Welcome to the City Desk. Find out about the underbelly of a good city gone bad. From the inside of a bottle. See an object lesson in honesty. And the political fault-lines it tattoos on a journalist whose birth certificate has already expired. Paranoids have enemies too As though to prove Henry Kissinger's infamous dictum that "even paranoids have enemies," Microsoft Corporation has, in recent days, been plagued by serious bugs in its Internet Explorer 3.0 web browser. We aren't talking about slight flaws in the user interface. We're talking security holes you could drive a truck through. Without patches, which are issued almost daily, unscrupulous hackers can take advantage of the flaws in the browser to send electronic mail under your name, wreak havoc on your computer, even withdraw money from your bank account. War has rules Although the gaping exit wounds of loyal customers are glibbly dismissed as "undocumented features" by Friends of Bill (no, not Lincoln Bedroom Bill -- the other one) they do suggest remarkably sloppy engineering. And sloppiness has no place in warfare. As any city boss will tell you, sheeplike citizens tolerate malevolent monopolies only as long as the trains run on time. Domination does require a minimal level of competence. Drop below that line and expect a coup. History repeats itself Below is a short list of major flaws found in Microsoft Internet Explorer this year. January 28, 1997 Members of the Chaos Computer Club in Hamburg, Germany, use Internet Explorer ActiveX controls to break into bank accounts on "ARD-Magazin," the German equivalent of "60 Minutes." Source: Chaos Computer Club e.V. February 27, 1997 Paul Greene at Worcester Polytechnic Institute in Worcester, Massachussetts, discovers a bug in Internet Explorer 3.01 that allows hackers to use .LNK and .URL files to run programs on a remote computer. Known as "WPI Bug" and "IE Bug No. 1." Source: Worcester Polytechnic Institute March 6, 1997 David Ross at the University of Maryland in College Park, Maryland, discovers a bug in Internet Explorer 3.0 that enables icons embedded within web pages to run remote applications without warning. Known as "UMD Bug" and "IE Bug No. 2." Source: University of Maryland March 7, 1997 Chris Rioux and Tim Machinta at the Massachusetts Institute of Technology discover a bug in Internet Explorer 3.01 that enables malicious web pages to download and run any program on remote hard drives, which means users of Internet Explorer 3.01 can have their hard drives completely deleted, private information stolen, or their computers infected with viruses merely by looking at a web page. Known as "MIT Bug" and "IE Bug No. 3." Source: Masachusetts Institute of Technology March 14, 1997 Aaron Spengler at the University of Washington discovers a bug in Internet Explorer 3.0 and 3.01 for Windows NT that enables malicious web pages to collect Microsoft Network usernames and passwords of visitors through modified SMB servers. Known as "IE Bug No. 4." Source: Electrical Engineering, University of Washington March 14, 1997 Paul Ashton of Eigen Solutions Ltd. discovers a bug in Internet Explorer 3.0 and 3.01 for Windows NT that enables malicious web pages to collect Microsoft Network usernames of visitors through NTML challenges. Known as "IE Bug No. 5." Source: Evolution March 17, 1997 Steve Birnbaum of Netmedia in Israel discovers a bug in Internet Explorer 3.0 and 3.01 for Windows 95 that enables malicious web pages to use SMB authentication to record Microsoft Network usernames and passwords of visitors through modified SMB servers. Known as "IE Bug No. 6." Source: Network Security Consortium So where do you want to go today?