WINDING DOWN
An idiosyncratic look at, and comment on, the week's net and technology news
by Alan Lenton
Well, first the bad news. I will be out of town the week after next, so there will be no Winding Down on Sunday 1st June. Cue sounds of wailing and gnashing of teeth among the readership (actually, I've always wondered how you can both wail and gnash your teeth at the same time). Fear not, though, there will be an edition next week, even though it's a holiday here, and Winding Down will be back on Sunday 8th June!
I note that Microsoft are blaming computer makers for the problems with installing Windows XP Service Pack 3. Presumably they expect the makers to issue their customers with new hardware that Service Pack 3 will run on...
I also spotted the story that HP - a well known computer maker - are planning to cough up a cool US$12.6 billion for software and outsourcing giant EDS. The deal will be completed later this year. That's presumably so that HP private detectives have time to report on their spying on the members of EDS's board and any journalists the board associate with :)
OK - lets go...
Analysis: The Numbers Game
According to a study by anti-virus firm PC Tools, Windows Vista is less secure than Windows 2000. On the other hand it's supposedly more secure than Windows XP. The figures are based on malware scans of 1.4m PCs over a period of six months, which turned up 639 threats per 1,000 PCs running Vista, 1,021 per 1,000 for XP and a mere 586 per 1,000 for Windows 2000 (Win2K).
Simon Clausen, PC Tools chief executive, when reporting the results made the point that Vista is supposed to be Microsoft's most secure version of Windows to date, but that it is less secure than Win2K and 'only' 37% more secure than XP.
The real question is what do the figures collected by PC tools mean? I'm not so sure that this reflects quite as badly on either XP or Vista as it first appears. In absolute terms, yes the figures do indicate that Win2K has less known vulnerabilities than Vista, which in turn has less known vulnerabilities than XP. However, it's not possible to draw conclusions from these figures about how good the built-in security is for each type of machine. There are two other sets of factors, each with their own figures that need to be taken into account.
The first is that each of the operating systems is at a different stage of its life cycle - roughly speaking, eight years for Win2K, six years for XP and one year for Vista. Studies have shown that the defects found (and fixed) in software are related to the time in which it has been in use. This indicates that the number of problems fixed should be greatest for Win2K, and least for Vista. In that sense, Vista's performance vis-a-vis XP starts to look much better, and the fact that Win2K - on the market eight time longer - has less problems, unsurprising.
The other thing that needs to be taken into account is the relative shares of the market for each of the three versions of Windows. I can't find any specific figures for Win2K, but I doubt if there are all that many machines left running it. The Wikipedia (sharp intake of breath) suggests that as of the end of 2006 there were 400 million XP machines in use, and Microsoft claim 140 million for Vista by April 2008. PC tools have, quite correctly, normalised their figures so that the defects are stated per 1,000 computers. Is this good enough?
I would argue not.
Why? Because the figures represent not just the number of known defects with each operating system, but also a second thing - the number of programs written to exploit those defects. Look at it from a hacker's point of view. Which operating system would you write hacks against - one that has 400 million chances of working, or one that has on a third of that number? I think it's fair to say that most would try to maximise their chances. Add to that the fact that most hackers would also tend to be more familiar with XP than the arriviste - Vista.
So, the question is, does the statement made by PC Tools that Microsoft's claims for Vista's enhanced security stand up to closer inspection? I think not. As my maths teacher would have pointed out the figures are comparing apples to pears, and they are not comparable.
I find this sort of sloppiness very irritating. Regular readers will know that I am anything but a fan of Microsoft. There are plenty of crass things Microsoft has done that it deserves pillorying over. This isn't one of them. Clearly there are lies, damn lies, statistics, and numbers from PC Tools!
http://www.theregister.co.uk/2008/05/09/win_malware_survey/
Shorts:
Do you live near Silicon Valley? Then get yourself down to the Computer History Museum in Mountain View, California, because they have a replica of Babbage's Difference Engine No. 2 on display. There are only two of these replicas in existence, the other is in London's Science Museum. Considered to be the first known example of an automatic computation machine, it has 8,000 moving parts made of steel, bronze, iron, and wood. It weighs several tons and is capable of cranking out (literally, it is hand cranked!) seventh order polynomials at the rate of one per six seconds.
The machine, which was constructed from Babbage's original plans, was never built during Babbage's life time because of technical and financial problems. The replica took several years to build, and it really does work. It will be on display at the Museum for a year, make sure you don't miss it!
http://www.theregister.co.uk/2008/05/12/babbage_difference_engine_museum/
There's been a lot of controversy over the 'One Laptop Per Child' (OLPC) project recently, especially with the announcement that a version running Windows XP will soon be available. I have my own views on the whole project, which aren't very favourable, and I've not really covered it, because I felt I should give it a chance. Earlier this week, though, I came across a piece written by former OLPC project security director Ivan Krstic. It makes sad reading, but I would suggest that anyone with an interest in OLPC should take a look. (For those not familiar with the terminology, the 'Sugar' technology he refers to is the windowing interface used by OLPC.)
http://radian.org/notebook/sic-transit-gloria-laptopi
I see that Tim Berners-Lee, co-inventor of the Web, has just received an award from the Knight News Challenge contest to do research into how you identify the origin and source of digital content. I wish him good luck, since this is a hot issue right now, and one of the most contentious on the net. It is necessary so that users can gain an idea of the accuracy of their information (think Wikipedia), but at the same time there is a good case to be made for anonymity. I don't doubt that the privacy advocates will be homing in on this one very, very soon. Seconds away, round one!
http://update.techweb.com/cgi-bin4/DM/y/eBJBO0HiOOq0G4T0F33u0Ey
Fancy working in the computer games industry? Judging by the number of people who ask me how to get into it, lots of people do. It sounds so sexy and glamorous, doesn't it? Well just remember the hours are long, the pay is substantially less that what you would be paid outside, and there are plenty of teenagers queuing round the block to take your job if you complain...
Actually, it's not as bad as it was, but it's still not brilliant. Nonetheless, I'd guess that few who work in the industry have much of a family life, it's for foot-loose single young people. A few years ago an Electronic Arts spouse wrote an open letter that laid bare the exploitation. The resulting furore resulted in some improvements, especially in the big US studios - the project managers stopped factoring weeks of unpaid overtime into their project plans, for instance, but much of the pressure remains.
So, if you really, really, really still want to go into games development, first take a look at this recent 'quality of life' article on Gamasutra. I thought it was pretty fair analysis of where the industry is at this point in time.
http://inside.gamasutra.com/cgi-bin4/DM/y/eBJAs0GGlIM0Sin0F3bf0Eo
Ever wondered how the experts get data back off a badly crashed disk drive? Most of the companies involved are pretty secretive about the process, but just occasionally it's possible to get a glimpse. Geek.com has one such piece, complete with pictures of the technicians dressed in protective outfits, looking suitably sinister :)
http://www.geek.com/drivesavers-breathes-life-into-a-dead-drive/
I was pleased to note that MySpace were awarded US$230 million against a couple of notorious spammers. It's unlikely that MySpace will ever be able to collect, but the amount is enough to deter most would be spammers. Not all, most criminals hold firm beliefs that they won't be the ones that get caught (and in this case they are probably correct). However, it will deter some people from entering in the business in the first place, which is better than nothing.
http://www.physorg.com/news129961228.html
Identity theft in Chile looks set to soar in the near future. An unidentified hacker cracked various government sites, and posted the personal details of six million Chileans on the Internet. The Chilean police are 'investigating', but, of course the damage is done. This sort of thing seems to be getting more common - first the UK loses personal identity data on half its population, then last week the Italian government posted the tax details of every working Italian online, now this. Who will be next, I wonder?
http://www.theregister.co.uk/2008/05/12/massive_data_security_breach_chile/
A year or two ago there were stories about how printer ink was drop for drop more expensive than vintage Krugg champaigne. Here's another little nugget about massive exploitation of customers - it's at least four times more expensive to text a message from your phone than it is to download data from the Hubble Space Telescope! Difficult to believe, isn't it, but the figures produced by Nigel Bannister, a space scientist based at the UK's Leicester University, seem to stack up. Sounds to me like a nice little earner for the mobile phone operators.
http://www.physorg.com/news129793047.html
Sigh. Borland finally sold off its compiler division to database tools company Embarcadero for a paltry US23 million. On the other hand Embarcadero couldn't screw up any worse than Borland management over the years. I have a soft spot for Borland's C++ Builder - I still use 5.5 for some applications, though I'm steadily transferring them to Qt now.
While Borland's management are not the only ones to have snatched defeat from the jaws of victory, they are dead ringers for being the original pointy haired bosses. In the nineties they used all their capital to go head-to-head with Microsoft's Office suite and lost badly, neglecting their core software tools business while they did so. They've been limping along ever since.
I'll wait and see what comes out of this sale...
http://cwflyris.computerworld.com/t/3230343/121542021/113735/0/
Finally, since I'm running out of space, I'd like to draw reader's attention to an article in Network World about the 'Great Firewall' of China. This is an interview with James Fallows, national correspondent for 'The Atlantic Monthly'. Fallows experienced the 'firewall' first hand while reporting from China, and talked to China's citizens about what they though of their government's Internet censorship.
We in the west tend to bristle at the mention of the sort of censorship practiced by the Chinese government, but the truth seems more subtle and complex, if the interview is anything to judge by. I'd thoroughly recommend a read of this piece by anyone who wants to grasp what things really look like from the inside. Fascinating.
http://www.networkworld.com/news/2008/051208-china-internet.html
Recent Reading:
Rites of Peace by Adam Zamoyski; Harper Perennial
At a time when most history seems to consist of unconnected trivia suitable only for pub quizzes, it's a relief to find a book by an author who sees history as a process. The book is a study of the Congress of Vienna at the end of the Napoleonic Wars. The Congress was one of the most important gatherings of the 19th century, and it set the tone for 'big power' politics for the next hundred years. The way in which it carved up Europe between the victors and losers without consideration for the wishes of the populations also set the parameters for the two World Wars in the 20th century.
But Zamoyski doesn't just deal with the 'dry' politics - he also deals with the social event that was also the Congress of Vienna. Judging from his description and the quotes from reports in the archives of the Austrian police, many of the main participants spent far more time with their assorted mistresses than trying to sort out the problems caused by the Napoleonic wars.
Even before I read this book I always thought that Talleyrand was the consummate politician of the 19th Century. Having read what he achieved in defending France's interests at the congress, I now appreciate just how brilliant he was. No wonder that when he eventually died, most of the people at his funeral were there to make sure he really was dead, with no chance of coming back!
An excellent read.
Scanner: Other Stories
"Back To My Mac" catches a thief
http://www.nytimes.com/2008/05/10/nyregion/10laptop.html
Student invents alternative to silicon chip
http://www.physorg.com/news129903497.html
UK government still sending out passwords and discs together
http://www.theregister.co.uk/2008/05/09/dwp_discs_passwords/
Personal Carbon Trading - the database that never was
http://www.kablenet.com/kd.nsf/Frontpage/BEEEAD84E4124F3380257444003BE34F!
OpenDocument
HP says it will buy EDS for about US$12.6 billion
http://www.physorg.com/news129885093.html
Microsoft vies for budget laptop market with XP price cuts
http://arstechnica.com/news.ars/post/20080511-microsoft-vies-for-budget-laptop-
market-with-xp-price-cuts.html
Microsoft slams OEMs over XP SP3 install cock-up
http://www.channelregister.co.uk/2008/05/13/xp_sp3_microsoft_blames_oems/
Acknowledgements
Thanks to readers Barb, Fi and Slashdot's daily newsletter for drawing my attention to material used in this issue.
Please send suggestions for stories to alan@ibgames.com and include the words Winding Down in the subject line, unless you want your deathless prose gobbled up by my voracious Spamato spam filter...
Alan Lenton
alan@ibgames.com
18 May 2008
Alan Lenton is an on-line games designer, programmer and sociologist. His web site is at http://www.ibgames.net/alan.
Past issues of Winding Down can be found at http://www.ibgames.net/alan/winding/index.html
|