The SurfSafety.com news letter is *never* sent unsolicited.  You
or someone using your e-mail address has joined our mailing list.
If you feel you have received this news letter in error or wish
to unsubscribe reliable means are provided at the bottom.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you appreciate the contents of this news letter why not forward
it to everyone you know?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In this issue:

	General announcements
1.	MS Outlook e-mail virus alert / Editorial comments

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you have any news you would like to share with others on this
list, or would like to submit a guest article, you may send them
for review and possible inclusion at   mailto:news@surfsafety.com.
"A tale from the trenches" and "Golden nugget" will be regular
features of this news letter to which you can also submit articles
for consideration.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
General announcements
=====================

This is a special issue of the surfsafety.com news letter.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MS Outlook e-mail virus alert.

Any who know me and/or have subscribed to this news letter for any
length of time know that I am often outspoken in my criticism of
Microsoft.  My wife, the stabilizing factor in my life, often asks
me "Do you think it's a good idea to be so openly critical of
Microsoft?"  to which I usually reply with something like "Do you
think the Justice Department is too openly critical of Microsoft?"

But I digress.  After examining Outlook Express and being generally
impressed with it, my position was beginning to soften.

There had been some e-mail virus outbreaks associated with a
security hole between Outlook or Outlook Express and early
releases of Office 97.  Infection became widespread in a matter
of only days.  But, okay.  So what?  It was apparently harmless,
cleared up fairly quickly and was already becoming a faint memory.
It required that the victim open an attached document and, once
everyone knew what to look for, was fairly easy to spot ahead of
time and avoid infection.

And so, I let my guard down.  And so, I was actually ready to say
something nice about Microsoft.  And then came "Bubbleboy."
Another e-mail virus first reported to Network Associates, authors
of McAfee VirusScan and a product I highly endorse, on 11/8/99.
It exploits a VBS security hole between Outlook or Outlook Express
and the new Windows 98/2000 operating systems.  This one is likely
to spread even more quickly and be harder to head off because it
does not require that you open an attachment file.  Instead, all
you have to do is open the e-mail!  And, in the case of Outlook
Express, you need only view it in the Preview Pane to activate the
virus.  Very dangerous!  Very sloppy programming from Microsoft.
Once the virus activates, the next time you restart Windows or log
on another user, it sends itself to EVERY contact in EVERY Outlook
address book on that computer, in the background, without your
knowledge!

Not only this, but Microsoft admits this virus can also infect
users by simply browsing a web page with Internet Explorer 4.0
or 5.0 running on Windows.  Isn't that special?

Granted, Microsoft has again responded quickly and a security
patch is available for immediate download, but how many of you
really care to be concerned about nonsense like this?  How much
time before Microsoft's carelessness with new software releases
really hurts someone?  Is it any wonder, then, that I still use
Windows 95 as my primary operating system?  That I still use
Office 95?  That I continue to err on the side of caution?  That
I am so outspoken in my criticism of Microsoft?  When is the last
time you have seen competing products, or operating systems like
those used on the MAC, similarly affected?

Knock on wood, I have yet to fall victim to any of Microsoft's
carelessly written code due in large part, I think, because I
refuse to buy ANYTHING new from Microsoft until I know for sure
the wrinkles are out, regardless of the reported benefits.  Next
to the competition, it is generally mediocre product made for a
consuming public that they have lulled into accepting mediocre
product.  I am as guilty of this as anyone else, and to migrate
to anything else has, until only recently, been cost prohibitive.

We have all become much too comfortable with Microsoft and the
smoothly spoken words of it's chairman, Bill Gates.  They built
their brand and lulled us into trusting that brand.  They have
used this to their benefit and our detriment.  In rulings issued
recently by the Justice Department, it would seem that my concerns
are well founded.  And, while final action against Microsoft is
probably still years away, the face of computing as we know it is
about to change.  The day of reckoning for Microsoft is coming.
We all need to prepare for that.

New software companies formerly squashed or swallowed up by
Microsoft will arise.  Newer, faster, more stable and easier to
use operating systems in the home and at work.  A level playing
field on which Microsoft must compete instead of muscling out the
competition.

This issue of computer security and vulnerability to outside attack
is a serious one.  Many who dismiss it lightly often receive rude
awakenings when they least expect it and when they can least afford
it.  Microsoft's nonchalant attitude towards the welfare of the
consumer is, in my opinion, very alarming.

I can't tell you what to do but I CAN tell you what *I* intend to
do.  I intend to migrate away from Microsoft as much as possible,
starting right now.  Not overnight, but very methodically.
Products are already surfacing which will allow this to take place
seamlessly and painlessly.  Most notable among them, for me, is
something called VMware.  A Virtual Machine layer installed on a
computer or server allowing the running of multiple operating
systems SIMULTANEOUSLY on the same machine.  As software developers
port their products to other platforms like Linux, users are able
to migrate to it installed on the other platform without any of the
former drawbacks.

Even more importantly, each operating system on a given machine
using VMware is completely encapsulated.  This means a virus could
crash a copy of Windows on a given machine while allowing the other
operating systems, including other copies of Windows, to continue
without skipping a single beat.

My general advise regarding Microsoft products?  Be prepared.

Change is coming.  Change is good.  :)

===================================================================

The Microsoft patch is available at
http://www.microsoft.com/security/Bulletins/ms99-032.asp
Be warned.  This is a VERY busy site right now.  Keep trying.

McAfee's VirusScan update for Bubbleboy is slated for release
11/18/99 at http://vil.nai.com/vil/vbs10418.asp

===================================================================


Be informed.
Be involved.
And be well.

Most sincerely,
Mark Brasche
Owner, New England Webmasters
Author, Child Safety-Net