Date: Sat, 10 Nov 2001 19:43:15 -0500
Reply-To: TOURBUS-Request@LISTSERV.AOL.COM
Sender: The Internet TourBus - A virtual tour of cyberspace
Comments: Resent-From: crispen@netsquirrel.com
Comments: Originally-From: Patrick Douglas Crispen
From: Patrick Douglas Crispen
Subject: TOURBUS -- 10 NOV 01 -- COOKIE SECURITY HOLE / YAHOO TV
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
----------------------------------------------------------------------
TOURBUS Volume 7, Number 31 -- 10 Nov 2001
----------------------------------------------------------------------
_________ ____________ ________ __________ _____________ ___ _
/ | / | | / | \
| READY TO START YOUR HOLIDAY SHOPPING? / | \
|__________|__________/__________|__________|___________/_____| \
/ |----\
| Let Amazing-Bargains.com help you save money! Hundreds of |////|
| coupons for over 100 of the top Online Stores. Keep track |////|
| of current online sales in one convenient place. And don't |////|
| miss our newsletters for Bargain hunters: Daily, Weekly, |////|
| or Hot Alerts. Check out some Amazing Bargains now! |////|
| |////|
| CLICK! |////|
\_______________________________________________________________|____|
/ \ / \ / \
\___/ \___/ T h e I n t e r n e t T o u r B u s \___/
SIX YEARS of Searchable Archives at http://www.TOURBUS.com !!
TODAY'S TOURBUS STOP(S):
Cookie Security Hole / Yahoo TV / Veterans Day
TODAY'S TOURBUS ADDRESS(ES):
Yep. We've got some addresses.
Howdy, y'all, and greetings from beautiful Irvine, California, the
Marshmallow Peeps capital of central Orange County. :)
TOURBUS is made possible by the kind support of our sponsors. PLEASE
take a moment to thank each of our sponsors for keeping our little bus
of Internet happiness on the road week after week.
+------------ *FREE* *FREE* *FREE* INKJET CARTRIDGES! ------------+
Buy 1, Get 1 FREE on all cartridges for your Epson, Canon, HP, or
Lexmark printer! 100% Guaranteed Quality - Secure Ordering - Fast
Service! Free shipping on orders over $25! Call 1-877-290-0687
or visit our web site and check out all our new low prices!
CLICK HERE
+-------------------------------------------------------------------+
+----------------------- XPerience LINUX! ------------------------+
Learn Linux now with Bob Rankin's NO B.S. GUIDE TO LINUX. The
FREE CD with this book has Red Hat Linux, tons of freeware, Apache
web server and cool Linux games. You'll find valuable new job
skills in 350 plain English pages -- no geekspeak or technobabble.
NEWYORK NEWSDAY says: "The most accessible guide to getting started
with Linux... Covers basic knowhow in a lighthearted style." Cover
price is $34.95 but TOURBUS readers get a 20% discount. Order your
copy today and get delivery anywhere in the world. Learn more about
the book, read sample chapters, order online and save $7 now!
CLICK HERE
+-------------------------------------------------------------------+
On with the show ...
--------------------
Cookie Security Hole
--------------------
Okay. I give up. For about six years I have told everyone that there
isn't much to fear about cookies, information that Web sites put on
your hard drive so that the sites can remember something about you at
a later time. According to SearchSecurity.com,
Cookies are commonly used to rotate the banner ads that a site
sends so that it doesn't keep sending the same ad as it sends you
a succession of requested pages. They can also be used to
customize pages for you based on your browser type or other
information you may have provided the Web site. Web users must
agree to let cookies be saved for them, but, in general, it helps
Web sites to serve users better.
You can read SearchSecurity.com's complete cookie definition at
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci211838,00.html
.
Cookies sound pretty innocuous, don't they?
Well, our friends at Microsoft announced on Wednesday that
A vulnerability exists because it is possible to craft a URL that
can allow sites to gain unauthorized access to user's cookies and
potentially modify the values contained in them. Because some
web sites store sensitive information in a user's cookies, it is
also possible that personal information could be exposed.
In other words, if you use a Web site that requires a userid and a
password -- like an online bank, an online stock broker, a Web-based
email program, and so on -- and that userid and password is stored on
your computer in the form of a cookie, it is conceivable that some
nefarious bozo could access that cookie on your hard drive and then
wreak all sorts of havoc. Not good.
From what I can gather,
1. This cookie vulnerability exists in Internet Explorer 5.5 and
6.0, and possibly in earlier versions of Internet Explorer as
well.
2. I *THINK* this vulnerability only affects Windows users who
also use Internet Explorer -- in other words, it does *NOT*
affect Mac or Linux users, or PC users who use Netscape
instead of IE -- but I am not certain.
3. Microsoft doesn't have a patch for this vulnerability yet, but
they are working on it. [I'll give you the URL and
installation directions for the patch in an upcoming TOURBUS
post.]
4. There is a pretty simple way for you to protect your computer
from this vulnerability: temporarily disable active scripting
in Internet Explorer 5.5 or 6.0 until the patch is available.
How do you disable active scripting in Internet Explorer 5.5 and 6.0?
Easy!
1. Launch Internet Explorer.
2. Go to Tools --> Internet Options.
3. Click on the "Security" tab.
4. Click on the "Custom Level..." button.
5. Scroll down to the "Scripting" section (the section's icon is
a scroll in the shape of the letter "S").
6. Under "Active Scripting," choose "Disable."
7. Under "Scripting of Java applets," also choose "Disable."
8. Click on the "OK" button.
9. Click on the "OK" button again.
That should do it.
By the way, if you want to read Microsoft's complete "Cookie Data in
IE Can Be Exposed or Altered Through Script Injection" security
bulletin, check out
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bull
etin/MS01-055.asp
.
And, as I promised earlier, I'll give you the URL and installation
directions for Microsoft's patch as soon as it is available. Heck, I
may even tell you how to turn on active scripting again. :P
--------
Yahoo TV
--------
First, the bad news: this next site only works in the United States.
Sorry. :(
The good news is that if you want to see what is going to be on
television tonight and don't want to buy a copy of TV Guide at your
local grocery store or thumb through the TV listings booklet that
comes with your Sunday newspaper, our friends at Yahoo have a
*WONDERFUL*, free, Local TV Listings site at
http://tv.yahoo.com/ .
I've visited a *BUNCH* of different TV listings sites over the past
couple of months, but Yahoo's is hands-down my favorite (with
http://www.zap2it.com/ coming in a close second, losing only because
zap2it's pages are wider than 800 pixels -- GRRR! -- and they take
*WAY* too long to load).
Here is how Yahoo's Local TV Listings site works. Click on "Local
Listings" on the left side of the page. This takes you to the "Select
Lineup" page at
http://tv.yahoo.com/grid?lineup=&.intl=us
Key in your local zip code and click on the overly anxious "Go!"
button. This takes you to a custom page that, weather and squirrels
permitting, lets you choose between:
1. Cable listings - choose your cable company from the drop-down
list;
2. Local listings - if you don't see your cable company in the
cable listings, choose the metropolitan area nearest you;
3. Satellite listings - choose your satellite provider and time
zone from the drop-down list;
4. Time zone listings - I have no idea what this option does.
You can almost always find an appropriate lineup somewhere in
the first three choices.
The Select Lineup page also lets you enter a new zip code if so
choose.
Anyway, choose the listings that you want and then click on the "Go!"
button. If everything is working properly, up pops a three hour grid
showing you your ENTIRE local TV listings.
Oh, and you can bookmark this page too so that you can come straight
back to your schedule any time you want. The schedule automatically
updates with the correct date and time every time you view it.
Neat, huh?
The only thing I don't particularly like about Yahoo's TV listings is
that their days start at 6:00 A.M. instead of at Midnight. So a 3:00
A.M. Sunday morning show appears on *SATURDAY'S* schedule instead of
on Sunday's. This can get kind of confusing until you ask yourself
one simple question: WHAT ON EARTH ARE YOU DOING WATCHING TV AT
*THREE* IN THE MORNING?!
Anyway, if you want to see what's going to be on TV tonight, Yahoo's
free Local TV Listings site is a great place to discover what you
already know: there is NOTHING on TV tonight! :P
------------
Veterans Day
------------
Our final stop of the day is a quick one, but only because President
Bush already told the world about it a few days ago.
With both Veterans Day (November 11) and National Veterans Awareness
Week (November 11 - 17) upon us, educators looking for classroom
information about Veterans Day should check out
http://www.va.gov/vetsday/index.cfm .
This page has links to the Department of Veterans Affairs' 2001
Veterans Day Teacher's Guide (a free PDF file) as well as to other
educational resources.
That's it for this week. Have a safe and happy weekend -- happy
Veterans Day! -- and we'll talk again soon!
TODAY'S TOURBUS STOP(S):
Cookie Security Hole / Yahoo TV / Veterans Day
TODAY'S TOURBUS ADDRESS(ES):
Yep. We've got some addresses.
---------------------------------
TODAY'S SOUTHERN WORD OF THE WEEK
---------------------------------
BRATS (Noun). High beam headlights.
Usage: "Turn off yur brats, Bubba! You's blindin' me!"
[Special thanks to Shaun Koch for today's wurd]
You can find all of the old Southern Words of the day at
http://netsquirrel.com/crispen/word.html
=====================[ Tourbus Rider Information ]===================
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
Copyright 1995-2001, Crispen & Rankin - All rights reserved
Help the hungry, poor and sick - for free! http://FreeDonation.com
Subscribe, Signoff, Archives, Free Stuff and More at the
Tourbus Website - http://www.TOURBUS.com
=====================================================================
.~~~. ))
(\__/) .' ) )) Patrick Douglas Crispen
/o o \/ .~
{o_, \ { crispen@netsquirrel.com
/ , , ) \ http://www.netsquirrel.com/
`~ '-' \ } )) AOL Instant Messenger: Squirrel2K
_( ( )_.'
'---..{____} Warning: squirrels.
