Instant Messaging systems inch towards interoperability…

Interesting news:

“After years of mudslinging, Microsoft, America Online and Yahoo on Thursday made a surprising overture toward peace in the instant-messaging wars.

The companies announced that later this year Microsoft’s Live Communications Server (LCS), which offers instant messaging for corporate users, will connect with AOL Instant Messenger, Yahoo Messenger and its own MSN Messenger.

However, the three public IM clients will still not connect with one another for public users. Instead, it means corporations that use LCS will allow employees to chat with the Big Three public IM services as well.”

Hmmm… Two things missing from this report. First, this cosying-up represents not so much an outbreak of common sense among bitter rivals as a pre-emptive move against Reuters’s plans to create an interoperable IM system for financial services professionals. And second, the deadly implications of this for malware dissemination. Viruses spread by IM make email infection rates look like slow motion. One of the anti-virus companies (can’t remember which just now) has done a simulation model of malware propagation via IM. It’s a scary prospect.

The Butler Report in a nutshell

For those too busy to read the Butler Report in its entirety, Memex is pleased to offer this one-sentence summary: Blair & Co did cook the books in order to build a case — now known to be spurious — for invading Iraq, but there were mitigating circumstances. Now back to work!

The perils of Internet Explorer

From today’s edition of Good Morning, Silicon Valley:

“In 1997, Microsoft’s Charles Fitzgerald, bristling over complaints about vulnerabilities in Internet Explorer’s active scripting functionality, told a group of Web application developers that if they wanted security on the Internet, they should unplug their computers. But what he really should have told them to unplug was IE, because seven years later Active X is still inherently flawed. In an advisory posted to its Web site Tuesday morning, security outfit Secunia announced four new potential security flaws in IE’s active scripting functionality, all of them rated ‘extremely critical.’  News of the new vulnerabilities, coming as it does on the heels of last week’s IE security cockup, is more bad news for Microsoft and one more good reason to switch to a browser other than IE or, at the very least, disable Active X.  ‘I think that the Internet security issues are so poorly handled that only particular forms of insanity would suggest that it has ever made sense to allow client-side scripting,’ said Joseph Newcomer, a security consultant and founder of FlounderCraft Ltd., in Pittsburgh. ‘[ActiveX] is a no-brainer. It is so wonderful for staging attacks. I would no more allow this than a Manhattan resident would consider leaving their apartment unlocked.'”

Interestingly, IE’s market share seems to have dropped for the first time since 1998. The drop is tiny — just 1.32 percentage points — but still… I haven’t used the product since 1999, except when it’s been the only browser available in Internet cafes..

How green was my valley

The kids and I went to Donegal for a few days recently. Driving from Carrick to Ardara, we came on this valley, got out of the car on the top, and walked down towards the sea. It was a truly magical place, and we only saw one other car for the whole afternoon.

Arguments against Linux…

… are the same kind of arguments one might use against Longhorn. Ingenious article by Charlie Demerjian in which he first sets out the arguments Microsoft uses to dissuade CIOs from switching to Linux. Then he does a search-and-replace on the piece, substituting ‘Longhorn’ for ‘Linux’ and — guess what — the same arguments look plausible. Lovely rhetorical trick. Conclusion: “Pay now, and get off the gerbil wheel, or pay later, and stay on it. Your choice.”

Thanks for Dave Hill for the link.

New Naughtons

In response to popular demand, here are portraits of the two new residents who have taken over my study, thereby rendering it totally unsuitable for any kind of reflective or creative work.

This is Zoombini, who is nice but dim.

And this is her sister, Tilly, who is shaping up nicely as an inventive scamp.

Memoirs of a fast-food virgin

Morgan Spurlock decided to eat only McDonald’s food for 30 days. The result? An award-winning film and a very bad liver. My Observer colleague Tim Adams repeated the experiment in Britain, but after seven days of burgers and shakes his body told him to stop. His sobering account is here. I wasn’t entirely surprised by Spurlock’s experience over a whole month. But the thought that even a week’s exposure to McCrap could do perceptible damage comes as a bit of a shock.

Cultural revolution

There’s a very thoughtful piece in yesterday’s Guardian by Larry Elliott, the paper’s economics editor. In it, he explores the question of why the IT ‘revolution’ hasn’t spawned the kind of cultural upheaval which accompanied the first and second industrial revolutions. “The question is”, he writes, “whether there has been much creativity, and if not why not. Perhaps it was just a fluke that past periods of structural economic change coincided with revolutionary movements in the arts. Perhaps the old forms — the novel, the symphony and so on — have been pushed as far as they can be”.

One possibity he considers is what one might call the Robert Gordon Hypothesis. Gordon is the economist who has argued that the so-called ‘IT revolution’ is pretty tame stuff compared with the upheavals caused by steam, electricity, motor and air transport, movies, radio and indoor plumbing.

This may be right, but there is another possibility, namely that Elliott is looking on too short a time span.

Suppose, for example, that the Web turns out to be as radical a transformation in our communications ecology as the invention of printing. As a mass phenomenon, the Web is now 11 years old. Gutenberg’s first bible was printed in 1455 in the German city of Mainz.

Now try this thought experiment: it’s 1466 and you are a MORI pollster standing with your clipboard on a street, doing an opinion survey on the town’s residents.

Q1: Who is Johannes Gutenberg? Is he
(a) a butcher,
(b) a baker,
(c) a candlestick maker or
(d) a printer?
[Eh? What’s a ‘printer’?]

Q2. Which of the following effects do you think printing by moveable type will have?
(a) Undermining of the authority of the Catholic Church
(b) The rise of Protestantism?
(c) The emergence of ‘science’
(d) The Romantic Movement
(e) The redefinition of ‘childhood’ as a period in life before young people become regarded as ‘adults’. Tick all that apply.

You get the point. the invention of printing had all of these world-transforming effects, and more. But eleven years into the revolution, nobody could have foreseen them. My feeling is that the same may apply to the revolution that is underway now. The ground is shifting under our feet, but we cannot see it. The cultural impact of the IT revolution, in other words, will be visible only in retrospect.

After Munich, what? Paris perhaps

Last year the city of Munich famously snubbed Microsoft and plumped for open source software when upgrading its 14,000-PC system. Last week, the French government announced that it was moving many of its installations to Linux. And now it seems that the Paris city administration is thinking about doing the same.

What’s going on? It would be nice to think that public officials across the world are waking up to the perilous lock-in implicit in continuing to use Microsoft software. But it might just be that they’ve cynically twigged that the best way to squeeze whopping discounts from Redmond is to threaten a move to Linux. Thoughtful article about all this in IT.director.com. Excerpt:

“It is interesting to note in all of this that the Linux battle has become political in a major way. National and local governments across the world (the list is long and includes China, Japan, Brazil and much of Europe) have got the Linux bug, for three reasons. The first is that they think that they are paying too much for software, particularly desktop software. The second is that they believe that Open Source will do more to stimulate the local software industry than the purchase of proprietary software from a US provider. The third is that Windows poor security record has cost Microsoft a good deal of credibility. Microsoft can say what it likes about the fact that Linux suffers security breaches too, but the fact is that the expensive worms are the Windows worms.

Paris has yet to make a decision, but the simple fact that it is contemplating the Linux desktop indicates the inroads that Linux on the desktop is now making. The Linux momentum is growing and the Linux market share will inevitably grow with it. This is all a self-feeding phenomenon. The more success it has, the more that Novell, Red Hat and the rest will invest in improving usability and the greater the number of vendors that will see Linux as the platform of opportunity.”

The monoculture debate

The question of whether a Microsoft-based monoculture makes the world more vulnerable to catastrophic failure is interesting and complex. Following on his earlier essay on the subject, Ed Felten has published an excellent report of the debate at USENIX last week between Dan Geer and Microsoft’s Scott Charney. Here’s the gist:

“Geer went first, making his case for the dangers of monoculture. He relied heavily on an analogy to biology, arguing that just as genetic diversity helps a population resist predators and epidemics, diversity in operating systems would help the population of computers resist security attacks. The bio metaphor has some power, but I thought Geer relied on it too heavily, and that he would have been better off talking more about computers.

Charney went second, and he made two main arguments. First, he said that we already have more diversity than most people think, even within the world of Windows. Second, he said that the remedy that Geer suggests — adding a modest level of additional diversity, say adopting two major PC operating systems with a 50/50 market share split — would do little good. The bad guys would just learn how to carry out cross-platform attacks; or perhaps they wouldn’t even bother with that, since an attack can take the whole network offline without penetrating a large fraction of machines. (For example, the Slammer attack caused great dislocation despite affecting less than 0.2% of machines on the net.) The bottom line, Charney said, is that increasing diversity would be very expensive but would provide little benefit.”