad 100 and MessagePad 110 users. The update increases the reliability of erasing PCMCIA flash cards and improves handling of user preferences. Notification windows now survive when the MessagePad goes to sleep and phone dialing may now include the * and # tones.

You can download the system update from the various commercial online services and from the Internet at:

Modem-equipped MessagePad owners may also update automatically via Apple's Newton Enhancement Server at 800/NEWTON9 or 408/639-8669. Users in the U.S. who wish to obtain the update on a disk for a nominal shipping and handling charge may call 800/315-2246 after 06-Feb-95. Apple strongly recommends backing up the MessagePad's contents with a Connection Kit or a PCMCIA memory card before upgrading.

Information from:
Apple propaganda

Earthquakes on the Net

by Adam C. Engst <>

Around 7 PM last Saturday night, just as our furnace kicked on, the house started to roll. We have a relatively old house, definitely too old to learn new tricks like rolling over and playing dead, so - luckily - the house decided to stop after 10 or 15 seconds. We realized that the furnace hadn't blown up after about three or four seconds, and that in fact we were having an earthquake after another one or two seconds. We scurried under a doorway, but I promptly left on a four foot rescue mission to save Fred, a 20-year-old cactus that I was not going to leave to the tender mercies of the quake. And then it was over. No damage, no breakage, no loss of power, gas, water, or TCP/IP access (although we promptly went and checked everything).

Then, rather than turning on the TV or the radio to see what had happened (heck, we knew what had happened - we wanted details), we went to the Mac and out over the Web. Not being a major earthquake buff, I had to go through the excellent Yahoo subject catalog to find the earthquake pages.

Then I went to the USGS National Earthquake Information Center in Colorado, which had a Finger -> Gopher gateway for the latest information on earthquakes.

That was all fine and nice, but since I did this literally minutes after the quake, there wasn't any data about our earthquake. However, in reading the text of the Finger report, I saw a more local machine at the University of Washington. So I ran Peter Lewis's Finger program and fingered <>. The first time it only had automated information that it claimed couldn't be trusted, but that information remained constant after the warning went away.

Now we knew that the earthquake had been a magnitude of 5.0, and that it was a bit southwest of Seattle. But where exactly? Then I remembered the Xerox PARC Map Viewer at:

It took a little figuring out, but I managed to get the proper search phrases to locate and mark the exact epicenter of the earthquake. The URL that resulted is terribly long, but should work if you take out the hard return between the two lines before pasting it into a Web browser.,-122.35/wd=0.60

Perhaps the most interesting part of the quake experience for us was using the Internet to find this information and immediately send it to friends and family. After about the fourth message we sent out, suddenly a piece of mail came in from Peter Lewis in Australia, who happened to hear about the earthquake from someone near Seattle reporting a problem with Anarchie. Obviously, had this been a serious earthquake, the Internet connection would have gone down, at which point no communications would have been possible. Even still, the Internet made the world feel like a much smaller place for the time, and somehow, that was comforting.

Kobe -- Speaking of much worse earthquakes, a large amount of information about the Kobe quake appeared on the Web rather quickly, and there's a nice collection of it at Yahoo.

In addition to the tremendous human suffering, the Kobe earthquake will likely affect the computer industry rather seriously. Although it appears major semiconductor facilities weren't damaged as badly as initially thought, some plants were hit hard, and damage to the general infrastructure in the Kobe area will slow the return to full manufacturing and shipping capacity. RAM prices have already risen somewhat, and although large manufacturers with multiple suppliers may not feel the effects, individual consumers will. As with the Sumitomo plant fire in July of 1993 (see the RAM Doubler article in TidBITS-208), prices may increase not because the supplies are constrained, but because of the perception that supplies may be constrained. In a commodity market, that's all it takes. The resulting price increase is unwelcome, especially in light of the fact that memory prices haven't changed much in the last few years, unlike the prices of hard disks and other electronic devices.

Finally, to add display insult to memory injury, almost all of the companies that make active-matrix LCD displays were located in the Kobe area as well. Damage to transportation infrastructure and plants owned by Sharp, Hosiden, and DTI will likely result in higher prices and inventory shortages for the active-matrix laptops like Apple's 540c and the high-end laptops from Toshiba, IBM, and Compaq. So, if you've been contemplating such a machine, you might act fast before the supplies in the channel dry up even further.

URL or Not: URL Marks the Spot!

by Gerard Martin <>

It has been suggested that the metaphor of an information superhighway is weak and tired. After all, how many of us live on a four-lane interstate? An alternative metaphor for this speedily growing twenty-first century infrastructure is that of a space: space for what will amount to a living repository of living data, live data about more living data, and - as a process - active participation in the lives of many people.

In William Shatner's "TekWar," a counter-culture knowledge worker asserts that he lives "in there" as he points to the computer workstation that "gateways" to his world. William Gibson first gave us the word "cyberspace" for a machine-created space in his depiction of a world in which one dwells and - we assume - where one stores many, many things. Few today profess to living in cyberspace, yet some of us log incredible hours online. Therefore, it cannot be for naught that the Internet has been labeled by one recent news magazine as the "hang-out" of the nineties, a soda-fountain of good reading and good conversation, a regular ethereal haven of new vibes.

The Internet blossomed on the day when "browsing the World-Wide Web" gave "cruising the net" a whole new meaning. For me, the transition began when our system administrator added the University of Kansas Lynx hypertext browser to our Internet programs. Long before experiencing the multimedia sensation of Mosaic, MacWeb, or Netscape, I recognized something that I had needed for a long time - a stable addressing protocol. Despite long-standing efforts with the FTP/Archie and the Gopher/Veronica/Jughead systems to connect users to files, resources could come and go in a way that defied anyone's attempt sustain the metaphor of a global data repository. I once described the Internet as a library where each day introduced new titles while old titles were removed from dustier virtual shelves. That more titles were being added than removed proved little solace when I received a "Resource Not Found" message.

The day that saw the introduction of the more stable URL (Uniform/Universal Resource Locator) helped change this forever. Since then, the very description of "uniform" is often replaced by the promise of "universal" in a way that strengthens the dream of open-system document addressing. It should come as little surprise that Forbes Magazine would suggest the dissolution of Dewey Decimal System: imagine every infinitely retrievable document or document entry with its own unique Internet-resident address.

For years, people criticized the Internet for its lack of a glossary-style index of cross-references. The Internet as encyclopedia was a poor choice of metaphors. Such a global task at one time seemed unapproachable. Yet, no one questioned that this Internet of networked computers could serve as a suitable dwelling for digital materials of, at the very least, alpha-numerical potential. However, beyond the conduit and the content there was the inevitable loss of context. Fortunately, the client/server paradigm slowly began to make sense of it all.

We have all seen stereotypical, dystopian end-of-the-world scenes of desolation and disaster: the most haunting visions are those of empty highways devoid of people and traffic. We all somehow know that this is not the world in which we want to live. Fortunately, the traffic on the Internet carries - with the increasing volume of participants and their resources - an increasingly high density of "URL embeddedness." I connect my data to yours and you connect yours to mine - already two points of access and reference exist for readers everywhere. Of course, this has profound implications for the emerging issue of network document copyright legislation. When the very act of browsing precipitates a file transfer, the tabulation of these transfers should not be construed as having any immediate commodity value for the purpose of consumption, use or gratification.

Clearly, a metaphor that attempts to encompass both a community and its resources will supersede a metaphor that seeks only to extend transit. This is the claim to universality made by those trading documents using the URL resource-labeling system. For those who have experienced hot-text and clickable fields, the seamlessness can be utterly amazing. Where Gutenberg's press introduced the medium of movable type, the World-Wide Web begins to plug more than molten lead into the spaces that will connect our worlds together.


Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.

Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue