Mosaic 1.0 anniversary coming up next week
And News.COM is publishing a nice series leading up to the anniversary itself (which is on April 22). Mosaic was the program which triggered the explosive growth of the Web. It was the most infuriating program ever written — because it promised (and sometimes delivered) wonderful things; but at the same time it often crashed for inexplicable reasons and required a system reboot.
Incredible picture: London by night
Thanks to Karlin Lillington for this. What’s amazing about it is how ‘organic’ the light pattern is.
Sauce for the goose, sauce for the gander…
Larry Lessig finds two articles in The Hindu [India’s leading English-language newspaper] indicating the interesting world we’ve entered in the Bushie era. “In the first, India’s Union Minister for Civil Aviation says that the doctrine of ‘pre-emptive war’ (relied upon by the United States to justify its war in Iraq) should be used to justify a war against Pakistan to counter its allegged support for ‘terrorism.’ In the second article, Pakistan says that there is ‘ample proof that India possesses biological, chemical and other weapons of mass destruction’ and of the ‘massacre of innocent civilians in Ahmedabad and Kashmir’ and therefore is a fit case for ‘pre-emptive strike’. ”
The Microsoft stealth tax
I had to order four new PCs for a project last week, and went to a local firm which builds systems to order. When I got their quote for the job I realised something that I should have twigged years ago: the hardware is now the cheap bit. 21% of the cost of the ‘raw’ machine (i.e. just with an OS installed) goes to Microsoft. If you add in the cost of the Office suite, 55% of the total cost of the system constitutes the Microsoft ‘tax’. I wrote a column about it. Lots of feedback already from astonished business folk.
Why was I so surprised? Probably because I was conditioned by my early experience of computing 30 years ago, when hardware was expensive….
Snail-mail spamming
Amazing — and scary –account in Bruce Schneier’s Newsletter about how you could bury someone’s house in physical junk mail. Quote:
“In December 2002, the notorious “spam king” Alan Ralsky gave an interview. Aside from his usual comments that antagonized spam-hating e-mail users, he mentioned his new home in West Bloomfield, Michigan. The interview was posted on Slashdot, and some enterprising reader found his address in some database. Egging each other on, the Slashdot readership subscribed him to thousands of catalogs, mailing lists, information requests, etc. The results were devastating: within weeks he was getting hundreds of pounds of junk mail per day and was unable to find his real mail amongst the deluge.
Ironic, definitely. But more interesting is the related paper by security researchers Simon Byers, Avi Rubin and Dave Kormann, who have demonstrated how to automate this attack.
If you type the following search string into Google — “request catalog name address city state zip” — you’ll get links to over 250,000 (the exact number varies) Web forms where you can type in your information and receive a catalog in the mail. Or, if you follow where this is going, you can type in the information of anyone you want. If you’re a little bit clever with Perl (or any other scripting language), you can write a script that will automatically harvest the pages and fill in someone’s information on all 250,000 forms. You’ll have to do some parsing of the forms, but it’s not too difficult. (There are actually a few more problems to solve. For example, the search engines normally don’t return more than 1,000 actual hits per query.) When you’re done, voila! It’s Slashdot’s attack, fully automated and dutifully executed by the U.S. Postal Service.
If this were just a nasty way to harass people you don’t like, it wouldn’t be worth writing about. What’s interesting about this attack is that it exploits the boundary between cyberspace and the real world. The reason spamming normally doesn’t work with physical mail is that sending a piece of mail costs money, and it’s just too expensive to bury someone’s house in mail. Subscribing someone to magazines and signing them up for embarrassing catalogs is an old trick, but it has limitations because it’s physically difficult to do it on a large scale. But this attack exploits the automation properties of the Internet, the Web availability of catalog request forms, and the paper world of the Post Office and catalog mailings. All the pieces are required for the attack to work.
And there’s no easy defense. Companies want to make it easy for someone to request a catalog. If the attacker used an anonymous connection to launch his attack — one of the zillions of open wireless networks would be a good choice — I don’t see how he would ever get caught. Even worse, it could take years for the victim to get his name off all of the mailing lists — if he ever could….”.
Photoshop isn’t killing photo shops after all
According to the NYT, the inexorable rise of digital photography may not wipe out the traditional photo retailer after all. And this is not just because consumers buy their digital gizmos from photo retailers, but because many of them find the business of editing and printing digital pictures just too fiddly. So they bring in their cameras and get the pics printed in store. It’s a bit early to say for sure, but maybe Jessops have a future after all…