technology

Lovely – Microsoft will let companies create ad-filled desktop themes

From Jeff Bertolucci’s “Windows 7 Ads: Microsoft Tarts Up the Desktop” (PC World: 13 November 2009):

Microsoft has announced plans to peddle Windows 7 desktop space to advertisers, who’ll create Windows UI themes–customized backgrounds, audio clips, and other elements–that highlight their brand, Computerworld reports. In fact, some advertiser themes are already available in the Windows 7 Personalization Gallery, including desktop pitches for soft drinks (Coca-Cola, Pepsi), autos (Ducati, Ferrari, Infiniti), and big-budget Hollywood blockbusters (Avatar).

The advertiser themes are different, however, in that they won’t be foisted on unsuspecting users. Rather, you’ll have to download and install the ad pitch yourself. As a result, I doubt many Windows 7 users will gripe about ad themes. Hey, if you’re a Preparation H fan, why not devote the desktop to your favorite ointment?

Linux Phrasebook in Russian

My book, Linux Phrasebook, which is still selling well & still just as useful today as when it came out in 2006 (& will be for another decade or two, given how consistent the Linux command line is), has been translated into Russian. You can find it at this Russian website, where I found out that it’s translated title is Linux Карманный справочник, which looks pretty cool. The other cool thing I found out from going to the page is how to display my name in Russian: Скотт Граннеман.

COBOL is much more widely used than you might think

From Darryl Taft’s “Enterprise Applications: 20 Things You Might Not Know About COBOL (as the Language Turns 50)” (eWeek: September 2009). http://www.eweek.com/c/a/Enterprise-Applications/20-Things-You-Might-Not-Know-About-COBOL-As-the-Language-Turns-50-103943/?kc=EWKNLBOE09252009FEA1. Accessed 25 September 2009.

Five billion lines of new COBOL are developed every year.

More than 80 percent of all daily business transactions are processed in COBOL.

More than 70 percent of all worldwide business data is stored on a mainframe.

More than 70 percent of mission-critical applications are in COBOL.

More than 310 billion lines of software are in use today and more than 200 billion lines are COBOL (65 percent of the total software).

There are 200 times more COBOL transactions per day than Google searches worldwide.

An estimated 2 million people are currently working in COBOL in one form or another.

Apple’s role in technology

Image representing iPhone as depicted in Crunc...
Image via CrunchBase

From Doc Searls’s “The Most Personal Device” (Linux Journal: 1 March 2009):

My friend Keith Hopper made an interesting observation recently. He said one of Apple’s roles in the world is finding categories where progress is logjammed, and opening things up by coming out with a single solution that takes care of everything, from the bottom to the top. Apple did it with graphical computing, with .mp3 players, with on-line music sales and now with smartphones. In each case, it opens up whole new territories that can then be settled and expanded by other products, services and companies. Yes, it’s closed and controlling and the rest of it. But what matters is the new markets that open up.

Huck Finn caged

From Nicholas Carr’s “Sivilized” (Rough Type: 27 June 2009):

Michael Chabon, in an elegiac essay in the new edition of the New York Review of Books, rues the loss of the “Wilderness of Childhood” – the unparented, unfenced, only partially mapped territory that was once the scene of youth.

Huck Finn, now fully under the thumb of Miss Watson and the Widow Douglas, spends his unscheduled time wandering the fabricated landscapes of World of Warcraft, seeking adventure.

Famous “Laws” of Business & Technology

These come from a variety of sources; just Google the law to find out more about it.

Parkinson’s Law

“Work expands so as to fill the time available for its completion.”

Source: Cyril Northcote Parkinson in The Economist (1955)

The Peter Principle

“In a hierarchy every employee tends to rise to his level of incompetence.”

Source: Dr. Laurence J. Peter and Raymond Hull in The Peter Principle (1968)

The Dilbert Principle

“Leadership is nature’s way of removing morons from the productive flow.”

Source: Scott Adams’ Dilbert (February 5, 1995)

Hofstadter’s Law

“It always takes longer than you expect, even when you take into account Hofstadter’s Law.”

Source: Douglas Hofstadter’s Gödel, Escher, Bach: An Eternal Golden Braid (1979)

Amara’s Law

“We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.”

Source: Roy Amara.

Brooks’ Law

Adding manpower to a late software project makes it later.

Source: Fred Brooks’ The Mythical Man-Month (1975)

Clarke’s 3 Laws

  1. First law: When a distinguished but elderly scientist states that something is possible, he is almost certainly right. When he states that something is impossible, he is very probably wrong.
  2. Second law: The only way of discovering the limits of the possible is to venture a little way past them into the impossible.
  3. Third law: Any sufficiently advanced technology is indistinguishable from magic.

Source: Arthur C. Clarke’s “Hazards of Prophecy: The Failure of Imagination” in Profiles of the Future (1962)

Conway’s Law

“Any piece of software reflects the organizational structure that produced it.”

Source: Melvin Conway (1968)

Gall’s Law

“A complex system that works is invariably found to have evolved from a simple system that worked. The inverse proposition also appears to be true: A complex system designed from scratch never works and cannot be made to work.”

Source: John Gall’s Systemantics: How Systems Really Work and How They Fail (1978)

Godwin’s Law

“As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one.”

Source: Mike Godwin (1990)

Hanlon’s Razor

“Never attribute to malice that which can be adequately explained by stupidity.”

Herblock’s Law

“If it’s good, they’ll stop making it.”

Source: Herbert Lawrence Block

Kranzberg’s 6 Laws of Technology

  1. Technology is neither good nor bad; nor is it neutral.
  2. Invention is the mother of necessity.
  3. Technology comes in packages, big and small.
  4. Although technology might be a prime element in many public issues, nontechnical factors take precedence in technology-policy decisions.
  5. All history is relevant, but the history of technology is the most relevant.
  6. Technology is a very human activity – and so is the history of technology.

Source: Melvin Kranzberg’s “Kranzberg’s Laws” Technology and Culture, Vol. 27, No. 3 (1986): 544-560

Linus’s Law

“Given enough eyeballs, all bugs are shallow.”

Source: Linus Torvalds

Schneier’s Law

“Any person can invent a security system so clever that she or he can’t think of how to break it.”

Source: Cory Doctorow’s “Microsoft Research DRM talk” (17 June 2004)

Sturgeon’s Revelation

“90 percent of everything is crap.”

Source: Theodore Sturgeon (1951)

Wirth’s Law

“Software is getting slower more rapidly than hardware becomes faster.”

Source: Niklaus Wirth (1995)

Zawinski’s Law

“Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.”

Source: Jamie Zawinski

Granneman’s Law of Operating System Usage

“To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it. ”

Source: Scott Granneman’s “Linux vs. Windows Viruses” in SecurityFocus (10 February 2003)

Meeting expectations, no matter how silly, in design

From Operator No. 9’s “That decorating touch” (Interactive Week: 24 April 2000): 100:

Intel AnyPoint Wireless:

Dan Sweeney, general manager of Intel’s Home Networking division, says that when the company showed consumer focus groups the AnyPoint Wireless home networking system …, people became very confused, because there wasn’t a visible antenna. The desktop version of the wireless adapter — about the size of a deck of cards — has an antenna hidden inside it. ‘They looked at it and said, “That’s not a radio!”‘ Sweeney says. So Intel’s industrial designers added a tiny little plastic tip on top of the unit that is supposed to resemble an antenna. It actually looks — and I’m sure this was not intended by the designers — kind of like the type of hat klansmen or maybe religious leaders — bishops? vicars? — wear. Then again, maybe I just need to get out more often.

A better alternative to text CAPTCHAs

From Rich Gossweiler, Maryam Kamvar, & Shumeet Baluja’s “What’s Up CAPTCHA?: A CAPTCHA Based On Image Orientation” (Google: 20-24 April 2009):

There are several classes of images which can be successfully oriented by computers. Some objects, such as faces, cars, pedestrians, sky, grass etc.

Many images, however, are difficult for computers to orient. For example, indoor scenes have variations in lighting sources, and abstract and close-up images provide the greatest challenge to both computers and people, often because no clear anchor points or lighting sources exist.

The average performance on outdoor photographs, architecture photographs and typical tourist type photographs was significantly higher than the performance on abstract photographs, close-ups and backgrounds. When an analysis of the features used to make the discriminations was done, it was found that the edge features play a significant role.

It is important not to simply select random images for this task. There are many cues which can quickly reveal the upright orientation of an image to automated systems; these images must be filtered out. For example, if typical vacation or snapshot photos are used, automated rotation accuracies can be in the 90% range. The existence of any of the cues in the presented images will severely limit the effectiveness of the approach. Three common cues are listed below:

1. Text: Usually the predominant orientation of text in an image reveals the upright orientation of an image.

2. Faces and People: Most photographs are taken with the face(s) / people upright in the image.

3. Blue skies, green grass, and beige sand: These are all revealing clues, and are present in many travel/tourist photographs found on the web. Extending this beyond color, in general, the sky often has few texture/edges in comparison to the ground. Additional cues found important in human tests include "grass", "trees", "cars", "water" and "clouds".

Second, due to sometimes warped objects, lack of shading and lighting cues, and often unrealistic colors, cartoons also make ideal candidates. … Finally, although we did not alter the content of the image, it may be possible to simply alter the color- mapping, overall lighting curves, and hue/saturation levels to reveal images that appear unnatural but remain recognizable to people.

To normalize the shape and size of the images, we scaled each image to a 180×180 pixel square and we then applied a circular mask to remove the image corners.

We have created a system that has sufficiently high human- success rates and sufficiently low computer-success rates. When using three images, the rotational CAPTCHA system results in an 84% human success metric, and a .009% bot-success metric (assuming random guessing). These metrics are based on two variables: the number of images we require a user to rotate and the size of the acceptable error window (the degrees from upright which we still consider to be upright). Predictably, as the number of images shown becomes greater, the probability of correctly solving them decreases. However, as the error window increases, the probability of correctly solving them increases. The system which results in an 84% human success rate and .009% bot success rate asks the user to rotate three images, each within 16° of upright (8-degrees on either side of upright).

A CAPTCHA system which displayed ≥ 3 images with a ≤ 16-degree error window would achieve a guess success rate of less than 1 in 10,000, a standard acceptable computer success rates for CAPTCHAs.

In our experiments, users moved a slider to rotate the image to its upright position. On small display devices such as a mobile phone, they could directly manipulate the image using a touch screen, as seen in Figure 12, or can rotate it via button presses.

Steve Jobs on mediocrity & market share

From Steven Levy’s “OK, Mac, Make a Wish: Apple’s ‘computer for the rest of us’ is, insanely, 20” (Newsweek: 2 February 2004):

If that’s so, then why is the Mac market share, even after Apple’s recent revival, sputtering at a measly 5 percent? Jobs has a theory about that, too. Once a company devises a great product, he says, it has a monopoly in that realm, and concentrates less on innovation than protecting its turf. “The Mac user interface was a 10-year monopoly,” says Jobs. “Who ended up running the company? Sales guys. At the critical juncture in the late ’80s, when they should have gone for market share, they went for profits. They made obscene profits for several years. And their products became mediocre. And then their monopoly ended with Windows 95. They behaved like a monopoly, and it came back to bite them, which always happens.”

Microsoft Exchange is expensive

From Joel Snyder’s “Exchange: Should I stay or should I go?” (Network World: 9 March 2009):

There are many ways to buy Exchange, depending on how many users you need, but the short answer is that none of them cost less than about $75 per user and can run up to $140 per user for the bundles that include Exchange and Windows Server and user licenses for both of those as well as Forefront, Microsoft’s antispam/antivirus service. …

If you really want to make a case for cost, you could also claim that Exchange requires a $90 Outlook license for each user, a Windows XP or Vista license for each user, and more expensive hardware than a similar open source platform might require.

More on Google’s server farms

From Joel Hruska’s “The Beast unveiled: inside a Google server” (Ars Technica: 2 April 2009):

Each Google server is hooked to an independent 12V battery to keep the units running in the event of a power outage. Data centers themselves are built and housed in shipping containers (we’ve seen Sun pushing this trend as well), a practice that went into effect after the brownouts of 2005. Each container holds a total of 1,160 servers and can theoretically draw up to 250kW. Those numbers might seem a bit high for a data center optimized for energy efficiency—it breaks down to around 216W per system—but there are added cooling costs to be considered in any type of server deployment. These sorts of units were built for parking under trees (or at sea, per Google’s patent application).

By using individual batteries hooked to each server (instead of a UPS), the company is able to use the available energy much more efficiently (99.9 percent efficiency vs. 92-95 percent efficiency for a typical battery) and the rack-mounted servers are 2U with 8 DIMM slots. Ironically, for a company talking about power efficiency, the server box in question is scarcely a power sipper. The GA-9IVDP is a custom-built motherboard—I couldn’t find any information about it in Gigabyte’s website—but online research and a scan of Gigabyte’s similarly named products implies that this is a Socket 604 dual-Xeon board running dual Nocono (Prescott) P4 processors.

Google’s server farm revealed

From Nicholas Carr’s “Google lifts its skirts” (Rough Type: 2 April 2009):

I was particularly surprised to learn that Google rented all its data-center space until 2005, when it built its first center. That implies that The Dalles, Oregon, plant (shown in the photo above) was the company’s first official data smelter. Each of Google’s containers holds 1,160 servers, and the facility’s original server building had 45 containers, which means that it probably was running a total of around 52,000 servers. Since The Dalles plant has three server buildings, that means – and here I’m drawing a speculative conclusion – that it might be running around 150,000 servers altogether.

Here are some more details, from Rich Miller’s report:

The Google facility features a “container hanger” filled with 45 containers, with some housed on a second-story balcony. Each shipping container can hold up to 1,160 servers, and uses 250 kilowatts of power, giving the container a power density of more than 780 watts per square foot. Google’s design allows the containers to operate at a temperature of 81 degrees in the hot aisle. Those specs are seen in some advanced designs today, but were rare indeed in 2005 when the facility was built.

Google’s design focused on “power above, water below,” according to [Jimmy] Clidaras, and the racks are actually suspended from the ceiling of the container. The below-floor cooling is pumped into the hot aisle through a raised floor, passes through the racks and is returned via a plenum behind the racks. The cooling fans are variable speed and tightly managed, allowing the fans to run at the lowest speed required to cool the rack at that moment …

[Urs] Holzle said today that Google opted for containers from the start, beginning its prototype work in 2003. At the time, Google housed all of its servers in third-party data centers. “Once we saw that the commercial data center market was going to dry up, it was a natural step to ask whether we should build one,” said Holzle.

Vista & Mac OS X security features

From Prince McLean’s “Pwn2Own contest winner: Macs are safer than Windows” (AppleInsider: 26 March 2009):

Once it did arrive, Vista introduced sophisticated new measures to make it more difficult for malicious crackers to inject code.

One is support for the CPU’s NX bit, which allows a process to mark certain areas of memory as “Non-eXecutable” so the CPU will not run any code stored there. This is referred to as “executable space protection,” and helps to prevent malicious code from being surreptitiously loaded into a program’s data storage and subsequently executed to gain access to the same privileges as the program itself, an exploit known as a “buffer overflow attack.”

A second security practice of Vista is “address space layout randomization” or ASLR, which is used to load executables, and the system libraries, heap, and stack into a randomly assigned location within the address space, making it far more difficult for crackers to know where to find vulnerabilities they can attack, even if they know what the bugs are and how to exploit them.

[Charlie Miller, the security expert who won both this and last year’s CanSecWest Pwn2Own security contests,] told Tom’s Hardware “the NX bit is very powerful. When used properly, it ensures that user-supplied code cannot be executed in the process during exploitation. Researchers (and hackers) have struggled with ways around this protection. ASLR is also very tough to defeat. This is the way the process randomizes the location of code in a process. Between these two hurdles, no one knows how to execute arbitrary code in Firefox or IE 8 in Vista right now. For the record, Leopard has neither of these features, at least implemented effectively. In the exploit I won Pwn2Own with, I knew right where my shellcode was located and I knew it would execute on the heap for me.”

While Apple did implement some support for NX and ASLR in Mac OS X, Leopard retains dyld, (the dynamic loader responsible for loading all of the frameworks, dylibs, and bundles needed by a process) in the same known location, making it relatively trivial to bypass its ASLR. This is slated to change later this year in Snow Leopard.

With the much larger address space available to 64-bit binaries, Snow Leopard’s ASLR will make it possible to hide the location of loaded code like a needle in a haystack, thwarting the efforts of malicious attackers to maintain predictable targets for controlling the code and data loaded into memory. Without knowing what addresses to target, the “vast majority of these exploits will fail,” another security expert who has also won a high profile Mac cracking contest explained to AppleInsider.

Facebook & the Dunbar number

From The Economist‘s “Primates on Facebook” (26 February 2009):

Robin Dunbar, an anthropologist who now works at Oxford University, concluded that the cognitive power of the brain limits the size of the social network that an individual of any given species can develop. Extrapolating from the brain sizes and social networks of apes, Dr Dunbar suggested that the size of the human brain allows stable networks of about 148. Rounded to 150, this has become famous as “the Dunbar number”.

Many institutions, from neolithic villages to the maniples of the Roman army, seem to be organised around the Dunbar number. Because everybody knows everybody else, such groups can run with a minimum of bureaucracy. But that does not prove Dr Dunbar’s hypothesis is correct, and other anthropologists, such as Russell Bernard and Peter Killworth, have come up with estimates of almost double the Dunbar number for the upper limit of human groups. Moreover, sociologists also distinguish between a person’s wider network, as described by the Dunbar number or something similar, and his social “core”. Peter Marsden, of Harvard University, found that Americans, even if they socialise a lot, tend to have only a handful of individuals with whom they “can discuss important matters”. A subsequent study found, to widespread concern, that this number is on a downward trend.

The rise of online social networks, with their troves of data, might shed some light on these matters. So The Economist asked Cameron Marlow, the “in-house sociologist” at Facebook, to crunch some numbers. Dr Marlow found that the average number of “friends” in a Facebook network is 120, consistent with Dr Dunbar’s hypothesis, and that women tend to have somewhat more than men. But the range is large, and some people have networks numbering more than 500, so the hypothesis cannot yet be regarded as proven.

What also struck Dr Marlow, however, was that the number of people on an individual’s friend list with whom he (or she) frequently interacts is remarkably small and stable. The more “active” or intimate the interaction, the smaller and more stable the group.

Thus an average man—one with 120 friends—generally responds to the postings of only seven of those friends by leaving comments on the posting individual’s photos, status messages or “wall”. An average woman is slightly more sociable, responding to ten. When it comes to two-way communication such as e-mails or chats, the average man interacts with only four people and the average woman with six. Among those Facebook users with 500 friends, these numbers are somewhat higher, but not hugely so. Men leave comments for 17 friends, women for 26. Men communicate with ten, women with 16.

What mainly goes up, therefore, is not the core network but the number of casual contacts that people track more passively. …

Put differently, people who are members of online social networks are not so much “networking” as they are “broadcasting their lives to an outer tier of acquaintances who aren’t necessarily inside the Dunbar circle,” says Lee Rainie, the director of the Pew Internet & American Life Project, a polling organisation.

New Zealand’s new copyright law

From Mark Gibbs’ “New Zealand gets insane copyright law” (Network World: 20 February 2009):

A law was recently passed in New Zealand that has created what many consider to be the world’s harshest copyright enforcement law. This insanity, found in Sections 92A and C of New Zealand’s Copyright Amendment Act 2008 establishes – and I am not making this up – a guilt upon accusation principle!

Yep, you read that right. This means that anyone accused of “copyright infringement” will get his Internet connection cut off; and treated as guilty until proven innocent.

And if that weren’t enough, this crazy legislation defines anyone providing Internet access as an ISP and makes them responsible for monitoring and cutting off Internet access for anyone who uses their services and is accused of copyright violations. Thus libraries, schools, coffee shops, cafes – anyone offering any kind of Internet access – will be considered ISPs and become responsible and potentially liable.

Chemically remove bad memories

From Nicholas Carr’s “Remembering to forget” (Rough Type: 22 October 2008):

Slowly but surely, scientists are getting closer to developing a drug that will allow people to eliminate unpleasant memories. The new issue of Neuron features a report from a group of Chinese scientists who were able to use a chemical – the protein alpha-CaM kinase II – to successfully erase memories from the minds of mice. The memory losses, report the authors, are “not caused by disrupting the retrieval access to the stored information but are, rather, due to the active erasure of the stored memories.” The erasure, moreover, “is highly restricted to the memory being retrieved while leaving other memories intact. Therefore, our study reveals a molecular genetic paradigm through which a given memory, such as new or old fear memory, can be rapidly and specifically erased in a controlled and inducible manner in the brain.”

One can think of a whole range of applications, from the therapeutic to the cosmetic to the political.

Conficker creating a new gargantuan botneth

From Asavin Wattanajantra’s “Windows worm could create the ‘world’s biggest botnet’” (IT PRO: 19 January 2009):

The Downadup or “Conficker” worm has increased to over nine million infections over the weekend – increasing from 2.4 million in a four-day period, according to F-Secure.

The worm has password cracking capabilities, which is often successful because company passwords sometimes match a predefined password list that the worm carries.

Corporate networks around the world have already been infected by the network worm, which is particularly hard to eradicate as it is able to evolve – making use of a long list of websites – by downloading another version of itself.

Rik Ferguson, solution architect at Trend Micro, told IT PRO that the worm was very difficult to block for security companies as they had to make sure that they blocked every single one of the hundreds of domains that it could download from.

Ferguson said that the worm was creating a staggering amount of infections, even if just the most conservative infection estimates are taken into account. He said: “What’s particularly interesting about this worm is that it is the first hybrid with old school worm infection capabilities and command and control infrastructure.”