It looks like there are some security problems with Microsoft IIS and Site Server relating to some Web-based site management applications that ship with the server. These programs, whcih allow you to do things like remotely view the source code of your ASP pages over the Web, have security holes that can enable users to view the contents of any file on the server. These problems are interesting for two reasons; one is that they’re really similar to the recently exposed security hole with Cold Fusion that allowed malicious users to attack Web sites through the example programs that are installed with the Cold Fusion documentation. The second is that problems with these particular ASP programs are nothing new. A quick Web search on the name of one of the affected IIS programs (viewcode.asp) returned a security alert from over a year ago describing a denial of service attack that could be launched by abusing the program.
Metrowerks is phasing out support for the venerable teaching language Pascal, much to the dismay of some Macintosh developers. Interestingly, the GNU Pascal compiler project seems to have been under way for quite some time; maybe the project will take off as one of the last two major commercial Pascal products is dying off (there’s still Borland’s Delphi). Of course, some people never liked Pascal anyway.
PC Week Labs issues its verdict on Windows 2000, Beta 3. My one sentence synopsis: things aren’t looking too good (at least on the server side).
I love the history of computer science, so I find things like this interview with Ken Thompson (the creator of Unix) to be wonderful. My favorite Ken Thompson story appears in the New Hacker’s Dictionary entry for back door.