Slashdot Mirror

??? writes "It would appear that the Mercury is retracting its earlier story posted here. In a recently posted story, both the Chinese government and Microsoft deny the veracity of the story. The interviewed Chinese government spokesperson did however indicate that they are encouraging the use of domestically produced software. " Some of the Reuters stories seem to indicate that China has banned Win2k in critical government/infrastructure situations - but I can't find confirmation.

This week's "main" interview guest is L0pht Heavy Industries as a group. (We hope to have answers from Linux International head Jon "maddog" Hall tomorrow). Many insightful questions for the L0pht guys were posted Monday. Today, lots of insightful answers on everything from political controls on the Internet to hardware hacking. (Click below to read.)

1) Which do you consider more dangerous
by Gleef
Which do you consider more dangerous to personal liberties on the Internet, national governments or multinational corporations, and why?

L0pht
While both Governments and multinational corporations are detrimental to personal liberties on the Internet, one must not overlook the greatest danger of them all. The uninformed citizen. In democracies, this is problematic, where governmental policy typically follows public opinion. In the case of the Internet, one will find that most citizens of the world are willing to give up personal liberties in exchange for perceived safety and piece-of-mind. For the safety of the children, is cited commonly.

Many people believe that anonymous access to the Internet is criminal behavior. Government would like you to think privacy is an "anti-social" behavior. You should have nothing to hide, should you? You wouldn't be reading up on the consecration of explosives, looking up security holes in various operating systems, or possibly downloading the latest crypto software, would you? Only terrorists do that.

Governments are lobbied by uninformed citizens, or citizens which are easily manipulated and swayed by various groups across the gambit of our modern civilization. Multinational corporations have their hand in the fray by funding these groups or by participation in Associations which provide counsel to government officials on technical matters. Often recommending legislation which will better the profit taking over the sanctity of "personal liberties."

Multinational corporations are problematic in that they operate in a proprietary world. Often outside parties will scrutinize the technological fabric of a communciations service being provided. Should a flaw be found, and published, the corporation claims that the flaw itself is detrimental to the service being provided and litigation is dispatched on the party disclosing the flaw. This has been the case in the Cellular communications venue. Cloning a cellular telephone was a real thorn in the side of the Cellular Industry. They took their gripes to the US Government. The CTIA and their ilk successfully swayed Washington to pass legislation to combat the cellular fraud. Result: A portion of the radio spectrum was made _forbidden_ to reception. Possession of an eprom programmer, a computer, and a cellular telephone became a crime. Meanwhile, the cellular network REMAINS open to eavsdropping. Money is power, and with power comes influence. However, in the end it was the Government, sucking up to industry, which passed the law.

Law Enforcement and Intelligence gathering communities dwell within the governmental domain. Both are lobbying lawmakers to pass laws to give them greater powers to combat crime in this high tech world. Surveillance is paramount. They will convince the lawmakers that without the keys to all communications, a bomb may be set outside Parliment or Congress or .

The government pursuades the people, the people pursuade the government. Who planted the seed first? Those who understand the technology are too busy working on the next cool widget. Meanwhile the technological world rushes toward a global dictatorship and the populace embraces it under the guise of security.

2) The net: strip mall or unlimted human potential?
by garagekubrick
The halcyon days of the net are gone. With ubiquity - the underground vanishes. Is it well on its way, with people like the CEO of Amazon being worshipped by the mainstream press, to becoming an enormous cyber strip mall, marketing tool, PR exercise in control of perception...

Or is there still an underground? Does it still have a potential to be the one true medium with liberation? Will governments and coroporations end up controlling it? Cause they are winning small, important victories relentlessly...

L0pht
The Internet has changed dramatically over the last year or two and with it the underground has also changed. Back in the good ole days (1995+6) every web site was underground, hell the entire internet was underground.

As the web increasingly encroaches onto the mainstream and large portal and corporate sites take over feeding you only the information they want you to see, the underground will evolve and change and morph to suit its surroundings.

There is definitely still an underground. In some aspects it is a lot larger than it used to be and in others it seems to be much much smaller. I think labeling the underground as 'the one true medium with liberation' is laying it on a little thick. The internet underground has been nothing but the exploration for knowledge, if you are looking to it to save mankind from itself your looking in the wrong place.

Governments are increasingly encroaching on personal liberties and freedoms of the average citizen, this is unfortunate. How much longer before the population as a hole realizes what is going on and says enough? Maybe they will never wake up. Will the governments eventually control the internet? Possibly. It is hard to tell but there will always be those who will resist that control and the underground will continue in one form or another.

While the web, as you put it, may become 'an enormous cyber strip mall' I can't help but think of the trash dumpsters behind that mall and what secrets they may hold.

3) Internet Worm II
by tilly
Several months ago I began predicting that someday someone would find a buffer overflow in the various Windows TCP-IP stacks and use it to write a worm that would bring down the Microsoft part of the Internet and cause so much traffic as to effectively shut down everything else. I further predict that until an event of this magnitude happens, the general public will not really learn the basic lessons about security that the *nix world was forced to learn from the first worm.

What are your thoughts on this prediction? (Timeline, reasonableness, etc.)

L0pht:
I believe your prediction is right on track. However, I don't feel that an Internet Worm II is necessary to teach Microsoft, its customers, or its vendors, about security. There are three ways to implement a security model, the slow way, the fast way, and the right way. The slow way involves making a bunch of little mistakes and fixing them over time as you find them, correcting your policies and implementations. The fast way involves having a major disaster occur, after which the faulty parts of the system are completely torn apart and reimplemented. In practice, the slow way often leads to the fast way.

Which brings us to the right way: To design software with a security policy in mind, and with extra caution, care, and expenditure during the implementation. OpenBSD's model of proactive security measures is a classic example of 'the job done right'. Retroactively applied security measures are a recipe for disaster.

Rant off.

As for when Microsoft is going to learn about these things, they'll first have to learn that 'bigger isn't necessarily better'. They need to stop believing their own FUD before they can actually make change over there. When I read things like the article at http://www.microsoft.com/ntserver/nts/news/msnw/LinuxMyths.asp, particularly the parts about Linux being less 'secure' than Windows NT, I'm appalled at the ridiculous 'facts' that are being used to back up their claims. For example, they claim that:

"Linux only provides access controls for files and directories. In contrast, every object in Windows NT, from files to operating system data structures, has an access control list and its use can be regulated as appropriate."

While this statement is true, they neglect to mention the fact that under a unix operating system, most things that correspond to Windows NT kernel objects, file, data structures, etc, are represented as files. Hence, the coverage of the security model for Linux is just as extensive, even more so, than Windows NT. This is a particularly bad statement, simply because it's not only incorrect, but the converse is true. Linux is more flexible in terms of permission management. Try setting the access controls on who can bind to a particular port under Windows NT, with the ease of chmod and portfs under Linux, and you'll fail miserably. And the list goes on.

(And as for 'access control lists', we've noticed that Windows can't seem to get the right default ACLs anyway, and that the complexity of managing them has outweighted the value of their 'flexibility'.)

As for your comments on the Windows NT TCP/IP stack being vulnerable to attack (possibly, who knows :P) and the possibility of a worm destroying Windows systems, the possibility is very real. And again, this possiblity is not unique to Windows. They're just a likely target at this point in time.

It would take a feat of dedication and great skill, but the possibility is there. My advice to anyone who's worried about this, is this: If you're going to use Windows NT, you should probably keep that firewall in place between those Windows service ports and the rest of the world. Microsoft loves to add services and open ports to your computer when you're not looking. And it's probably not going to be the IP stack, it'll probably be some goofy listening service, like anonymous share enumeration or something. Or maybe remote access to NetDDE. Or some authentication protocol that doesn't like large Netbios fields. Or possibly even some undocumented functionality in the named pipe filesystem used for RPC. Who knows. Personally, I'm not going to wait around to find out.

4)The Public's Perception of Hacking
by dmuth
First, I should probally preface this geek for several years, and love playing with technology, so I feel I am able to relate to the hacking community.

Anyway, my question is, how do you deal with the way the public (including the media) percieves "hackers"? I've seen some clueless people use the term to describe *anyone* who does anything with a computer that they find > objectionable. I've even heard the term applied to spammers!

Needless to say, the misue of the term makes my blood boil, because I feel a certain respect towards the real hackers, such as yourselves, because you guys do know what you're doing, unlike all of the script kiddies out that that either have the term applied by clueless reporters, or they use it on themselves.

So, I'd be interested in knowing how you cope with this sort of problem, as I've noticed this sort of perception of the hacking communtiy for some time.

L0pht:
The first thing you need to do is refer to yourself as a hacker and be prepared to educate the person you are talking to what you mean by that. It doesn't matter if you are talking to someone from the media, or the government, or the business world. People need to know the real meaning of hacking, its history, and what a positive thing it is.

A lot of the time we talk to the media just because we are afraid that if we don't there will be no one they talk to who will describe hacking in a positive light. No one to describe it as other than defacing web pages or breaking into .mil sites. This was one of the reasons we wanted to talk to MTV. We were afraid their story would be all about criminal hackers. If you saw the MTV show you saw that sometimes resistance against the media memes is futile. The show was 95% about illegal activity.

Yet the world of hackers is 95% non-criminal. Probably a better percentage of people behaving positively than most segments of society. It is a world of people exploring the edges of technology and building things. The crazy thing is the government is making more and more of that exploration illegal.

Reverse engineering security mechanisms is being considered a crime. Receiving digital radio signals is a crime. We can't let them wall off part of the world we inhabit from investigation.

Hackers have a positive role to play both as builders and critics of the digital world. Unless we speak up and refer to ourselves in that light we have only ourselves to blame. Everyone who can should educate. Its not easy changing perceptions. But sometimes a passionate personal explanation of what hacking means to you can make someone change their mind.

5)security of capability-based operating systems
by sethg
What do you think of capability-based systems, such as EROS? The folks who are working on these systems say they are fundamentally more secure (against both malicious code and heisenbugs) than Unix derivatives, Windows NT, and other ACL-based operating systems. Do you agree with this assessment? Do these systems have security weaknesses that Unix-like systems don't have?

L0pht:
It's nice to see work such as EROS comming out of DARPA funded projects. Capability-based systems are quite interesting. However, one must be quite careful when making statements such as the one that these systems are more fundamentally secure that others. One has to keep in mind that Windows NT made a similar claim. Was NT fundamentally more secure that Unix as was presented to the general public? Well, it did have a security model that Unix lacked and it's internals were much more akin to VMS which had various strengths that Unix lacked. Yet we all saw that the implementation is where it matters.

In reality the implementation is key. Things can look great on paper and be a real bear to implement (look at communism for example). Another key component that is often overlooked is the functionality. This is a double edged sword. If the system is not universal and generic enough in nature to exist in a plethora of environments then it is difficult, if not impossible, to gain wide scale acceptance and use. Of course, this notion is directly opposed to creating a secure operating system. If it has to work in a multitude of environments then it needs to be relatively open and flexible or else the skill set and support for integrating it into one specific environment is beyond most peoples abilities (ie it won't get used). Sun Microsystems ran in to this problem with older versions of SunOS (now retroactivly named Solaris 1.x) when they used to consistently ship with a '+' in /etc/hosts.equiv. After several years they received enough requests to take it out of the distribution for security reasons. Unfortunately, taking it out caused so many installations to not be "plug-n-play" that they promptly put it back in.

When I look at an operating system such as EROS the following pops out at me when thinking security (this should not be viewed as condemnation by any means).

. RTOS modeled.
Real Time Operating Systems can be very useful for directed applications but suffer in general use often times. In addition, certain security notions at extremely low levels of a system (ie hash signing memory blocks that are passed between processors or ASICS) incur overhead that is quite unwelcomed in most of the "general public's" acceptance in RTOS.

. Emulated POSIX and Unix environments
I love Unix. However, it's difficult for someone to maintain the claim that they are more secure than another operating system and then emulate it's behaviour. A good emulation is going to have the good and bad aspects on the security front or many things won't work.

. implementation from the ground up can be painful
Often times it is required. But heaven help the "vendor" that decides that in order to be their own maker they will do it from scratch without looking at the mistakes that others have made. We see it all too often that people decide to reinvent the wheel and foist square versions on people the first time around.

With all of that being said I believe that in the future, should people start to wake up and really appreciate the notion of security and privacy in a way that really influences the market... we will see more dedicated systems and fewer general purpose ones. In order to go that route projects such as EROS are invaluable.

6)Security Through...Unpredictability?
by Effugas
Would you agree that security and stability are but different sides of the same coin? In other words, a security exploit is truly nothing more than an expertly controlled failure?

If so, how much stock can we put into the "metadesign" of limiting the damage an exploit can create by attacking the ability of a failure to be controlled? Should operating systems incorporate such "unpredictability engines" when being run in a production, non-debugging manner? Or is such a design not worth pursuing, for various reasons?

L0pht:
You must be a kindred spirit :) We have been preaching the approach that most stability problems are security problems that have not been looked into enough for quite some time. By fixing security problems you enhance the stability.

Now, with that said, it is important to shoot for the pinultimate solution to problems and this ends up being a wonderful academic excercise (out of which great things come). Do we shun any notions that merely raise the bar instead of being the silver-bullet? No. Each elevation in design is a step in the right direction. It is apparent that we have many steps in front of us but this does not mean we should stop progressing until a magic cure is found.

Unpredictability in systems, such as loaders or interpreters that recurse random times to throw off "static" frame location and other mechanisms (ie canary values) etc. are some of the finer points that I see coming out of the security approach to implementations. Are they ready for production systems? It all depends upon what your production system must be capable of. In many cases the answer is yes. In some cases the answer is no.

7) Future of Hardware Hacking?
by Tackhead
Two questions (Well, three, really, but I'm a hardware geek, and I love trying to squeeze three things in the space of two):

A) Wireless.
Lots of folks have been asking today about the wireless network project. "Me too"; the page has been up for years, it's a fascinating and extremely powerful idea, but for those of us who aren't RF engineers...

> When do we get to see some hardware projects to build, or is it the case that -- due to regulatory restrictions on what can and cannot be transmitted on US airwaves -- work is being done independently on the notion of a secure wireless IP-based network but isn't being released so that those of us who aren't RF engineers can't gum up the works by screwing things up before it's ready? :-)

L0pht:
The Gnet project has been in progress for many years now. Mainly the problem had been lack of funds, but now time allocation and lack of dedicated participants hold back expansion.

There is a lot of interest, but no one seems to be willing to put up the nodes. There are 2 sites currently on the network. One at l0pht and one at a residence. This has been the state of the network for the past 2 years. Unfortunately no one with enough initiative in either state has been found to setup other nodes. There has been interest in other states but the long haul capability has yet to be worked out. Encrypted tunneling over the Internet may help span the network over long distances. Once the fabric of the network expands, landlines could be replaced with wireless links/nodes.

High-density, low-power networks sound great in theory, but until the interest level rises above its present state, the cellular structure will remain the dominant topology.

To get the network off the ground, we have been trying to go the Amateur radio route. Going this route does have its drawbacks. Encryption is forbidden, however compression is not. I have been running ssh in compression-only mode for years. The initial ssh authentication is allowed under FCC guidelines, as long as the communications is not encrypted, you are within the rules.

The move off the Amateur frequencies will be made once the cost of National Information Infrastructue (NII) part-15 devices drop under $500 dollars for a pair of nodes. These devices fall operate in the 5Ghz frequency range. The breakdown is as follows:

• 200 milliwatts EIRP (5.15-5.25 GHz) - indoor
• 1 watt EIRP (5.25-5.35 GHz) - inter-campus/neighborhood
• 4 watts EIRP (5.725-5.825 GHz) - Point-to-point, few miles, terrain permitting.

Other devices which are useable in the project are ISM band Part-15 devices which operate in the 900Mhz and 2.3Ghz frequency range, and dwell in the Wireless lan arena. Wavelan(Roamabout) http://www.wavelan.com, and rooftop networks (just purchased by Nokia) among others, players in the 900Mhz and 2.3Ghz arena. Older wavelan equipment can be found by searching auction sites and used equipment dealers. Early wavelan 2Mbps/sec ISA/PCMCIA cards can be found for ~$125.00 US Dollars. The problem with these cards is they don't conform to the IEEE 802.11 Wireless Ethernet specification. This is one inherent problem with building the network out of old equipment. It becomes costly to replace eqiupment once the entropy ball starts rolling.

The path to build custom equipment is equally as challenging. For example, the TAPR (Tucson Amateur Packet Radio) group has been in the forefront of Amateur packet radio for the past 15 years. While they have an established base of dedicated users, they continue to have problems developing new hardware. They have been prototyping a Frequency Hopping Spread Spectrum (FHSS) system for 3 years now, with still a protoype just passing a design review. Hopefully this project will come to fruition soon!

Some very talented folks over in Slovenia have developed some BPSK transceivers and a no IF SSB transceiver which will work on 1296, 2304 and 5760MHz. None are in kit form but the schematics, theory, construction notes, and equipment checkout is available in english. (schematics are not in english.). These radios are not for beginners or even intermediate kit builders. It would be nice if someone could kit these units. I started to convert the 23cm BPSK design to utilize a chipset family put out by RF Microdevices, but then my time got sucked into other projects. I may find the time to persue this once again, but I would like to get some semblence of a network greater than 2 nodes up and running first. *sigh*

B) The future of hardware hacking.
With the trend towards more and more functionality becoming embedded into ASICs and single-chip solutions, the golden age of "just desolder this", or "reverse-engineer the schematics and jumper that", or "replace [PROM| EPROM| EEPROM| PIC| FPGA] with one with the following special programming, and here's the [CPU| microcontroller]'s instruction set and a memory map of the embedded system" appears to be drawing to a close. Anyone can desolder a 24-pin DIP EPROM and hack it, but trying to desolder a 100-pin PQFP is a real bear without $500+ worth of specialized equipment, and knowing what to do with the chip after you've desoldered it is well-nigh impossible.

Do you see a time when "hardware hacking" (as we've traditionally known it) will have to fall by the wayside? If so - what, if anything, do you see as taking its place? (Perhaps users taking advantage of the vastly more-powerful gear out there today and building their own hackable hardware, eliminating the need to hack other people's hardware?)

I suppose that's tangentially related to the wireless.net question - for mass distribution of the tools needed to build such a network, for instance, it seems to me that re-purposing cheap, widely-available stuff that others have junked is a better path than having to build things from scratch. But if the cheap, widely-available stuff of the future isn't gonna be re-usable... where does one go from there?

L0pht:
It is true that the Electronics industry is moving toward much denser Multi-chip module like IC's. System-on-a-chip (SOC) is beginning to make inroads in communications equipment. Celluar/GSM/PCS phones are beginning to sport such technology. SOC will also revolutionize the security coprocessor industry.

What we see here is the bar being raised in the HW hacking arena. Remember cost still drives much of the industry and you will continue to see many devices still using microcontrollers. There are many, many internet appliances using standard Embedded Processors and peripheral IC's. The hackers are just going to have to bone up on thier FPGA hacking skillz. Monitoring the inputs of an FPGA and then the outputs, and hacking together an FPGA to drop inbetween isn't unheard of.

Hardware hacking today does require a bit more than the standard weller solding iron, a 50Mhz scope, and a multimeter. With processor speeds moving up into the 800Mhz range, you fall flat on your face with those stoneage tools. The trend in general is hardware which is becoming more and more abstracted and described by high-level programming languages such as verilog and VHDL. One must stay abreast of the latest tools in his trade. There are also relatively inexpensive "soft" tools, in that a spectrum analyzer, logic analyzer or a scope utilizes the modern PC as the guts of the device and an inexpensive physical interface module is purchased along with software for the host. The interface is typically a data acquisition pod for converting the sampled analog data into the host PC for processing and the presentation.

The security of FPGA's is definately going to become more of a target in the future. I can't think of anyone that doesn't set the security bit of FPGA before programming a device. Ummm.. Hmmm.. maybe I shouldn't say that. ;^) It does happen. There are also some not so well known ways around "securty bits" on FPGA's. Also, most FPGA's will allow you to reprogram them in circuit whether or not the security bit is blown. You just better be sure you can reproduce what you monitored before squirting in your own code.

Remember there are many more ways to fry an egg, such as voltage margining, or operating a circuit over/under current and temperature specifications. Hitting HW with various RF emissions (above and beyond what stantard emissions/immunities tests test for.) can also produce interesting results and insights.

And as you alluded to in your question, hackers will build their own hardware which will interface to the service/system under attack, which will allow for variable, marginable, modules to provide the flexibilty which the stock standard HW didn't provide. Study communications test equipment. Many secrets lie inside.

A lot of today's "hardware hacking" isn't strictly limited to hardware, due to the fact that most products are embedded systems - meaning there is a union of hardware and software. Those who are strictly "hardware guys" will fall by the wayside and those who are strictly "software guys" will also fall. You will need to have a decent knowledge of both the software and the hardware environment you are programming for. I have seen companies struggle because they hire CS folks to write firmware for a product. These particular folks could not grasp that they were writing for a platform other than a PC or desktop. They didn't understand how interrupts worked, how to write to a port, how to write low-level drivers to control external memory or other devices on an SPI, I2C or other inter-chip protocol. What ended up happening is the company called in the hardware engineer (me) to write all the low-level functionality. In order to properly design a product (and reverse engineer the product), you need to be able to grasp all facets...

The industry today is really in a sad state and I am fearful of the quality of the products that are due to come out on the market - the hardware and circuitry is sound and well-structured, but the software will have major fault and, because of this, many possibilities for vulnerabilities.

C) The future of l0pht.
(At least publicly), there's been a lot more activity on the software side of l0pht than on the hardware side.

To the extent that you can discuss it openly, do you see l0pht's main activities over the next 3-5 years as continuing to revolve around the "expose weaknesses in software" side or the "work on next-generation hardware projects" side?

L0pht:
Both. Hardware projects, since the beginning of time, are more costly, require more tools than software, and mroe often than not, more time consuming. Due to this, the amount of publicly-known activity appears to be less. As mentioned before, there will be more and more projects that require the knowledge of both hardware and software sides, where L0pht fits the bill perfectly. There are so many products and technologies to look at, there is no way we can limit ourselves by saying what activities we will and will not do. If something comes out, be it hardware or software, that we want to attack, we will.

8)What engines/sites do you use to scour the 'Net?
by Bacteriophage
Seriously, I would like to know. When you sometimes don't have all the answers (I assume that would be more than never), where do you guys go on the 'Net to find what you need concerning computer security, **/*acking, or even just news? Do you ever come to /.? This answer shouldn't take very long, and it'd be nice to get the seperate preferences of each crew member, as well as the general preferences of the group.

L0pht:

Generic search:

Altavista or NorthernLight for a spider based search Yahoo for a topic search.

Ask Jeeves when I don't really know what it is I am looking for.

security/hacking: altavista - word sequences work well. A recent example would be a search for the PCI specification by looking for "pci spec".

yahoo - when altavista doesn't help

Hacker search:

• The Hacker News Network Search Engine Page - Lots of undergound spiders http://www.hackernews.com/search.html
• attrition stats - http://www.attrition.org/mirror/attrition/stats.html
• eEye stats - http://www.eeye.com/html/Databases/Statistics/os.html
• NMRC - Good Novell NT and Unix info. www.nmrc.org
• counterpane - for books (through amazon) and lots of free information on crypto too.
• www.jya.com/crypto.htm - for the good cypherpunk info

------

Next week: Steve Wozniak (and a special pair of *surprise* guests Tuesday).

jenkin sear writes "Netscape Time capsule site- original splash screens, and much of the original netscape site, including the release notes for version 0.9. Definitely a trip down memory lane.... I saw this link on scripting news" Warm fuzzies. Sure was simpler then. An interesting similiar and unrelated article also popped out recently, a history of microsoft.com.

Ion Berkley writes "Should we feel flattered or threatened that Microsoft now provides on-line instructions on how to delete Linux from your hard drive and replace it with 2000/NT? The only thing that suprises me about this is that they don't try to sell you a Microsoft tool to use in place of fdisk."

After last Sunday's story about Microsoft looking for Linux skills, Alfred Perlstein wrote in with the news that talented FreeBSD admins can also find themselves positions with Microsoft, in particular, at Hotmail. The Hotmail guys do seem to have a sense of humour though; witness hostnames like rotate-the-shield-harmonics.hotmail.com.

Kaufmann writes "More news from Brazil... this time it seems to be good news, though; this page describes a law project, already on Congress, which, if approved, will obligate all sectors of the Brazilian Government - agencies, public corporations, et cetera - to use only free (as in speech) software (unless there is none that provides the required functionality). This is rather surprising news, considering the incredible power wielded by Big Software Companies in Brazil (their puppet, the Brazilian Association of Software Corporations, is conducting a massive anti-"piracy" witch hunt, with some success). Email the author of the bill, congressman Walter Pinheiro, and show him your support! (Most links are in Portuguese; you might want to use your favourite text translation tool.) "

Cycon writes "Microsoft has announced that Windows 2000 has been finished and sent off to Manufacturing. It won't be available until February 17, 2000 though. I find it somewhat surprising that they didn't wait until after the Y2K rollover just to verify that everything still works. I guess that's what service packs are for, eh? " Well, well. D-Day has been determined -

Anonymous Coward writes "LinuxToday is carrying this article about 4 positions for Linux staff based at Redmond. Like who would *do* that?" Good question, but someone always *does* take these jobs. For instance, this Product Manager position probably won't stay open long. Scary, isn't it?

Linuk writes "The following message from the Visual Studio product manager says that MS has not sold VJ++. It's all a mixup with the Visual Studio integration program." We ran this story on the subject. Others ran similar ones. Please hit the link; it'll clear everything up.

DevNu11 writes "Windows NT 4.0 SP6a + Hotfixes + Trusted configuration finished evaluation under the TCSEC program. This page has a configuration guide for deploying a system in a C2-evaluated configuration. A text on the bottom of the page points out the differences of NT being secure and that someone could configure NT to be secure."

DevNu11 writes "Windows NT 4.0 SP6a + Hotfixes + Trusted configuration finished evaluation under the TCSEC program. This page has a configuration guide for deploying a system in a C2-evaluated configuration. A text on the bottom of the page points out the differences of NT being secure and that someone could configure NT to be secure."

The latest Netscraft Survey is out. Apache enjoyed an over 1 percent increase, with Microsoft and Netscape showing some decreases. According to the survey, Apache has a 54.81 percent "market share." Also reported is the fact that Webjump actuals uses a hybrid setup with NT serving static content and the dynamic content with a Solaris/Apache/Perl system. Tucked away in the report is a small factoid that PHP is on over 1.1 million domains.

Publishing and Broadcasting Ltd, Australia's biggest media company and allied to Microsoft, has teamed with IT services company, Acxiom, to create that country's biggest private data repository, according to this story. It will hold the cross-matched details of Australia's 20 million people culled from government electoral rolls, Microsoft-related Web sites including Hotmail and Passport, credit card reports, casino records, bank statements and a variety of undisclosed other sources to provide marketing profiles of the country's entire population. The plan is then to sell these to marketers, insurers, banks and others. Naturally, consumer advocates and privacy groups are wary. A similar Government-sponsored scheme, the Australia Card, was universally rejected by citizens more than ten years ago. Australians are generally not protected by any privacy laws. What do you think: is it ok for private enterprise to hold such detailed information on our private lives, offering these to the highest bidder? Is privacy dead?

coaxial writes: "At SuperComputing '99, the fastest network in the world, 2.4 gigabits, was built between the University of Washington and Microsoft's Redmond campus thanks to the DARPA-sponsored National Transparent Optical Network (NTON), the university's Pacific/Northwest Gigapop, and Nortel. You can read all about it from the NCSA now apart of The Alliance . " Cool, MP3's and DECSS'd DVD movies at the speed of the light.

Neil Andriessen writes "Wired has released a story that tells of how Bubbleboy is now in the wild. It was found on an unnamed Japanese website. The Bubbleboy virus was mentioned in this discussion on Slashdot. A patch is now available from Microsoft. I wonder were it will go from here."

Amigan writes " C|Net news.com is reporting on VP Al Gore's visit to Microsoft's campus today includes a statement from the Vice President that "...he expected that the White House would get involved in any settlement talks between the company and the Justice Department when antitrust remedies get discussed. Why would the White House need to be involved?"

logictype asks: "How would you configure a FreeBSD NAT box so it will work with netmeeting or my webcam? Here is a page thatdescribes the ports needed. I am not familiar with FreeBSD so all help is appreciated."

Bob Frankenberg was CEO of Novell in the early nineties, when Novell were marketing DR-DOS as a replacement for MS-DOS (DR-DOS is now the subject of a law suit between Caldera and Microsoft). In part of this CBS interview he explains why his new company, Encanto, is not using Microsoft software, and why they chose FreeBSD. Read on for a few notes.

There are a number of interesting things to take from this article. It's unsurprising that an ex-Novell CEO does not want to use MS software after the way Novell were treated by them, it is mildly surprising that he hasn't chosen a Novell, or other 'industry standard' solution.

Encanto's choice of FreeBSD over Linux is also interesting. Naturally, we all know that FreeBSD is the best choice (heh heh heh :-)), but Linux (or Solaris) would be the anti-MS knee jerk choice. Using FreeBSD suggests that they've actually investigated the different OS choices open to them, and chosen one on merit -- or that the first SA they hired preferred FreeBSD over Linux.

As ever, the media have got the licensing issues wrong. One of the key things about the BSD license is that you don't have to contribute enhancements back to the original codebase if you don't want to -- of course, that doesn't stop many companies from doing so anyway, because it's better business sense in the long run.

Having looked at the Encanto web site, and the products they're selling, the license may very well be the key issue. They sell network appliances -- plug and play web servers, that sort of thing, and the ability to make proprietry changes to the code base to support their product (and enhance their product's value) without having to disclose those changes is probably key to their business plan.

This is quite similar to the approach taken by Whistle and their Interjet devices. Whistle have been the classic example of a company which has contributed code back, even though the license doesn't force them to -- typically 6 to 12 months after they've deployed it in their product, and reaped the commercial benefit. This lets them recoup their development costs plus profit, and lets the rest of the community benefit from (and extend and support) the code later on.

Finally, CBS's phrase, "so-called open-source software" should get them a stiff letter from ESR...

TRUSTe, the steward of the most visible symbol on the internet, is making a tough decision today. Today, it reveals what it intends to do about its client Real Networks. At stake is whatever's left of its credibility. (Update: 11/08 02:55: Real got off on a technicality: "because the transmission of user data ... did not involve collection of data on the RealNetworks Web site, the privacy incident was outside of the scope of TRUSTe's current privacy seal program.")

Unquestionably TRUSTe is the leader in third-party privacy assurance. Its only alternative is BBBOnline, which can boast only 100 members to TRUSTe's 750. But it's having a hard time living up to its motto, "Building a web you can believe in": sometimes it's hard to know what to believe.

TRUSTe's original idea was to allow a website to display one of three icons, indicating whether its privacy policy was good, ok, or bad. There turned out to be problems with this - strangely enough, no site wanted to post an icon saying that their privacy sucked - and the icons looked too similar anyway. So they went with one icon, a "badge" that every member site posts.

All the badge means is that the site has a privacy policy, and that, as far as TRUSTe knows, they haven't violated it.

If you think this is a questionable basis for a consumer advocacy group, you're right. But the real question is how it plays out in practice. Let's take a look at TRUSTe's track record.

Round I: TRUSTe and GeoCities. In June 1998, the FTC announced - to everyone's surprise - that it and GeoCities had come to a settlement regarding violations of consumer privacy.

Everyone was surprised because this was the first anyone had heard of it. Where was TRUSTe?

Caught flat-footed, TRUSTe scrambled for a few days, then made its own announcement. It pointed out that GeoCities had begun the alleged privacy violations before applying to become a member (in April) and being accepted (in May). Therefore, TRUSTe claimed, the violations were technically not under the scope of their investigation.

But turn that around and put it another way - it was able to become a TRUSTe member even while under investigation by the FTC, and TRUSTe said nothing.

It gets worse. The FTC and GeoCities issued conflicting releases about what the settlement actually meant. The FTC said that GeoCities had "misrepresented the purposes for which it was collecting personal identifying information" (including children's). GeoCities denied the charges.

So who was right? We still don't know. Despite this being precisely the issue that TRUSTe was set up to resolve, TRUSTe refused to confirm or deny the FTC's allegations.

In a 1998 open letter, I asked whether TRUSTe's initial review of GeoCities had included any really tough questions such as "are you currently under investigation by the Federal Trade Commission?" No answer. In fact, mention of the GeoCities incident seems to have been removed from TRUSTe's website.

The organization that wanted to make the FTC obsolete was not off to a good start.

Round II: TRUSTe and Microsoft. March 1999. This was the "Global User ID" case. It turned out Microsoft had been embedding a user ID into every document you created with their software. Since they put that ID on file when you registered their software, they have been capable for years of tracking authorship of even supposedly-anonymous documents.

And don't think it's just a theoretical concern. Just weeks later, the Melissa macro virus was unleashed, and its author was tracked down using this same ID. Any technology that can lead the cops to your door is potentially dangerous technology.

TRUSTe announced that this "compromises consumer trust and privacy" (duh), but said that since the Global User ID does not, strictly speaking, involve the Microsoft.com website, it had no jurisdiction. Their conclusion: "TRUSTe has determined that Microsoft.com was in compliance with all TRUSTe principles."

In reality, Microsoft's privacy page (prominently labeled with the TRUSTe seal) also discusses online registration of software products, and notes that the "personal profile" from their software registration appears on the website and is editable from the website. And that page claims that registration is covered by the TRUSTe guidelines. For TRUSTe to claim it's not requires some Clintonesque redefinitions.

CNET's headline was exactly right: "TRUSTe Clears Microsoft on Technicality."

Round III: TRUSTe and Deja News. April 1999. Again TRUSTe is taken by surprise when a computer sleuth discovers that Deja News has been collecting data on email sent by its users. When a reader clicked on an email link in a discussion posting, the destination email address was recorded, along with the presumable topic of discussion, the sender's IP number, and if registered, the sender's personal data.

This is not what one expects when sending private email! And this clearly involved Deja's website, so there was no question of another technicality.

TRUSTe's analysis of this situation was only two paragraphs long; here's all that happened:

"TRUSTe specified certain clarifying language to be included in the privacy statement. Deja News, independent of TRUSTe, then decided to discontinue the practice of tracking IP addresses in conjunction with the mail-to feature."

In fact, the situation was resolved long before TRUSTe even bothered to issue that statement. TRUSTe's suggestion of "clarifying language" had been obviated long before by Deja's indepedent action. See ZDNet's story of May 4th, which hopes that TRUSTe "will likely issue some sort of statement...this week." But TRUSTe stayed silent for four weeks.

Round IV: TRUSTe and Microsoft (again). A wide-open security hole in Microsoft's Hotmail is breached, and for a few hours everyone's inboxes are public domain. (If you don't think this is a serious privacy violation, read the stunning anonymous tale of cracking into an enemy's email, published on Salon.com the next day.)

TRUSTe's response is to call in an independent accounting firm to talk with Hotmail's programmers and security people, look over the source code, and generally try to make sure such a problem won't happen again. This isn't a bad idea - it just wasn't much of anything that Microsoft wouldn't have done on its own. Locking the barn door after the horse is gone doesn't help the people whose privacy has been lost. Microsoft is out of pocket a few bucks for the audit, and gets more than its money's worth by being able to say that TRUSTe still gives them a clean bill of health.

How can all these incidents have passed by without punishment of any kind? It's because of what TRUSTe is actually guaranteeing. Not that any company will actually keep its data private - but that the company is not lying in its privacy assurance.

That's right. You know those privacy promises you never read, the ones that are different on every website and all seem ten pages long? What TRUSTe does is promise you that, if you had read them, you'd know your rights.

If it wanted, a company could have its lawyers dress up "we will spam your email every day and sell your name and address to anyone who asks for them" in legalese, and get a TRUSTe badge on their homepage. Would you know you were being screwed? Not unless you speak fluent lawyer.

Is the FTC such a bogeyman that we really need to sell our privacy so cheap?

When Ralph Nader was pressing the government to impose strict safety standards on the auto industry, Henry Ford II complained that they were "unreasonable, arbitrary and technically unfeasible." After the laws were enacted anyway, a decade later he conceded: "We wouldn't have [these] kinds of safety ... unless there had been a federal law."

Imagine if our only automotive safety regulations were that Detroit must abide by its lawyers' fine print!

The usual argument is that requiring an actual guarantee of privacy would stifle business. The purpose in forming TRUSTe was to keep the internet corporation-friendly, by keeping the government out. TRUSTe was well-intentioned, no question. It was a noble experiment.

But, according to some influential people and groups, it has failed.

Forrester Research studies topics related to the internet and made privacy its concern in its September 1999 report, "Privacy Wake-Up Call." Its conclusions should not be surprising:

"Most privacy policies are a joke." Forrester says corporate privacy policies are legalese set up mostly to protect the corporations.

"Few companies meet key privacy protection principles." About 10%.

"Third-party programs show little traction." Hundreds of TRUSTe licensees don't amount to much on the billion-page net.

And, "third-party privacy firms...like TRUSTe...become more of a privacy advocate for industry rather than for consumers."

(Slashdot has more on this study.)

Even the Electronic Frontier Foundation, after years of straddling the fence on the issue, has finally recognized that self-policing just doesn't work. The EFF is not just the best-recognized internet rights advocacy group; it created TRUSTe.

Yet, in an October letter to the FTC, the EFF laid down its cards:

"Creation of TRUSTe and its seal program was one such early innovation of EFF. TRUSTe was successful in several areas. ... We now must move out of this awareness-raising mode and into an action mode where real protection can be achieved. Legislation is needed in order to achieve that goal. ... we think it is time to move away from a strict self-regulation approach to protecting privacy online."

The latest nail in the coffin came on November 1, when EFF Program Director Stanton McCandlish laid out the facts on the fight-censorship mailing list:

"Our stance has basically been that industry self-reg would be worth trying, but might or might not be enough. We did the 'proof of concept' ourselves, by launching and spinning off TRUSTe. But TRUSTe was intended to be and is a separate, independent entity, and was created as an experiment. The experiment is in many ways a failure..."

(McCandlish's personal opinion is even more scathing. Follow the link to read it.)

You wouldn't know this if you read the TRUSTe website. Their homepage proudly tells you about the six-month-old Georgetown study, but makes no mention of the Forrester Research report. It tells you that the FTC supports self-regulation (based on Georgetown), but won't tell you that its own parent, the EFF, thinks the ride is over.

If TRUSTe is a consumer rights and advocacy group, why are they only feeding us the feel-good stories? Aren't consumer groups supposed to be the ones that dig up dirt and tell us about potential problems?

The money trail leads to the answer. TRUSTe isn't a consumer advocacy group. TRUSTe doesn't get its money from consumers. Its money comes from corporate sponsors, and nobody wants to bite the hand that feeds them. Besides, those corporations want the message to be one of constant calm. Concerned customers are not good for sales.

Remember the GeoCities FTC findings that TRUSTe wouldn't comment on? GeoCities had just done an IPO and millions of dollars were at stake. GeoCities' sister corporation Engage Technologies (they are both subsidiaries of CMG Industries) was a Contributing Corporate Sponsor of TRUSTe. That conflict of interest was never mentioned.

(GeoCities has since been purchased by Yahoo.)

Remember the Microsoft incidents that TRUSTe waffled on? Microsoft is not just a member, but also a Premier Corporate Sponsor of TRUSTe. That conflict of interest totals $100,000 per year.

Round V. By now you've guessed that this is leading up to the current furor over Real Networks. Real is a TRUSTe member. Do I need to mention that it's also a Contributing Corporate Sponsor?

TRUSTe said that it would render judgement on Real Networks by the end of last week. Now it's saying today.

And it's making noises like they're actually going to do something this time:

"We could take the company to court for breach of contract, since they do have an agreement with us. Or, we can forward the case to the FTC... I guarantee that the damage to the reputation of the first company that we do that to will be big."

For its own sake, it had better. We're talking about a company whose product is a Trojan Horse that secretly scans your hard drive for valuable personal data. If TRUSTe doesn't unload with both barrels, its credibility will be negative zero.

Anything TRUSTe does may have a negligable effect in any case. Corporations only understand the bottom line, and RealNetworks stock shot up 25% in the five days following the privacy debacle. With the company's market cap $1.9 billion higher than it was a week ago, how much are they really going to care about some nonprofit gnat?

We can hope. Real.com today unveiled its new website, a music portal, which investors will be watching carefully. Also happening today is a conference held by the FTC and Commerce Department for data-profilers to announce what they're going to do to protect privacy. So if TRUSTe were trying to maximize the effect of their announcement, today would be the day they'd pick. It could be that the gnat will have a nasty bite that surprises everyone.

Still - you can dress an organization up in not-for-profit clothes, but that doesn't change that it's beholden to its revenue stream. TRUSTe says we can trust them to be objective, on the theory that their revenue stream will dry up if they don't do right by consumers. So far, there doesn't seem to be much truth to that. They haven't been doing us right, but their number of contributors and members just keeps growing.

I enjoy reading about the future envisioned by people like Gibson and Stephenson, where the net is totally unregulated and a "right to privacy" is a dim memory, or a joke. That doesn't mean I want to live in that future. Europe has consumer protection laws that are, from an American perspective, astonishingly strong. Maybe we should take a look at other countries' solutions, to see if there's something we could learn.

So far, all we've learned is what fails.

- Jamie McCarthy

TRUSTe, the steward of the most visible symbol on the internet, is making a tough decision today. Today, it reveals what it intends to do about its client Real Networks. At stake is whatever's left of its credibility. (Update: 11/08 02:55: Real got off on a technicality: "because the transmission of user data ... did not involve collection of data on the RealNetworks Web site, the privacy incident was outside of the scope of TRUSTe's current privacy seal program.")

Unquestionably TRUSTe is the leader in third-party privacy assurance. Its only alternative is BBBOnline, which can boast only 100 members to TRUSTe's 750. But it's having a hard time living up to its motto, "Building a web you can believe in": sometimes it's hard to know what to believe.

TRUSTe's original idea was to allow a website to display one of three icons, indicating whether its privacy policy was good, ok, or bad. There turned out to be problems with this - strangely enough, no site wanted to post an icon saying that their privacy sucked - and the icons looked too similar anyway. So they went with one icon, a "badge" that every member site posts.

All the badge means is that the site has a privacy policy, and that, as far as TRUSTe knows, they haven't violated it.

If you think this is a questionable basis for a consumer advocacy group, you're right. But the real question is how it plays out in practice. Let's take a look at TRUSTe's track record.

Round I: TRUSTe and GeoCities. In June 1998, the FTC announced - to everyone's surprise - that it and GeoCities had come to a settlement regarding violations of consumer privacy.

Everyone was surprised because this was the first anyone had heard of it. Where was TRUSTe?

Caught flat-footed, TRUSTe scrambled for a few days, then made its own announcement. It pointed out that GeoCities had begun the alleged privacy violations before applying to become a member (in April) and being accepted (in May). Therefore, TRUSTe claimed, the violations were technically not under the scope of their investigation.

But turn that around and put it another way - it was able to become a TRUSTe member even while under investigation by the FTC, and TRUSTe said nothing.

It gets worse. The FTC and GeoCities issued conflicting releases about what the settlement actually meant. The FTC said that GeoCities had "misrepresented the purposes for which it was collecting personal identifying information" (including children's). GeoCities denied the charges.

So who was right? We still don't know. Despite this being precisely the issue that TRUSTe was set up to resolve, TRUSTe refused to confirm or deny the FTC's allegations.

In a 1998 open letter, I asked whether TRUSTe's initial review of GeoCities had included any really tough questions such as "are you currently under investigation by the Federal Trade Commission?" No answer. In fact, mention of the GeoCities incident seems to have been removed from TRUSTe's website.

The organization that wanted to make the FTC obsolete was not off to a good start.

Round II: TRUSTe and Microsoft. March 1999. This was the "Global User ID" case. It turned out Microsoft had been embedding a user ID into every document you created with their software. Since they put that ID on file when you registered their software, they have been capable for years of tracking authorship of even supposedly-anonymous documents.

And don't think it's just a theoretical concern. Just weeks later, the Melissa macro virus was unleashed, and its author was tracked down using this same ID. Any technology that can lead the cops to your door is potentially dangerous technology.

TRUSTe announced that this "compromises consumer trust and privacy" (duh), but said that since the Global User ID does not, strictly speaking, involve the Microsoft.com website, it had no jurisdiction. Their conclusion: "TRUSTe has determined that Microsoft.com was in compliance with all TRUSTe principles."

In reality, Microsoft's privacy page (prominently labeled with the TRUSTe seal) also discusses online registration of software products, and notes that the "personal profile" from their software registration appears on the website and is editable from the website. And that page claims that registration is covered by the TRUSTe guidelines. For TRUSTe to claim it's not requires some Clintonesque redefinitions.

CNET's headline was exactly right: "TRUSTe Clears Microsoft on Technicality."

Round III: TRUSTe and Deja News. April 1999. Again TRUSTe is taken by surprise when a computer sleuth discovers that Deja News has been collecting data on email sent by its users. When a reader clicked on an email link in a discussion posting, the destination email address was recorded, along with the presumable topic of discussion, the sender's IP number, and if registered, the sender's personal data.

This is not what one expects when sending private email! And this clearly involved Deja's website, so there was no question of another technicality.

TRUSTe's analysis of this situation was only two paragraphs long; here's all that happened:

"TRUSTe specified certain clarifying language to be included in the privacy statement. Deja News, independent of TRUSTe, then decided to discontinue the practice of tracking IP addresses in conjunction with the mail-to feature."

In fact, the situation was resolved long before TRUSTe even bothered to issue that statement. TRUSTe's suggestion of "clarifying language" had been obviated long before by Deja's indepedent action. See ZDNet's story of May 4th, which hopes that TRUSTe "will likely issue some sort of statement...this week." But TRUSTe stayed silent for four weeks.

Round IV: TRUSTe and Microsoft (again). A wide-open security hole in Microsoft's Hotmail is breached, and for a few hours everyone's inboxes are public domain. (If you don't think this is a serious privacy violation, read the stunning anonymous tale of cracking into an enemy's email, published on Salon.com the next day.)

TRUSTe's response is to call in an independent accounting firm to talk with Hotmail's programmers and security people, look over the source code, and generally try to make sure such a problem won't happen again. This isn't a bad idea - it just wasn't much of anything that Microsoft wouldn't have done on its own. Locking the barn door after the horse is gone doesn't help the people whose privacy has been lost. Microsoft is out of pocket a few bucks for the audit, and gets more than its money's worth by being able to say that TRUSTe still gives them a clean bill of health.

How can all these incidents have passed by without punishment of any kind? It's because of what TRUSTe is actually guaranteeing. Not that any company will actually keep its data private - but that the company is not lying in its privacy assurance.

That's right. You know those privacy promises you never read, the ones that are different on every website and all seem ten pages long? What TRUSTe does is promise you that, if you had read them, you'd know your rights.

If it wanted, a company could have its lawyers dress up "we will spam your email every day and sell your name and address to anyone who asks for them" in legalese, and get a TRUSTe badge on their homepage. Would you know you were being screwed? Not unless you speak fluent lawyer.

Is the FTC such a bogeyman that we really need to sell our privacy so cheap?

When Ralph Nader was pressing the government to impose strict safety standards on the auto industry, Henry Ford II complained that they were "unreasonable, arbitrary and technically unfeasible." After the laws were enacted anyway, a decade later he conceded: "We wouldn't have [these] kinds of safety ... unless there had been a federal law."

Imagine if our only automotive safety regulations were that Detroit must abide by its lawyers' fine print!

The usual argument is that requiring an actual guarantee of privacy would stifle business. The purpose in forming TRUSTe was to keep the internet corporation-friendly, by keeping the government out. TRUSTe was well-intentioned, no question. It was a noble experiment.

But, according to some influential people and groups, it has failed.

Forrester Research studies topics related to the internet and made privacy its concern in its September 1999 report, "Privacy Wake-Up Call." Its conclusions should not be surprising:

"Most privacy policies are a joke." Forrester says corporate privacy policies are legalese set up mostly to protect the corporations.

"Few companies meet key privacy protection principles." About 10%.

"Third-party programs show little traction." Hundreds of TRUSTe licensees don't amount to much on the billion-page net.

And, "third-party privacy firms...like TRUSTe...become more of a privacy advocate for industry rather than for consumers."

(Slashdot has more on this study.)

Even the Electronic Frontier Foundation, after years of straddling the fence on the issue, has finally recognized that self-policing just doesn't work. The EFF is not just the best-recognized internet rights advocacy group; it created TRUSTe.

Yet, in an October letter to the FTC, the EFF laid down its cards:

"Creation of TRUSTe and its seal program was one such early innovation of EFF. TRUSTe was successful in several areas. ... We now must move out of this awareness-raising mode and into an action mode where real protection can be achieved. Legislation is needed in order to achieve that goal. ... we think it is time to move away from a strict self-regulation approach to protecting privacy online."

The latest nail in the coffin came on November 1, when EFF Program Director Stanton McCandlish laid out the facts on the fight-censorship mailing list:

"Our stance has basically been that industry self-reg would be worth trying, but might or might not be enough. We did the 'proof of concept' ourselves, by launching and spinning off TRUSTe. But TRUSTe was intended to be and is a separate, independent entity, and was created as an experiment. The experiment is in many ways a failure..."

(McCandlish's personal opinion is even more scathing. Follow the link to read it.)

You wouldn't know this if you read the TRUSTe website. Their homepage proudly tells you about the six-month-old Georgetown study, but makes no mention of the Forrester Research report. It tells you that the FTC supports self-regulation (based on Georgetown), but won't tell you that its own parent, the EFF, thinks the ride is over.

If TRUSTe is a consumer rights and advocacy group, why are they only feeding us the feel-good stories? Aren't consumer groups supposed to be the ones that dig up dirt and tell us about potential problems?

The money trail leads to the answer. TRUSTe isn't a consumer advocacy group. TRUSTe doesn't get its money from consumers. Its money comes from corporate sponsors, and nobody wants to bite the hand that feeds them. Besides, those corporations want the message to be one of constant calm. Concerned customers are not good for sales.

Remember the GeoCities FTC findings that TRUSTe wouldn't comment on? GeoCities had just done an IPO and millions of dollars were at stake. GeoCities' sister corporation Engage Technologies (they are both subsidiaries of CMG Industries) was a Contributing Corporate Sponsor of TRUSTe. That conflict of interest was never mentioned.

(GeoCities has since been purchased by Yahoo.)

Remember the Microsoft incidents that TRUSTe waffled on? Microsoft is not just a member, but also a Premier Corporate Sponsor of TRUSTe. That conflict of interest totals $100,000 per year.

Round V. By now you've guessed that this is leading up to the current furor over Real Networks. Real is a TRUSTe member. Do I need to mention that it's also a Contributing Corporate Sponsor?

TRUSTe said that it would render judgement on Real Networks by the end of last week. Now it's saying today.

And it's making noises like they're actually going to do something this time:

"We could take the company to court for breach of contract, since they do have an agreement with us. Or, we can forward the case to the FTC... I guarantee that the damage to the reputation of the first company that we do that to will be big."

For its own sake, it had better. We're talking about a company whose product is a Trojan Horse that secretly scans your hard drive for valuable personal data. If TRUSTe doesn't unload with both barrels, its credibility will be negative zero.

Anything TRUSTe does may have a negligable effect in any case. Corporations only understand the bottom line, and RealNetworks stock shot up 25% in the five days following the privacy debacle. With the company's market cap $1.9 billion higher than it was a week ago, how much are they really going to care about some nonprofit gnat?

We can hope. Real.com today unveiled its new website, a music portal, which investors will be watching carefully. Also happening today is a conference held by the FTC and Commerce Department for data-profilers to announce what they're going to do to protect privacy. So if TRUSTe were trying to maximize the effect of their announcement, today would be the day they'd pick. It could be that the gnat will have a nasty bite that surprises everyone.

Still - you can dress an organization up in not-for-profit clothes, but that doesn't change that it's beholden to its revenue stream. TRUSTe says we can trust them to be objective, on the theory that their revenue stream will dry up if they don't do right by consumers. So far, there doesn't seem to be much truth to that. They haven't been doing us right, but their number of contributors and members just keeps growing.

I enjoy reading about the future envisioned by people like Gibson and Stephenson, where the net is totally unregulated and a "right to privacy" is a dim memory, or a joke. That doesn't mean I want to live in that future. Europe has consumer protection laws that are, from an American perspective, astonishingly strong. Maybe we should take a look at other countries' solutions, to see if there's something we could learn.

So far, all we've learned is what fails.

- Jamie McCarthy

at0m writes "Microsoft has posted their side of the story on the website. They emphasize that this is not the final ruling and there will be many more trials in the future, etc, etc. It claims that "company will continue to defend the principle of innovation." In addition, Bill Gates has made a statement regarding the whole issue. He says that they "respectfully disagree" with the court's decision. Kinda makes me sick. "

at0m writes "Microsoft has posted their side of the story on the website. They emphasize that this is not the final ruling and there will be many more trials in the future, etc, etc. It claims that "company will continue to defend the principle of innovation." In addition, Bill Gates has made a statement regarding the whole issue. He says that they "respectfully disagree" with the court's decision. Kinda makes me sick. "

The latest Netcraft Survey is out, covering through October 1999. Apache continues to lead the pack, but Microsoft's IIS showed a significant increase due to, basically, the influence of one web hosting company, Webjump.
Is the Netcraft survey still relevant? A cursory glance might lead some to believe that Apache decreased in the number of sites hosted, which is definitely not the case. Are there maybe better ways to display the numbers to give a more complete picture?

James Cook writes "A mouse that can sense when your hand touches it was built a while ago by the boys at Microsoft Research. It enables nifty user interface tricks, like toolbar menus that fade away when you aren't touching the mouse. I want one, then I want Linux drivers for it." Forget who built it. This looks like something worth having (once enough Linux software supports it to make it worthwhile.)

There's an interesting (but somewhat old) article by Network Computing which supposedly helps webmaster's pick their "best bet" for web development systems. They compare Netscape's Enterprise Server, Microsoft's IIS and the ASF's Apache. Despite Apache and PHP being their "clear favorite" they somehow give the Editor's Choice to Netscape. Confusing, but still a pretty good read.

Alex T-B writes "Looks like Microsoft is taking the threat from CORBA and Java seriously. They've launched a network protocol suite [C-Net story] to embrace and extend the distributed business software market. SOAP, as it's called, is based on XML, and is supposed to move audiences away from UNIX and towards adopting Win2k and fully MS-ized software solutions. Interestingly, no MS software is needed to use SOAP, and it levels the playing field as 'proprietary' solutions can be replaced with a universal standard that enabled apps written in different languages to communicate with each other easily over the internet. Is MS actually doing the market a favour by removing vendors' 'lock-in' strategies to properietary solutions?"

A few days past, we solicited questions from you folks to ask QuakeLaird John Carmack ^[?] . We sent the questions over to him, and he answered. A lot. It's definitely one of the best interviews we've had yet - click below to read more.

1. Inazuma asks:
I know that you and id are doing simultaneous development of Q3 for Windows, Mac and Linux. Which of those is your favorite OS to use, and which to program for?

John Carmack Answers:
I use WinNT, Win98, MacOS 8.x, and linux on a regular basis. I also spend some time with MacOS X and irix.

There are individual pros and cons to each system, but if I had to choose only a single platform in its currently shipping state to work on for the next year, I would choose WinNT.

I'm going to risk my neck here and actually defend microsoft a bit:

There are plenty of reasons to have issues with MS, but to just make a blanket statement like "everything that comes from microsoft is crap" is just not rational. There are a lot of smart people at microsoft, and they sometimes produce some nice things. There are some damn useful features of MSDEV that I have not seen on any other platform - all the intellisense pop up information and edit-and-continue, for instance.

I chose NT as our development environment because, after evaluating all available platforms, I decided it was the best tool for the job. NT had the added advantage of running the native executables of our largest target market, but the important point is that it would have won on its own merits even without it.

It offered quality 3D acceleration on intergraph hardware, a stable platform, a good user environment, apps for basics like mail and document editing as well as high end media creation tools, and a good development environment.

I made that decision over three years ago, and I think it has proven to be the correct one. NT is definitely going to be the primary development platform for our next project, but I will be evaluating alternatives for a possible transition after that. The contenders will be linux and MacOS X. None of the other unix workstations would be competitive for our purposes, and I don't think BeOS will offer anything compelling enough (they can always prove me wrong?).

I haven't really been using Win2K, but from a cursory glance, it looks like a reasonable evolution over NT 4.0. The only real downsides to NT 4.0 for me are the bad sound latency and poor input fidelity, and these should be fixed in Win2K.

The current MacOS X server is a bit of a disappointment. I really enjoyed NEXTSTEP on a lot of levels, and if it had workstation quality 3D acceleration, I probably would have stayed there. Unfortunately, much of the development effort spent on it during its transformation to MacOS X seems to be steps sideways instead of forward. Macifying the user interface, porting to PPC, deprecating ObjC for java and C++, etc. They probably all had to be done, but it just hasn't brought anything new to the table. As a user environment, it still feels sluggish, and it still doesn't have 3D graphics.

Linux has progressed a lot in usability in the time since I made the last platform decision. Sure, the guts have always been good, but the user environments were very weak compared to windows or the mac. Some people may think six xterms and a few athena apps are all the UI that anyone should need, but I disagree. The Linux user environment still isn't as good as windows, but going from redhat 5.2 to redhat 6.0 was a whole lot more impressive than going from win95 to win98, or MacOS 7 to MacOS 8. If there is another jump like that, I wouldn't feel too bad inflicting another non-windows platform on everyone else in the company.

2. DanJose52 asks:
How'd you start, personally (I mean on the inside, like emotionally and morally), and how has Id software changed you? for better or worse?

John Carmack Answers:
I knew I wanted to work with computers from a very early age, but there were also a lot of other stereotypical geek aspects to my life growing up - phreaking, hacking (nobody called it "cracking" back then), rockets, bombs, and thermite (sometimes in not-so-smart combinations), sci-fi, comic books, D&D, arcades, etc.

I was sort of an amoral little jerk when I was young. I was arrogant about being smarter than other people, but unhappy that I wasn't able to spend all my time doing what I wanted. I spent a year in a juvenile home for a first offence after an evaluation by a psychologist went very badly.

I went to a couple semesters of classes at the University of Missouri (UMKC), taking nothing but CS classes, but it just didn't seem all that worthwhile. In hindsight, I could have gotten more out of it than I did, but I hadn't acquired a really good attitude towards learning from all possible sources yet.

I dropped-out of college to start programming full time, but trying to do contract programming for the Apple II/IIGS post 1990 was not a good way to make money, and I only wound up with between $1k and $2k a month. Not having enough money is stressful, and I did some things I didn't want to. I wrote a numerology program for a couple hundred bucks one time...

Softdisk publishing finally convinced me to come down to Shreveport for an interview. I had been doing contract work for Jay Wilbur and Tom Hall, so I knew there were some pretty cool people there, but meeting John Romero and Lane Roath was what convinced me to take the job. Finally meeting a couple sharp programmers that did impressive things and had more experience than I did was great.

After I took the job at Softdisk, I was happy. I was programming, or reading about programming, or talking about programming, almost every waking hour. It turned out that a $27k salary was enough that I could buy all the books and pizza that I wanted, and I had nice enough computers at work that I didn't feel the need to own more myself (4mb 386-20!).

I learned a huge amount in a short period of time, and that was probably a turning point for my personality. I could still clearly remember my state of mind when I viewed other people as being ignorant about various things, but after basically doubling my programming skills in the space of six months, I realized how relative it all was. That has been reinforced several additional times over the seven years since then.

All the time from working at Softdisk, to founding Id and making the products we are know for has been pretty seamless for me. I have been learning as much as I can, working hard, and doing my best.

I know that most people won't believe it, but a 100x increase in income really didn't have that big of an impact on me as a person. It is certainly nice to be in a position where people can't exert any leverage on you, but it's definitely not the primary focus of my life. I get to drive a ferrari in to work, but my day to day life is almost exactly the same as it was eight years ago. I get up, go in to work, hopefully do some good stuff, then go home. I'm still happy.

3. by moonboy asks:
I once read, in Wired, an article that said you have an incredible headstart on everyone else for making "virtual worlds" on the Internet using your engine from the Quake games. Do you have any intention of doing this? Has anyone approached you about it? It would seem like a fantastic use of the technology with online gaming being so popular. Entire worlds online could be created virtually and very life-like with many different purposes.

John Carmack Answers:
Making Snow Crash into a reality feels like a sort of moral imperative to a lot of programmers, but the efforts that have been made so far leave a lot to be desired.

It is almost painful for me to watch some of the VRML initiatives. It just seems so obviously the wrong way to do something. All of this debating, committee forming, and spec writing, and in the end, there isn't anything to show for it. Make something really cool first, and worry about the spec after you are sure it's worth it!

I do think it is finally the right time for this to start happening for real. While a lot of people could envision the possibilities after seeing DOOM or Quake, it is really only now that we have general purpose hardware acceleration that things are actually flexible enough to be used as a creative medium without constantly being conscious of the technical limitations.

Two weeks ago, I pitched a proposal to develop some technology along these lines to the rest of the company. I may wind up working on some things like that in parallel with the next game project.

4. justin_saunders asks:
Many people consider you to be one of the best programmers in the game/graphics scene, based on your ability to keep pushing the limits of current PC hardware.

I was wondering what measures you use to gauge the skill of a programmer, and who, if anyone, you look up to and consider to be a "great" programmer.

John Carmack Answers:
Like most things, it is difficult to come up with a single weighted sum of the value of a programmer. I prefer to evaluate multiple axis independently.

Programming is really just the mundane aspect of expressing a solution to a problem. There are talents that are specifically related to actually coding, but the real issue is being able to grasp problems and devise solutions that are detailed enough to actually be coded.

Being able to clearly keep a lot of aspects of a complex system visualized is valuable.

Having a good feel for time and storage that is flexible enough to work over a range of ten orders of magnitude is valuable.

Experience is valuable.

Knowing the literature is valuable.

Being able to integrate methods and knowledge from different fields is valuable.

Being consistent is valuable.

Being creative is valuable.

Focus is extremely important. Being able to maintain focus for the length of a project gets harder and harder as schedules grow longer, but it is critical to doing great work. (Side note - every time "focus" is mentioned now, I think of Vernor Vinge's "A Deepness in the Sky", currently my favorite SF novel)

I certainly respect the abilities of my primary competitors. Back in the DOOM days, Ken Silverman was extremely impressive, and today Tim Sweeny is producing much of value.

5. ajs asks:
I read a sort-of-analysis that you wrote way back comparing DirectX 3D handling to Open GL (with Open GL being far preferable to you). Do you feel that the tools that you and others will need to create the next generation of games exist now under Linux or other Open Source operating systems, or is that still a long way off? What would you recommend that we developers and developer wannabes dedicate our time to?

John Carmack Answers:
To develop a game, you need coding tools, pixel art tools, modeling and texturing tools, sound tools, and usually music tools.

Coding tools are basically fine under linux, and there is already plenty of force behind their improvement.

Gimp looks serviceable for pixel editing, but I don't know of any professional game developers using it.

I assume there are some basic sound tools available, but I would be surprised if they are equal to the best windows or mac tools. That is probably the most approachable sector to work on improving.

Modeling and texturing tools are the biggest lack, but it is also the hardest to address. They really need to be built on top of solid 3D infrastructure, and that is still in its infancy right now. It would probably be possible to build a simple, focused modeling and texturing program that could get the job done, but full featured programs like MAX and maya have an immense amount of work invested in them. Maybe SGI will get maya ported to linux...

We are going to try to build our next level editor cross-platform, which will probably sort out a bunch of 3D content creation issues. I will be improving the matrox GLX driver as necessary to support the effort.

6. thebrit asks:
Is it possible ID may join Ion Storm for a future project together , or are the 'artistic' differences between you too great ?

John Carmack Answers:
Future technology licensing is certainly possible, but as for actually working together, there is very little chance of that for a project that we considered important.

If I decided to spend a little discretionary time whipping up, say, a color gameboy port of Commander Keen (an idea I have sort of been toying with), then I might ask Tom and John if they wanted to make some levels for it.

7. Scott Francis[Mecham asks:
Recently someone posted about their experience in determining the file structure of the Doom WADfile. How did you feel when people were discovering how to modify Doom, from building new levels, to changing the executable itself(dhacked) originally without any information from id? In your opinion, is the modding community a valuable place for creating future game developers?

John Carmack Answers:
The hacking that went on in wolfenstein was unexpected, but based on that, DOOM was designed from the beginning to be modified by the user community.

The hacking that went on with the leaked alpha version was obviously not approved of, but after the official release I did start getting some specs and code out. I had sent some things out early on to a couple of the people that had done tools for wolfenstein, but in the end it was pretty much a completely different set of people that did the major work with DOOM.

The original source I released for the bsp tool was in objective-C, which wasn't the most helpful thing in the world, but it didn't take long for people to produce different tools.

Dhacked was a bit of a surprise to me, and I always looked at it as something that maybe shouldn't have been done. I'm not very fond of binary editing an executable. It clearly showed that people were interested in more control, so it probably argued for the greater freedom given with quake.

I still remember the first time I saw the original Star Wars DOOM mod. Seeing how someone had put the death star into our game felt so amazingly cool. I was so proud of what had been made possible, and I was completely sure that making games that could serve as a canvas for other people to work on was a valid direction.

A doom/quake add-on has become almost an industry standard resume component, which I think is a Very Good Thing. The best way to sell yourself is to show what you have produced, rather than tell people what you know, what you want to do, or what degrees you have.

In the modern gaming era, it is very difficult for a single person to produce a complete looking demonstration game from scratch. It does happen, but a much more reasonable scenario is to do an add-on that showcases your particular talents, whether they are in coding, design, or media. You want to be able to go to your prospective employer and say "There is a community of ten thousand people actively playing a mod that I wrote in my spare time. Give me a job and I will be able to devote all of my energy to gaming, and produce something vastly superior."

8. jflynn asks:
Many people think that the extreme sucessfulness and longevity of DOOM and Quake was partly due to the internet communities that sprung up around them, to discuss playing them and write new levels for them.

How important do you feel a viable gaming community is to the success of a new game today?

John Carmack Answers:
I have always been a strong proponent of supporting the gaming community, but arguments can be made that it isn't that important for success.

Most entertainment media is designed to be throw-away, where people buy something, have a good time with it, and move on. Myst, the most successful computer game of all time, has no community.

A lot of companies would prefer to look at their games like movie releases. Every couple years, you go see the latest by a director you like, then don't think about it too much until the next one.

The game-as-a-lifestyle type of community that has sprung up around a few games is an interesting phenomenon. The plus side is that there is a lot of wonderfully creative things going on, and it does attract more attention over the years than any single media blitz.

The downside is that it breeds a lot of zealotry, which can be a bit ugly. I get some fairly hateful email from people that are too wrapped up in it and disagree with some direction I am taking.

At this point, I think it is clear that the community has been a positive thing. I was very pleased when, earlier this year, Kevin Cloud came around and agreed that the community has indeed been good for us. For years, it felt like I was just being humored by the other owners at id when I pushed for all the code releases.

9. mpav asks:
This is a break from the usual questions from this group, but I thought it would be interesting to know.. You have a couple of exotic sports cars, one being a 1000 horsepower/750 ft-lbs of torque (insane!) ferrari, and I was wondering which one you generally drive to work?

John Carmack Answers:
I drive my twin-turbo F50 almost all of the time. It took a while to get all the bugs sorted out, but it is almost a perfect combination right now. It is light, nimble, and responsive, and 600 hp at the rear wheels is just about perfect for a street car of that configuration.

I only drive my testarossa now when I am low on gas in the F50 or if I need to drive someplace where I think the extra inch or two of ground clearance is important. It is heavy and ponderous, but every time I do drive it, I am impressed again with the power. 1000 hp at the rear wheels is excessive. It takes a while to spin the turbos up to the full 24 psi of boost, but when it has a full head of steam going, it moves like nothing else on the road. It runs away from superbikes on the highway. However, when exercising it, you have a very clear sense that you are taking your life into your hands.

I will probably be getting rid of my TR when my next project car is completed. It is a custom carbon fiber bodied ferrari GTO with a one-of-a-kind billet aluminum twin turbo V12. It is going to make a bit more power than the TR, but only weigh about 2400 lbs. I have a suspicion that we will wind up detuning the engine, because 1 hp / 2 lbs is probably quite a bit past excessive and into the just-plain-stupid realm.

It was supposed to be done two years ago -- mechanics are worse than programmers.

I also have a little MGB that I am theoretically working on myself, but I haven't had time to touch it in six months?

10. Hobbex asks:
Though it unlikely that games will ever be free (ala beer), since so much effort goes into them from all angles (not just code, but also art, music, design etc), but that does not necessarily preclude open source game engines.

Admittedly (and I don't mean this as a slam against you) game engines today do suffer from many of the same problems that Open Source activists attack in Operative systems and other software: bugs, instability and sometimes even bloat and vaporware.

Do you think that Open Source will play a part in the future of game development?

John Carmack Answers:
I have spent a lot of time thinking about that.

I was trying hard to get an article together about game code licensing to go out with the interview questions, but I just didn't make it in time. I had written three pages of article and four pages of other stuff that I had ripped out because it was going off on various tangents.

First, it is interesting to examine how coding is similar or dissimilar to art, music, design, etc. Most GPL works don't have to face the issue, because the work is clearly dominated by code. A few little icons aren't enough to make people really think about it. The argument is significant for games, because coding is only about a third or less of the work in most cases. The arguments that RMS puts forth for the ethical rightness of free software also seem to apply to all digital media. If you take them seriously, the spirit of the GPL seems to want to say that all digital media should be free. That isn't a pragmatic battle to try and fight.

If you just focus on the code, I think there is indeed a viable business model for a line of titles based on open source code with proprietary data. It will take either a very small company, or a very gutsy big company to take the first step. The payoff won't be until the second product.

I think open source is at its best with games (and probably most other things) in a post-alpha model. Fixing, improving, and building upon an existing core is obviously extremely fruitful in an open source model.

Going open-source from development day one with a game probably doesn't make much sense. Design by committee doesn't work particularly well, and for something with as much popular appeal as games, the signal to noise ratio would probably be very low.

I tagged along at the beginning of a from-scratch open source gaming project (OGRE), and it more or less went how I feared it would - lots of discussion, no code.

While the mod communities may not be exactly OpenSource?, I think they work very well. There is some value in having focused areas to work in, rather than just having the entire thing dumped in your lap.

I am going to be releasing the majority of the code for Q3 soon, but there will still be proprietary bits that we reserve all rights to. We make a fairly good chunk of income from technology licensing, so it would take some damn good arguments to convince everyone that giving it all away would be a good idea.

Something that is often overlooked about Id is that Kevin and Adrian together own 60% of the company. They are artists, and most definitely do not "get" free software.

John Carmack

Wiggly asks: "I would like to program distributed systems using the same code base on multiple platforms and multiple languages therefore I am asking around..." And he's asking Slashdot. You've only read the tip of the iceberg, however. There's much more to digest if you decide to click on thru.

"I will firstly say though that none of this is meant as flamebait, or to detract from what any of the projects/products mentioned here have achieved. I just have a wishlist and I am looking for answers and opinions, not a holy war. I am sure that people use many of the things mentioned here on a regular basis for heavy duty apps quite happily and with great results.

There are a whole bunch of distributed programming frameworks around. RPC, ILU, CORBA, DCE, Java RMI and DCOM to name but the most common. Many of these are available on multiple platforms and there are a whole slew of interoperability tools to get them to talk to each other with varying degrees of success. Right now I will focus on CORBA as it is getting much more press than any other recently, and because it is the system that I personally know more about than the others..

Commercially there are a few good ORBs but they are terribly expensive. Developer kits for 'a well known brand' with good CORBA compliance start around 1500 - 1900 UK Pounds, for developer kits. Redistribution costs are around 1700 UK Pounds per processor. These kinds of costs don't really let people play with systems before buying although I know that most comercial ORB vendors will give you trials if they think you are a good bet to buy. Additionally most of the commercial ORBS support as few platforms as they possibly can.

On the Open Source side of things there are many, many implementations of CORBA to choose from, with their own special focus. CORBA compliance, speed, interoperability or whatever else that project's maintainers view as the most important goal(s). There is some great code out there, and a load of people spending every waking hour making it better.

What I cannot find at the moment is a system that targets multiple platforms and multiple languages. Want to use Perl to talk to C++ back ends? Well MICO/COPE is coming along. Want to use the same code on Windows NT as well? Too bad, NT support is very flaky (I have spent too many hours trying to get it working). Want to use Java Applets to talk to C? You have problems. Pick your favourite front/back end language combination and platform then try to find a solution. Problematic at best, and probably not possible at the moment.

Are these very strange requirements/wishes or would other people be willing to sacrifice ratified standards compliance and possibly performance for orthogonality of language/platform availability? I would like to be able to write code for Linux/Unices/Windows in my languages of choice (for me this would be Perl, Java and C++) without having to use multiple implementations on the different platforms.

The way things are shaping up I am thinking hard about rolling my own, because right now I have a need that I cannot fulfill from outside sources. Yes, not Invented Here strikes again, but I can't find a solution. Am I alone in this? What do you think? Do you have any solutions?"

Microsoft today "launched" Passport. Passport is an on-line wallet service, meaning that all your billing and other information is stored centrally with Microsoft, so that you don't have to retype it every time. Passport was used by a few Microsoft sites before, but with today's announcement, an additional fifty or sixty sites have adopted the technology. While my initial concerns were about privacy, they were mostly (but not completely) covered by the aforelinked press release. A news.com article cites a research analyst as saying that one day, Microsoft may wish to take a percentage of the profits, and go for a monopoly on e-wallets. Certainly is a lot to speculate on here...

Wonko42 writes "In his address at Internet World '99, Linus Torvalds threw some harsh words at Microsoft and Sun, criticizing Microsoft's thoughts of opening portions of Windows source and making his feelings known about Sun's restrictive new community license. He also spoke some about the future of commercial software, and dodged lots of Transmeta questions. "

mikeraz told us about Microsoft's new page on Linux Myths. Designed to convince the seasoned business professional that Linux doesn't measure up to the hype. Some good points. Some not-so-good points. Care to comment? Update: 10/05 06:43 by CT : Mandrake has comments on his page.

tomreagan writes "The New York Times is reporting that Microsoft has teamed up with MIT to launch a joint research initiative on educational technology. " It's the largest alliance to date of institution and company, to the tune of 25$US million with a strong focus on "instructional technologies." The feeling at MIT is "mixed" regarding the new project, called I-Campus.

Christopher Bibbs writes "Microsoft is trying once again to rally the troops and let Congress know that the American people want them to back off. They also have a pretty funny letter to the shareholders over here." The shareholder letter says, "Regardless of your perspective, this tool will allow you to share your views, send a letter or email to your elected officials..." There's also an invitation to "call us at 1-888-642-4097." Remember, polite comments do more good than nasty ones, regardless of your perspective. ;-)

Christopher Bibbs writes "Microsoft is trying once again to rally the troops and let Congress know that the American people want them to back off. They also have a pretty funny letter to the shareholders over here." The shareholder letter says, "Regardless of your perspective, this tool will allow you to share your views, send a letter or email to your elected officials..." There's also an invitation to "call us at 1-888-642-4097." Remember, polite comments do more good than nasty ones, regardless of your perspective. ;-)

C|Net talked with Marc, but we got hold of Red Hat's Donnie Barnes yesterday, and interrogated, er, asked him questions. Click below to learn more about what to do with IPO money (Hint: Think missle-toting Lear jets), software patents, open source licensing, and trademark issues.

One of our first and most pressing questions for Donnie was, "What the heck are they going to do with all of this fresh money?" The answer, as one would expect, was some mumbo-jumbo, with some hints of future plans. Barnes said, "We will certainly grow development, marketing, sales, etc." And to whet the appetite of users, "You can certainly expect the 'grow development' part to include some neat new toys for Linux, though we don't preannounce new features. ;-)."

So the company itself will be growing, as we would expect, and the staff will be growing as well. However, what's interesting is the comments on where it will grow.

According to Barnes, "International expansion is a key area for us," which is "very expensive." It is partly due to the sheer expense that they have not really pursued this area before. Some of the shifting in this direction can be seen already, in actions like the severing of the relationship with their former Japanese distributor. In that case Red Hat "basically chose to enter the Japanese market in a bigger way and bring our products and services into that area directly." At the current time, they plan to focus on a European expansion first, to be followed by an Asian expansion soon after.

Waidaminute! Europe? Isn't there already a certain Germanic company established over there? Well, yes. We pressed Barnes about moving into what's considered to be S.u.S.E. Territory, and, on a broader scale, what's going to happen with the expansion of Linux-based companies and competition that will happen between them.

Barnes's response is one that Bob Young has been giving for quite some time; that rather then trying to play a zero-sum game, taking users away from each other, the aim of the Linux companies is to make the entire pie bigger so that /every/ company can grow. Well, every company but Microsoft, I guess, but the point is still there. Both CT and I find this to be a bit idealistic, but given the current atmosphere of change, maybe it will be how things fall out - we'll see how things shape up over the next six months to a year.

So with all this money: International Expansion, more developers, marketing and saleses staff. And, for the record, "...no, there are no big ticket surprises like Lear Jets..."

However, Marc might be purchasing a Porsche dealership. (Note: Joke! Don't sue me, Marc. Please).

The question that everyone had, whether they got the letter, didn't get the letter or just watched the fireworks was the E*Trade/Red Hat stock situation. In summary, the numbers broke down as following:
5000 open source developers were invited to participate
1300 responded, indicating interest
1150 of those were ultimately able to participate

Looks pretty good, right? It'd be interesting to know how many of those 1150 had to go back and try again, but c'est la vie. When asked about RH's feelings on the stock offering, Barnes said, "We feel that an over 88% participation rate was very good for the community at large." We talked about the people angry about the situation, whether or not a lot of the people originally banned were able to get in. His response: "Most of the angry people were [able to get in], but the bumps we had in the way caused them to be confused as to where they were and what level of participation they could expect. But at the end, most of the angry people were able to participate and I think came away happy."

What I thought was interesting was what precipitated the whole meltdown: Bad Information? Clash of Cultures? Red Hat's answer: "Mostly lack of information, and some bad information from E*TRADE's 'systems.'"

Additionally, "Sure, the open source community meeting big business and high finance was part of it too. Both sides needed education about the other, and I think lots of education happened. :)" I'm sure many of the companes looking at similar situations watched the RH IPO closely, trying to figure out what they did right, and what they can do differently. Barnes recommends examining what happened with them, and also shopping around. The latter part to that comment is the interesting part: Not dissing E*Trade, and Barnes does say they would at least shop them against other brokerage houses, but I think that the lesson learned here is to make sure of the house you use, especially after watching the Red Hat fiasco.

And given the recent hoopla over Unisys's perceived attempt to charge for GIFs that use the LZW patent, and Red Hat's closeness with major patent holders like IBM and Hewlett-Packard it seemed appropriate to talk about software patents. Red Hat's take on software patents: "Well, I think it should be fairly obvious that software patents are a bad idea in general and we are not in favor of them." Additionally, when it comes to big-boys like IBM, HP and others they "...will be working to try to lobby in the proper areas to help this issue. Yes, we do care about that stuff and have already begun talking to folks." (Note: I envisioned Bob Young with a flamethrower in the IBM Corporate Lobby)

Despite this, Barnes allowed for the fact that "Given current regulations you may see RH own patents one day. That may be unavoidable until the current way they are handled is changed." RMS would be displeased, but Barnes said that "What folks do with these patents, otoh, can be vasty different." That's an odd world, but I think it's just a further sign of how messed up the US Patent Office is, regarding software patents.

The issue of software patents led to talk about the other software licenses that have come out, like the APSL and Sun Community Source License. As you would expect, Red Hat would like to see fewer open source licenses, but "...at the end of the day, as long as they are truly open source and companies are *using* them, I don't really care." Barnes is pleased to see that Sun is taking steps to making good software more widely availible. I asked if Sun was viewed as being a competitor. Barnes says that perhaps, but that RH is trying to make fundamental changes to the way software is built. "Perhaps Sun will join. They have taken steps in that direction so far, so they could be an ally."

Oh, and again for the record, Hurricane Dennis got Barnes "personally quite wet."

The last question sparked a lot of back-and-forth, regarding the whole Red Hat trademark issue.

(Note: To get background on this, read the original article, and the subsequent follow-up with a letter from Bob Young.)

The following, according to Barnes, is what's going on: "We have to protect our trademark. People were selling hand-burned CDs and using our name, box image, and logo to do it. We had customers complain vehemently to us directly about that as they felt burned. We had to take action to keep that from happening." This was what sparked the original issue with Amazon, and how it appeared that Red Hat was banning anyone from using their name in any way unlicensed by them. The issue, then, is, how do people know what they're getting? For example, people want to know what they're getting when they buy Cheapbytes/LinuxMall/Bob's1$LinuxEmporium/LinuxCentral Linux. Are they getting Debian, Suse, Red Hat, Caldera etc.? Recognizing that Red Hat has a valid brand they must protect, where does that leave the manufacturers? RH's answer: "If they ship "Red Hat Linux" as their own "Cheapbytes Linux", then it must *be* Red Hat Linux. We can verify that with PGP signatures and the like. They can say it contains Red Hat Linux, but they can't explicitely *call* it that." For example, under this scheme, they could "call it `Foo Linux which contains Red Hat Linux 6.0' or something similar." What they can't do, however, would be to release a CD with a PGP signature that checks out, but call it Red Hat Linux. Only Red Hat can explicity title their distribution "Red Hat Linux". And if a company puts out a CD saying it "Contains Red Hat" and the PGP doesn't check out (e.g. modified from original or something, then "they can't say that and we'd have cause to have the product sales stopped."

Phew. So, how do you handle something like Mandrake-Linux? Can you call say "Derived from Red Hat Linux?" Barnes points out that he's not a trademark lawyer, so don't hold him to be a legal litmus test, but that, yes, that will be possible. (Note:More guidelines on this will be coming out soon. Keep an eye on Red Hat's site for details.)

But when it comes to recognition, of course Red Hat appreciates being recognized for having contributed, e.g. Mandrake putting "Derived from Red Hat" on the CD. As Barnes says, "Acknowledgment of one's hard work is always welcome. We just want it done properly... they can take Internet bits and build their own name. You don't see us claiming the name of every other distribution that contributed some code to RH, do you? But they can take our code and use it. That's what this is all about."

Wrap-up:: Interesting to talk with Donnie, and you can see that the quiet period has been hard on them - being unable to respond to comments would be, I suppose. It seems that the basic direction of Red Hat remains unchanged; that is, commitment to the GPL, working with the industry on software patent issues, and trying to get people to join the "movement." The greatest concern that CT and I is how all of this money will affect them as an organization, but I suppose that's an issue for the greater Linux universe as well. Only time will tell. And, on that platitudianal note..

disclaimer:Hemos owns shares in Red Hat

CitizenC writes "Microsoft has responded to the report of the allegations of leaving a backdoor in all of its products for the NSA. "

mathowie writes "Here's my notes from the 30th Internet anniversary event that took place at UCLA on Thursday. This is a very long, very detailed piece, but worth your time to read if you're interested in learning where the Internet might be heading in the next 5 - 10 years. A Recap of the 30th Anniversary of the Internet Celebration at UCLA September 2, 1999 by Matthew Haughey

Thirty years ago today, the first communication between the Interface Message Processor (IMP) and a host computer took place in a Computer Science Lab at UCLA. The ARPAnet was born, with four nodes by the end of 1969. Today amid the current explosion of Internet growth, the pioneers gathered along with the forerunners of the internet revolution to commemorate that first event and talk about where we are today and where we go from here.

As I walked in, I caught Leonard Kleinrock in the lobby being mobbed by reporters doing interviews in front of the original IMP. As you can see in the photo, several local news and radio outlets covered the event. I had hoped to see some of the footage on the 11 o'clock news, but as I write this, it's just after 11:30, and I only saw a few seconds and quick mention on one of the network news shows.

After 20 minutes of mulling around past the original start time, The Chancellor started off the event with a quick welcome and general speech about how the internet has spread and enriched our lives. The Chair of the Engineering School at UCLA spoke next for about 15 minutes, discussing the impact of Leonard Kleinrock's achievements and Len's great rapport with his former students.

Len Kleinrock took the stage and recounted the 20th Anniversary event, which was a symposium held at UCLA, the 25th Anniversary event, which was held in Cambridge, Massachusetts, and a recent gathering just a few days ago up in Stanford. Those events, he said, focused on the rich history of how the ARPAnet was built and how it eventually lead up what we call The Internet today. Rather than delve into the past, he went on, today's event was going to center around where the Internet will lead us into the future. I was a bit surprised at first, but relieved that I wasn't going to see a rehash of the history, but a refreshing dialogue between the brilliant set of panelists of what they felt was to come.

Dr. Kleinrock then laid down the ground rules for the day. There would be four panels, and he would act as chair of the event, introducing each moderator. He introduced the first panel, titled "Gorillas", which was supposed to represent the proverbial 900 lb. gorillas of the Internet industry. Joining the moderator, Kipling Hagopian of Brentwood Venture Capital were Christine Hemrick of Cisco, Daniel Rosen of Microsoft, George Vradenburg of AOL, and Ronald Whittier of Intel.

Everyone on the panel was in good spirits and took some gentle jabs from the moderator. When the moderator made a joke about the justice department's crackdown on Microsoft, the representatives of Microsoft and AOL both praised the low regulation of the industry thus far and accredited their rapid and extreme growth with the "hands off" policy of the U.S. government. They also stated their support for ICANN and the deregulation of the Internet's domain namespace.

In response to a question about the growth of Cisco, Christine Hemrick praised openness and non-ownership of industry standards like TCP/IP. Since no one owned TCP/IP, she said, anyone could start a company that based their communications on that protocol. The moderator asked several questions about bringing broadband into the home, and whether cable or DSL would be the key technology. Ms. Hemrick stressed that wireless technologies might surpass the capabilities and availability of cable and DSL very soon, which was a good thing to hear.

The panelists were a sharp group of people. Whenever a question about upcoming technology was posed, they acknowledged the fact that the industry moves so fast that no one knows what we will be using in 5 years for any specific technology. They pointed to the audience several times and said that someone among us could start a new company tomorrow with technology that could blow away anything their corporations had done before. When the panel was asked about the longevity of their large corporations, they agreed that scalability was important, to grow with the industry, but trying to stay as close as possible to customers and continuing to address their needs was also important.

All the panelists talked about how hard it was to stay ahead of everyone, to continue as industry leaders with so many competitors on their heels. When asked about the future, one panelist commented that soon the term "e-commerce" would be meaningless, due to a blurring between conventional commerce and commerce done over the Internet. Someday soon, they said, every business would have some aspect of it that would be Internet related. All in all, the four panelists were charismatic, well-spoken, and a hip bunch, making a few jokes about Al Gore inventing the Internet.

The second panel was for the people behind recent industry successes, titled "Netpreneurs." It was moderated by Willem Mesdag of Goldman Sachs and the panelists were David Bohnett, founder of GeoCities, Eric Brewer, co-founder of Inktomi, Sky Dayton, founder of EarthLink, John Payne, CEO of Stamps.com, and Henry Sameueli, co-founder of Broadcom.

It was amazing that no company represented on the panel was created before 1991, with most of them formed in either 1995 or 1996, yet they all had market caps of at least a billion dollars each. Overall, the second panel wasn't as interesting as the first bunch of panelists, some of their answers sounded like a press release. This was especially true for Sky Dayton, who sounded like he was repeating his radio commercials in response to every question he was asked. When asked how they became successful, each panelist talked about how their company filled a void not covered by a larger company, and how they could move faster than a large corporation. Sky Dayton stressed this, the size of your company compared to your competitors was unimportant. What mattered most was the speed at which you could respond to changes in the industry, economy, and customer base. He said that if you were starting a new company, focus on one specific area of the market, and stick to it. Don't try to be monolithic agencies that can do everything like Microsoft tries to be, he said, just do one thing really well and you can emerge as a market leader. He also pitched his new company eCompanies.com for budding entrepreneurs, they are setting up a clearinghouse of new ideas, and intend to fund business plans that catch their eye. When asked about the potential for new companies Dayton said something interesting, he estimated that the development of the Internet as a "thing" was about 20% done at most. That even in 1999, we were just barely scratching the surface of what is possible, he said. Overall the session was enlightening and I came away with a new found enthusiasm to get my ideas out the door.

The third panel was perhaps the most interesting. It was titled "eConsumers" and was moderated by Patt Morrison of the LA Times, who was joined by John Barlow, co-founder of the Electronic Frontier Foundation, Jeffrey Cole, director of UCLA's Center for Communication Policy, Alan Kay, VP of Imagineering at Disney, and Dan Lynch, founder of Cybercash.

Although the panel was supposed to focus only on consumer issues, the topics discussed ran the gamut, from personal privacy issues to numerous "what if" scenarios of our future ultra-wired world, and the social implications of each. Patt Morrison moderated as a sort of devil's advocate, asking for the panel's reaction to several cynical questions like trusting e-commerce vendors, internet rumors becoming news, and how our lives may be hindered by the burden of technology. Surprisingly, the panel, which had varied opinions on most topics, all found something positive in each question and future scenario. An ebay deal gone bad meant a user could learn to be more careful of sellers, news could not be trusted and should be approached with skepticism, and our lives could be made much better by an increased use of technology by saving us time spent on mundane tasks like paying bills or waiting in lines while shopping.

Intellectual property and copyright issues were discussed, where John Barlow and Alan Kay agreed that intellectual property was dead, and that ideas should be given away freely. Mr. Barlow talked about how every article he's written is freely available online, which allows him to generate revenue from unwritten works. Publishers can see all his writing, he went on, and they pay for new pieces to be written. He said he didn't worry about copyright, because his most valuable ideas were the ones he hasn't had yet. John said it was the philosophy behind the Grateful Dead (whom he wrote songs for); they allowed their shows to be freely taped and exchanged, and they derived revenue from people wanting to see them perform live.

Alan and John also talked about how a lot of intellectual property is meaningless to much of the population, that a technical idea is so complex that few people understand it, regardless of whether or not it is in the public domain. Dr. Kay used Linux as an example of this, the kernel is so complex that one in a million people can understand it all and contribute programming expertise. But with the advent of the Internet, he added, finding that one in a million is easy, and 100 or more people can be brought together to work on it. He praised the development of the ARPAnet because it was open, allowing researchers from all over to contribute to a greater good, and said in today's climate a large corporation would probably try to make much of it proprietary and hinder its development.

When asked how Linux can generate revenue, Alan said that like the Grateful Dead example, giving away Linux meant that large fees could be found in consulting, helping companies use the technology to their advantage. He then mentioned something that dropped just about everyone's jaw: he said that the company with the biggest revenue in the computer industry was not Microsoft, but IBM's consulting business, which he said brings in double the revenue that Microsoft does selling software, just by showing companies how to use technology in their business (which Linux is a part of). Alan Kay stood out as an extremely articulate guy with numerous enlightened answers, and everyone on the panel had great things to say about what the future might be like.

The fourth and final panel, titled "Beyond Today's Internet" was moderated by Stephen Segaller of WNET, the PBS station behind the Triumph of the Nerds series. He was joined by the four pioneers of the original ARAPnet, Vinton Cerf, now with MCI, Robert Kahn, now with the Corporation for National Research Initiatives, Leonard Kleinrock, of the UCLA Computer Science Department, and Lawrence Roberts, now of Packetcom

Along with the theme of the day's event, the forefathers of today's Internet focused solely on the future. Since they all have networking backgrounds, the first question was whether or not the network could keep up with client demands. The four panelists unanimously agreed that the capacity of the network would continue to expand at a rate greater than our immediate needs. They acknowledged the limits of the current IP naming system, and that IPv6 would expand the limit of addresses to near 10^38. Len Kleinrock had a problem with these imposed limits and Vint Cerf joked that 10^38 IP addresses would mean enough for "a web page for every molecule on earth." Len clarified his protest and stated that we should instead design variable length solutions to the problem, solutions that offer unlimited means. When asked about limits of physical devices like routers handling packet switching, they agreed that packet switching would probably be replaced by an unknown technology, and that physical capacities of networks would increase with the increased use of fiber. Len said instead of digital packets traveling through copper wire, in the future, it would just be pulses of light traveling along fiber. They all spoke of the proposed growth of the Internet, to surpass one billion people online in the next decade, and they mentioned something that was discussed briefly on an earlier panel; that someday soon, anything you buy over a certain price, say $25, would offer connectivity to the internet for a specific reason. Not a toaster that checks email, but each appliance would use the Internet for communication purposes.

This was another reason Len used to support unlimited IP addressing, due to the fact that billions of devices would need to access the internet. Questions asked by the moderator were mostly big picture, and the panel discussed them at that level. They talked about distant futures, when billions of people would be interacting with billions of devices, we would see drastic changes in Human-Computer interaction. They even alluded to the similarities between an enormous interconnected network of people and machines approaching the complexity of organic beings. The panel agreed with earlier panels that what were are witnessing is bigger than the industrial revolution. The knowledge explosion, as many called it, was going to fundamentally change how we do everything in the future.

Overall, it was an amazing experience. Among all the speakers and panelists, there were several messages that came across. The mood of everyone thinking about the future was one of optimism and opportunity. The interconnecting of everyone person on earth will trigger a knowledge revolution that will have deep, drastic changes on our lives and those around us. But if these future developments are met with some skepticism, and intelligence, it will undoubtedly be a good thing.

Matthew Haughey September 3, 1999

My photos from the event can be seen here

"

JDC writes "Apparently, Intel has first silicon on their IA-64 processor. I wonder how long till I can play Descent on one of those babies... ;) " Linux has been working on the simulators, and is reported to work on the actual silicon. However, contrary to prior reports, Windows does boot and run on the engineering prototype.

Lots of readers pointed us to this Microsoft.com page that says MS has stopped trying to make NT run on 64-bit Alphas and isn't even going to release any new 32-bit Alpha products. For more info on the subject, check this Netcape Netcenter article and the Ixnay WinNT on Alphastory we ran last Friday. Meanwhile, according to a short blurb in The Register, Intel has finally prototyped Merced in silicon - and it runs Linux fine but won't run Win64 at all. It looks like Microsoft simply can't deal with 64-bit architecture. Please try not to say "I told you so" too loudly to your MS-boosting coworkers, okay? ;-)

leddhead writes "Was browsing over at the microsoft site when i ran across this interview with dave cutler of vms/winnt fame. It is interesting to note how he stresses reliabilty over fancy graphics..." It's actually kind of an interesting interview if you ignore its PR-ish feel -- and the MS Word "?" problem if you're reading it in a Linux or Unix browser. The writer says the first NT OS/2 (NT's original name back in 1989) specs will be displayed at the Smithsonian soon. I wonder if this means Linus's first notes will be there someday. One can hope.

Occasionally someone submits a feature that really raises my eyebrow. Jack William Bell did just that by submitting 'Open Source as an Ant Farm'. Its a really interesting piece that talks about code as art, and much more. Its quite funny, and its got a lot to think about. Click now, you won't regret it. Open Source as an Ant Farm by Jack William Bell

Where Open Source is concerned, hyperbole from the digerteratti hype meisters proliferates nearly as quickly as the hyperlinks they hype. Let's face it -- Clapton has been deposed; Linus Torvalds is now God. And those pundits shouting his divinity the loudest can^Òt even tell a stack register from a walrus. I wonder if Jesus had the same problem?

This constant lionizing of Linus is getting on my nerves. I mean, he is probably a great guy and all (if you know what I mean), but a great man? Usually you wait until people are safely dead (and unable to further embarrass themselves) before heaping those kinds of laurels on their heads. If I was he I would start worrying about that strange human proclivity for taking our living idols down a notch once in a while. Or even nailing them to a tree. Not to mention burning at the stake, drawing and quartering and satirizin g on TV.

But I knew things were getting ridiculous this last week when I saw three different weblogs pointing to the same dumb article using variations on the same dumb caption: 'Open Source as an Art Form' . I mean come on, just because a bunch of nutzoid art types gives Torvalds an award for Linux doesn't mean that an operating system or a development model is art! Yeesh!

Not that I don't think of programming as art mind you. After all I am a programmer myself and I often like to compare what I do to the creation of art. A kind of raw industrial art perpetuated underneath the digital world by Morlo cks like myself while the Eloi cavort on the surface, unaware of the immense complexity (and fragility) of their world. In other words code is art, but it is exclusionist art. No more approachable to the everyday person than a Jackson Pollock work. And twice as incomprehensible!

After all if everyone could do it, it wouldn't be art, would it? It would be just another craft. And if everyone could appreciate good code the way I appreciate the Impressionists then it would be 'Classical' (read 'Dead') Art. Not something alive and thriving. Bubbling and fermenting and making funny smells the way the process of hacking out good code does.

But, you say, it is being appreciated just as you would like! After all, isn't that what the award was all about?

Well, no frankly. Not even close. In my opinion if you can't write good code you can't appreciate good code. At the most you can only appreciate the end result, the compiled program. And, while some programs are definitely 'art' in their own right, many others cannot be described as such based on their even visible-to-the-user external features. And Linux, while a work of art in my programmer eyes, is really just a kernel. A piece of code that, if everything is working right, the user will never see directly. Some of my peers would agree with this. Some will not. As always opinions are all over the map...

One poster on Slashdot tried to have it both ways when he opined "Which part of the programming is the art? Is it the code, neatly formatted, with creative comments and clever algorithms or is it the finished product? When you look at 'art' in a museum, all you see is the finished product . . . So which is the art? The code or the program? I personally think it's the program, and beautiful programs usually have very nice/efficient/clean code."

While another lamented "When the New Yorker compares Open Source to the Algonquin roundtable, the seventh seal will be complete and Microsoft will be free to release Windows 2000."

And another asks "So how is this art going to be displayed? Will art galleries have framed printouts of C code, or will they just give out Linux CDs?"

How indeed? Well, if you read the dumb article I mentioned above you will find the author's thesis is that neither the source code nor the compiled Linux kernel code is the issue, rather the art in question is the Open Source development model that built it! He bases this proposition the following facts:

• China Youth Daily used the Microsoft consternation over Open Source for propaganda purposes.
• The Open Source development model (as described by Eric Raymond) is about cooperation and participation.
• Indian Potlatches were about cooperation and participation.
• The Surrealists did some stuff that involved cooperation and participation.
• A lot of twentieth century art uses 'quotation' (like painting soup cans or sampling 1970's Rock and Roll for Rap music) and 'quotation' is kind of like Open Source, isn't it?
• John Myatt's art forgery scam was kind of like 'quotation' too! And it was kind of like art as well
• When some people share a pseudonym to do wacky performance art, and then someone else uses the same nom de plume to crack a web site or to write an on-line 'tag-team' novel you have cooperation and participation and quotation and propaganda all rolled into one, with an Internet connection as a sweetener!

My first thought on reading the article was "Huh?" Then I reread and listed the salient points above and reiterated "Huh?"

Clearly Harvey Blume isn't a programmer. If he was I wouldn't trust him to code a 'for' loop based on his demonstrated grasp of simple logic. Nonetheless if he had simply stated that Open Source programming with the Bazaar model is 'Art' because he says it was art I would have much less to quibble with. After all art, like beauty, is in the eye of the beholder. Only he didn't. Instead he chose to defend his allegation using arguments that indicate he doesn't understand anything about the subject. In other words, I cannot say Mr. Blume is wrong, but I can state with near certainty that he is the wrong person to make the claim. He might be right, but for the wrong reasons.

So, assuming you can call a development model an art form -- how do you hang it on the wall? I would argue that it is already there. The main point about Open Source is that it is (wait for it) . . . OPEN! Duh^Å Unlike 'Closed' development the source code is available for all to see. And often the discussions between developers are available as well, archived on one list server or another. In the Internet sense you can't get up against the wall any more that that!

But what does the average art lover see hanging there? Open Source as an Art Form? I think not. More like Open Source as an Ant Farm! At most they will get a glimpse of we scurrying workers as we toil underground. But they will never, ever understand. As I said before, I am OK with that.

Non programmer types can present art awards for Linux or even Sendmail if they like, but it doesn't signify to me. In my opinion these awards mean nothing until they are given by someone who understands why the jargon file definition of 'Recursion' is funny. Until then I would rather they just threw money. Wouldn't you?

Well, we've done it again. Yes, Geeks in Space, Episode 5 has been released. In it, we lament the lack of good news, talk about anti-matter, and the hiring of hacks by companies. You can also become...educated in my long-term plan for the hostile takeover of a certain Redmond-based company.

Matthew Priestley has taken a break from slaving for the man to write us a piece where he takes on the convential wisdom that Security through Obscurity isn't secure at all, and tries to argue that sometimes it is. Click the link below to read it. Lots of interesting stuff and some good examples. Its worth a read. The following was written by Slashdot Reader Matthew Priestley Obscurity as Security Disclaimer: The author of this paper works for Microsoft, but his opinions may not be those of Microsoft. In fact, they aren't. The author hereby declares that nobody important is even aware of his existence and that the closest he has ever come to plotting with Bill Gates on the Master Plan was when they used adjacent urinals this one time. The author did not peek.

0 Introduction With the popularity of the open-source mindset, a general contempt has drizzled upon all forms of obscurity. The concept of security through obscurity (STO) in particu lar has been decimated. Security through obscurity, which relies on the ignorance of attackers rather than the strength of defenders, is dead in all but practic e. The victory of the opposing full disclosure approach is so complete that proposed ta ctics die at the mere hint they are a form of STO.

This paper suggests security through obscurity can and does work in certain strictly limited ways, and should not be eliminated unthinkingly from the admin's arsenal. It further implies that the boundaries between STO and 'real' security are blurry and deserve evaluation. However, this paper in no way proposes obscurity as a method for keeping secrets in the long term.

1 Full disclosure does not apply to instantiated data Instantiated data - the data used by specific instances of an algorithm - do not fall within the scope of full disclosure. Were this not so, then even the simplest password would violate the ban on security through obscurity. Passwords are secrets known only to their creators, and password entry is commonly obscured, as in the case of the 'shadow' login of UNIX. While the login protocol may be open, passwords themselves are a form of STO, with obscurity localized in the password string.

Instantiated data are exempt from full disclosure because the risk from their failure is limited. When a script cracks a password, the damage done to the secure system extends only as far as that password's scope. The cracker cannot use the compromised string to gain power directly in another system, even if that system runs the same password protocol. Nor can anything be inferred about the value of one password merely from the value of another with equal or lower permissions.

A similar example of instantiated data obscurity is the private key that forms the basis of asymmetric cryptography. So obscure is this information that it is rare for even the owner to be familiar with its precise value. But such obscurity is a necessary element of modern security schemes. Strong security does not eliminate obscurity - rather, it localizes obscurity to instantiated data. The phrase in cryptology, 'carry all security in the key' might be better phrased 'carry all obscurity in the key'.

2 Full disclosure does not apply to time-limited secrets Secrets that expire after a short lifetime can be protected by a wider array of techniques than long-standing secrets. The defense of information that will be irrelevant in a matter of hours or days may not warrant fully peer-reviewed security. Consider the famous Navajo code-talkers of World War II. Among the Americans coordinating the at tack against Japanese-held islands in the Pacific were a number of Navajo Indians, who spoke a slangy version of the complex Navajo tongue. Commands from HQ were issued through these code-talkers, who encrypted and decrypted with an alacrity that belittled the automated methods of the day. This is an excellent example of time-limited security through obscurity. Secret languages are excellent security in the short-term, but however cryptic Navajo may be, it is a code subject to human betrayal. Use of Navajo against the Japanese much beyond the 3-year window of the war would have been unwise. But because the secrets of American strategy in the Pacific were irrelevant after the conclusion of the fighting, the long-term weakness of obscure Navajo as a security measure was unimportant.

3 Obscurity serves as a tripwire Perhaps the classic example of wrongheaded STO is the administrator who modifies his web server to listen on a nonstandard port - thereby confusing attackers, as the theory goes. Considering the degree to which tasks such as port scanning can be automated, the naivete of this defense seems plain. The cracker might be forced to check all 64512 unreserved ports, but eventually the concealed web server will be found. This appears to be a weakness of STO, but if manipulated correctly, it is in fact a great strength. Imagine that our same admin had also invoked a tripwire script and set it to listen on one or more unused ports. When the tripwire is probed with a SYN packet from a cracker trying to locate the web server, instantly the system goes to full alert. The packet is logged and the admin's pager sounds like an alarm.

Such tripwire approaches work because they do not expect obscurity to keep information hidden. Rather, they obscure information as a ploy to force invaders into showing their hand. Because the obscured implementation differs on each system, crackers must resort to guess-check scanning before attacks can commence. But tripwires are deployed throughout the system, anticipating this very move. Running an automated kit suddenly becomes a risky proposition, and even talented crackers must gamble on, for example, whether 'root' is really the name of the primary account or merely a hotline to the authorities.

Lighthearted implementations of this approach are a staple in the popular "Indiana Jones" films. In one scene, Jones is confronted with a hallway of lettered tiles, all seemingly alike. To cross safely he must step only on those tiles with letters corresponding to the secret word 'Jehovah'. The penalty for a misstep is to crash through the floor and plummet into a gaping pit. Attackers not privy to the password would find an exhaustive search less than optimal in this case. When traps are mingled with genuine data, STO can be a powerful disincentive. Such measures do not make a given machine resistant to breach in the long term, any more than medieval moats could ultimately protect their castles. But like moats, tripwire obscurity provides a critical buffer against attackers, allowing defenders room to breathe.

4 Asymmetric cryptography exhibits traits of STO Despite the notion that asymmetric cryptography such as RSA is 'real' security, in some aspects these methods resemble STO. Indeed, this entire class of cryptography is founded on the hopeful guess that a certain mathematical problem is intractable. The back door into cryptographic methods that rely on multiplying primes is, quite simply, to develop a swift means of factoring those multiples. This NP-time problem must be solved before a private key can b e derived from its corresponding public key, and the notorious difficulty of NP problems leads some supporters to characterize asymmetric cryptography as 'prova bly secure'. This is far from the case - there is uncertainty among mathematicia ns as to whether this problem will even prove non-trivial once approached from t he right angle. Startling progress has been made in solving similar 'impossible' problems using innovative ploys - for example, DNA computers can now solve the Traveling Salesman problem in linear time. Given that asymmetric encryption is used widely in the world's e-commerce infrastructure, the repercussions when this piece of obscurity is cracked are disturbing to contemplate.

One telling argument against STO is that it promotes a false sense of security, leading admins into complacency. But the complexity of asymmetric cryptography, combined with reports of its infallibility, can produce much the same effect. Co nsider this social-engineering exploit of digital signing. Using a tool such as m akecert, the cracker generates a root certificate with the name 'Verisign Class 1 Primary CA' and uses it to sign an end-entity certificate with the subject 'CN=Rob Malda, E=malda@slashdot.org' (CT:Please don't. I'm used to posers pretending to be me in Quake, but not on email ;) The cracker then sends the email to an enemy, using a client that does not validate e-mail addresses and spoofing the return address friendly name. The inexpert recipient, thinking all is in order and knowing that digital signatures never lie, trusts the root certificate and hence forth carries on a conversation with a false CmdrTaco. Only scrutiny of the headers will reveal the mail is actually going to a different address. The widely made claim that public-key cryptography is 'real' security and completely unrelated to 'false' STO delivers a more powerful illusion of security than anything an XOR'd password file can provide.

Even brute-force cryptanalysis has parallels in STO. Suppose we wish to conceal the passwords for a number of Swedish bank accounts. We resolve to write them to a secret location on our hard drive, perhaps a few unused bytes in a file sector. Only we, who know the lucky offset, can read the data. This form of concealment is a typical case of secruity through obscurity. The integrity of our secret depends on the ignorance of the cracker, and a trial of all 2^n possible locatio ns compromises the system. But in what way is this fundamentally different from the 'genuine' security of n-bit encryption? To break this form of security, 2^n keys are generated and tried agains t the cipher text until the result is a plain body. Is the difference between this 'true' security and the 'false' STO merely than n is considerably larger in encryption than in the case of hard drives? But this implies that our real error lay, not in reliance upon obscurity, but in having a hard drive of insufficient size!

5 Conclusions Security in the absence of obscurity is not strictly possible, but good systems both localize and advertise their points of obscurity. When the admin is fully a ware of the obscurity in a system, tripwires and instantiated data can provide a useful complement to more rigorous security techniques. Obscurity cannot keep information safe or concealed for long, but it can make attacks risky and destroy the effectiveness of automatic kits. These benefits should not be dismissed as an article of faith.

Matthew Priestley has taken a break from slaving for the man to write us a piece where he takes on the convential wisdom that Security through Obscurity isn't secure at all, and tries to argue that sometimes it is. Click the link below to read it. Lots of interesting stuff and some good examples. Its worth a read. The following was written by Slashdot Reader Matthew Priestley Obscurity as Security Disclaimer: The author of this paper works for Microsoft, but his opinions may not be those of Microsoft. In fact, they aren't. The author hereby declares that nobody important is even aware of his existence and that the closest he has ever come to plotting with Bill Gates on the Master Plan was when they used adjacent urinals this one time. The author did not peek.

0 Introduction With the popularity of the open-source mindset, a general contempt has drizzled upon all forms of obscurity. The concept of security through obscurity (STO) in particu lar has been decimated. Security through obscurity, which relies on the ignorance of attackers rather than the strength of defenders, is dead in all but practic e. The victory of the opposing full disclosure approach is so complete that proposed ta ctics die at the mere hint they are a form of STO.

This paper suggests security through obscurity can and does work in certain strictly limited ways, and should not be eliminated unthinkingly from the admin's arsenal. It further implies that the boundaries between STO and 'real' security are blurry and deserve evaluation. However, this paper in no way proposes obscurity as a method for keeping secrets in the long term.

1 Full disclosure does not apply to instantiated data Instantiated data - the data used by specific instances of an algorithm - do not fall within the scope of full disclosure. Were this not so, then even the simplest password would violate the ban on security through obscurity. Passwords are secrets known only to their creators, and password entry is commonly obscured, as in the case of the 'shadow' login of UNIX. While the login protocol may be open, passwords themselves are a form of STO, with obscurity localized in the password string.

Instantiated data are exempt from full disclosure because the risk from their failure is limited. When a script cracks a password, the damage done to the secure system extends only as far as that password's scope. The cracker cannot use the compromised string to gain power directly in another system, even if that system runs the same password protocol. Nor can anything be inferred about the value of one password merely from the value of another with equal or lower permissions.

A similar example of instantiated data obscurity is the private key that forms the basis of asymmetric cryptography. So obscure is this information that it is rare for even the owner to be familiar with its precise value. But such obscurity is a necessary element of modern security schemes. Strong security does not eliminate obscurity - rather, it localizes obscurity to instantiated data. The phrase in cryptology, 'carry all security in the key' might be better phrased 'carry all obscurity in the key'.

2 Full disclosure does not apply to time-limited secrets Secrets that expire after a short lifetime can be protected by a wider array of techniques than long-standing secrets. The defense of information that will be irrelevant in a matter of hours or days may not warrant fully peer-reviewed security. Consider the famous Navajo code-talkers of World War II. Among the Americans coordinating the at tack against Japanese-held islands in the Pacific were a number of Navajo Indians, who spoke a slangy version of the complex Navajo tongue. Commands from HQ were issued through these code-talkers, who encrypted and decrypted with an alacrity that belittled the automated methods of the day. This is an excellent example of time-limited security through obscurity. Secret languages are excellent security in the short-term, but however cryptic Navajo may be, it is a code subject to human betrayal. Use of Navajo against the Japanese much beyond the 3-year window of the war would have been unwise. But because the secrets of American strategy in the Pacific were irrelevant after the conclusion of the fighting, the long-term weakness of obscure Navajo as a security measure was unimportant.

3 Obscurity serves as a tripwire Perhaps the classic example of wrongheaded STO is the administrator who modifies his web server to listen on a nonstandard port - thereby confusing attackers, as the theory goes. Considering the degree to which tasks such as port scanning can be automated, the naivete of this defense seems plain. The cracker might be forced to check all 64512 unreserved ports, but eventually the concealed web server will be found. This appears to be a weakness of STO, but if manipulated correctly, it is in fact a great strength. Imagine that our same admin had also invoked a tripwire script and set it to listen on one or more unused ports. When the tripwire is probed with a SYN packet from a cracker trying to locate the web server, instantly the system goes to full alert. The packet is logged and the admin's pager sounds like an alarm.

Such tripwire approaches work because they do not expect obscurity to keep information hidden. Rather, they obscure information as a ploy to force invaders into showing their hand. Because the obscured implementation differs on each system, crackers must resort to guess-check scanning before attacks can commence. But tripwires are deployed throughout the system, anticipating this very move. Running an automated kit suddenly becomes a risky proposition, and even talented crackers must gamble on, for example, whether 'root' is really the name of the primary account or merely a hotline to the authorities.

Lighthearted implementations of this approach are a staple in the popular "Indiana Jones" films. In one scene, Jones is confronted with a hallway of lettered tiles, all seemingly alike. To cross safely he must step only on those tiles with letters corresponding to the secret word 'Jehovah'. The penalty for a misstep is to crash through the floor and plummet into a gaping pit. Attackers not privy to the password would find an exhaustive search less than optimal in this case. When traps are mingled with genuine data, STO can be a powerful disincentive. Such measures do not make a given machine resistant to breach in the long term, any more than medieval moats could ultimately protect their castles. But like moats, tripwire obscurity provides a critical buffer against attackers, allowing defenders room to breathe.

4 Asymmetric cryptography exhibits traits of STO Despite the notion that asymmetric cryptography such as RSA is 'real' security, in some aspects these methods resemble STO. Indeed, this entire class of cryptography is founded on the hopeful guess that a certain mathematical problem is intractable. The back door into cryptographic methods that rely on multiplying primes is, quite simply, to develop a swift means of factoring those multiples. This NP-time problem must be solved before a private key can b e derived from its corresponding public key, and the notorious difficulty of NP problems leads some supporters to characterize asymmetric cryptography as 'prova bly secure'. This is far from the case - there is uncertainty among mathematicia ns as to whether this problem will even prove non-trivial once approached from t he right angle. Startling progress has been made in solving similar 'impossible' problems using innovative ploys - for example, DNA computers can now solve the Traveling Salesman problem in linear time. Given that asymmetric encryption is used widely in the world's e-commerce infrastructure, the repercussions when this piece of obscurity is cracked are disturbing to contemplate.

One telling argument against STO is that it promotes a false sense of security, leading admins into complacency. But the complexity of asymmetric cryptography, combined with reports of its infallibility, can produce much the same effect. Co nsider this social-engineering exploit of digital signing. Using a tool such as m akecert, the cracker generates a root certificate with the name 'Verisign Class 1 Primary CA' and uses it to sign an end-entity certificate with the subject 'CN=Rob Malda, E=malda@slashdot.org' (CT:Please don't. I'm used to posers pretending to be me in Quake, but not on email ;) The cracker then sends the email to an enemy, using a client that does not validate e-mail addresses and spoofing the return address friendly name. The inexpert recipient, thinking all is in order and knowing that digital signatures never lie, trusts the root certificate and hence forth carries on a conversation with a false CmdrTaco. Only scrutiny of the headers will reveal the mail is actually going to a different address. The widely made claim that public-key cryptography is 'real' security and completely unrelated to 'false' STO delivers a more powerful illusion of security than anything an XOR'd password file can provide.

Even brute-force cryptanalysis has parallels in STO. Suppose we wish to conceal the passwords for a number of Swedish bank accounts. We resolve to write them to a secret location on our hard drive, perhaps a few unused bytes in a file sector. Only we, who know the lucky offset, can read the data. This form of concealment is a typical case of secruity through obscurity. The integrity of our secret depends on the ignorance of the cracker, and a trial of all 2^n possible locatio ns compromises the system. But in what way is this fundamentally different from the 'genuine' security of n-bit encryption? To break this form of security, 2^n keys are generated and tried agains t the cipher text until the result is a plain body. Is the difference between this 'true' security and the 'false' STO merely than n is considerably larger in encryption than in the case of hard drives? But this implies that our real error lay, not in reliance upon obscurity, but in having a hard drive of insufficient size!

5 Conclusions Security in the absence of obscurity is not strictly possible, but good systems both localize and advertise their points of obscurity. When the admin is fully a ware of the obscurity in a system, tripwires and instantiated data can provide a useful complement to more rigorous security techniques. Obscurity cannot keep information safe or concealed for long, but it can make attacks risky and destroy the effectiveness of automatic kits. These benefits should not be dismissed as an article of faith.

Matthew Priestley has taken a break from slaving for the man to write us a piece where he takes on the convential wisdom that Security through Obscurity isn't secure at all, and tries to argue that sometimes it is. Click the link below to read it. Lots of interesting stuff and some good examples. Its worth a read. The following was written by Slashdot Reader Matthew Priestley Obscurity as Security Disclaimer: The author of this paper works for Microsoft, but his opinions may not be those of Microsoft. In fact, they aren't. The author hereby declares that nobody important is even aware of his existence and that the closest he has ever come to plotting with Bill Gates on the Master Plan was when they used adjacent urinals this one time. The author did not peek.

0 Introduction With the popularity of the open-source mindset, a general contempt has drizzled upon all forms of obscurity. The concept of security through obscurity (STO) in particu lar has been decimated. Security through obscurity, which relies on the ignorance of attackers rather than the strength of defenders, is dead in all but practic e. The victory of the opposing full disclosure approach is so complete that proposed ta ctics die at the mere hint they are a form of STO.

This paper suggests security through obscurity can and does work in certain strictly limited ways, and should not be eliminated unthinkingly from the admin's arsenal. It further implies that the boundaries between STO and 'real' security are blurry and deserve evaluation. However, this paper in no way proposes obscurity as a method for keeping secrets in the long term.

1 Full disclosure does not apply to instantiated data Instantiated data - the data used by specific instances of an algorithm - do not fall within the scope of full disclosure. Were this not so, then even the simplest password would violate the ban on security through obscurity. Passwords are secrets known only to their creators, and password entry is commonly obscured, as in the case of the 'shadow' login of UNIX. While the login protocol may be open, passwords themselves are a form of STO, with obscurity localized in the password string.

Instantiated data are exempt from full disclosure because the risk from their failure is limited. When a script cracks a password, the damage done to the secure system extends only as far as that password's scope. The cracker cannot use the compromised string to gain power directly in another system, even if that system runs the same password protocol. Nor can anything be inferred about the value of one password merely from the value of another with equal or lower permissions.

A similar example of instantiated data obscurity is the private key that forms the basis of asymmetric cryptography. So obscure is this information that it is rare for even the owner to be familiar with its precise value. But such obscurity is a necessary element of modern security schemes. Strong security does not eliminate obscurity - rather, it localizes obscurity to instantiated data. The phrase in cryptology, 'carry all security in the key' might be better phrased 'carry all obscurity in the key'.

2 Full disclosure does not apply to time-limited secrets Secrets that expire after a short lifetime can be protected by a wider array of techniques than long-standing secrets. The defense of information that will be irrelevant in a matter of hours or days may not warrant fully peer-reviewed security. Consider the famous Navajo code-talkers of World War II. Among the Americans coordinating the at tack against Japanese-held islands in the Pacific were a number of Navajo Indians, who spoke a slangy version of the complex Navajo tongue. Commands from HQ were issued through these code-talkers, who encrypted and decrypted with an alacrity that belittled the automated methods of the day. This is an excellent example of time-limited security through obscurity. Secret languages are excellent security in the short-term, but however cryptic Navajo may be, it is a code subject to human betrayal. Use of Navajo against the Japanese much beyond the 3-year window of the war would have been unwise. But because the secrets of American strategy in the Pacific were irrelevant after the conclusion of the fighting, the long-term weakness of obscure Navajo as a security measure was unimportant.

3 Obscurity serves as a tripwire Perhaps the classic example of wrongheaded STO is the administrator who modifies his web server to listen on a nonstandard port - thereby confusing attackers, as the theory goes. Considering the degree to which tasks such as port scanning can be automated, the naivete of this defense seems plain. The cracker might be forced to check all 64512 unreserved ports, but eventually the concealed web server will be found. This appears to be a weakness of STO, but if manipulated correctly, it is in fact a great strength. Imagine that our same admin had also invoked a tripwire script and set it to listen on one or more unused ports. When the tripwire is probed with a SYN packet from a cracker trying to locate the web server, instantly the system goes to full alert. The packet is logged and the admin's pager sounds like an alarm.

Such tripwire approaches work because they do not expect obscurity to keep information hidden. Rather, they obscure information as a ploy to force invaders into showing their hand. Because the obscured implementation differs on each system, crackers must resort to guess-check scanning before attacks can commence. But tripwires are deployed throughout the system, anticipating this very move. Running an automated kit suddenly becomes a risky proposition, and even talented crackers must gamble on, for example, whether 'root' is really the name of the primary account or merely a hotline to the authorities.

Lighthearted implementations of this approach are a staple in the popular "Indiana Jones" films. In one scene, Jones is confronted with a hallway of lettered tiles, all seemingly alike. To cross safely he must step only on those tiles with letters corresponding to the secret word 'Jehovah'. The penalty for a misstep is to crash through the floor and plummet into a gaping pit. Attackers not privy to the password would find an exhaustive search less than optimal in this case. When traps are mingled with genuine data, STO can be a powerful disincentive. Such measures do not make a given machine resistant to breach in the long term, any more than medieval moats could ultimately protect their castles. But like moats, tripwire obscurity provides a critical buffer against attackers, allowing defenders room to breathe.

4 Asymmetric cryptography exhibits traits of STO Despite the notion that asymmetric cryptography such as RSA is 'real' security, in some aspects these methods resemble STO. Indeed, this entire class of cryptography is founded on the hopeful guess that a certain mathematical problem is intractable. The back door into cryptographic methods that rely on multiplying primes is, quite simply, to develop a swift means of factoring those multiples. This NP-time problem must be solved before a private key can b e derived from its corresponding public key, and the notorious difficulty of NP problems leads some supporters to characterize asymmetric cryptography as 'prova bly secure'. This is far from the case - there is uncertainty among mathematicia ns as to whether this problem will even prove non-trivial once approached from t he right angle. Startling progress has been made in solving similar 'impossible' problems using innovative ploys - for example, DNA computers can now solve the Traveling Salesman problem in linear time. Given that asymmetric encryption is used widely in the world's e-commerce infrastructure, the repercussions when this piece of obscurity is cracked are disturbing to contemplate.

One telling argument against STO is that it promotes a false sense of security, leading admins into complacency. But the complexity of asymmetric cryptography, combined with reports of its infallibility, can produce much the same effect. Co nsider this social-engineering exploit of digital signing. Using a tool such as m akecert, the cracker generates a root certificate with the name 'Verisign Class 1 Primary CA' and uses it to sign an end-entity certificate with the subject 'CN=Rob Malda, E=malda@slashdot.org' (CT:Please don't. I'm used to posers pretending to be me in Quake, but not on email ;) The cracker then sends the email to an enemy, using a client that does not validate e-mail addresses and spoofing the return address friendly name. The inexpert recipient, thinking all is in order and knowing that digital signatures never lie, trusts the root certificate and hence forth carries on a conversation with a false CmdrTaco. Only scrutiny of the headers will reveal the mail is actually going to a different address. The widely made claim that public-key cryptography is 'real' security and completely unrelated to 'false' STO delivers a more powerful illusion of security than anything an XOR'd password file can provide.

Even brute-force cryptanalysis has parallels in STO. Suppose we wish to conceal the passwords for a number of Swedish bank accounts. We resolve to write them to a secret location on our hard drive, perhaps a few unused bytes in a file sector. Only we, who know the lucky offset, can read the data. This form of concealment is a typical case of secruity through obscurity. The integrity of our secret depends on the ignorance of the cracker, and a trial of all 2^n possible locatio ns compromises the system. But in what way is this fundamentally different from the 'genuine' security of n-bit encryption? To break this form of security, 2^n keys are generated and tried agains t the cipher text until the result is a plain body. Is the difference between this 'true' security and the 'false' STO merely than n is considerably larger in encryption than in the case of hard drives? But this implies that our real error lay, not in reliance upon obscurity, but in having a hard drive of insufficient size!

5 Conclusions Security in the absence of obscurity is not strictly possible, but good systems both localize and advertise their points of obscurity. When the admin is fully a ware of the obscurity in a system, tripwires and instantiated data can provide a useful complement to more rigorous security techniques. Obscurity cannot keep information safe or concealed for long, but it can make attacks risky and destroy the effectiveness of automatic kits. These benefits should not be dismissed as an article of faith.

SuperID asks: "I just attended a very long, mostly boring briefing smattered with zillions of animated color power point slides touting "messaging middleware" as the salvation of scalable architectures. While the buzzword density was extremely high ( "Data Mining" and "OLAP for the Information Warrior" *shudder* ) I can at least recognize a trend when it smacks me in the face. So, are there Opensource equivalents to products like IBM MQSeries or Microsoft Message Queing Server? Are there open standards that define how these types of servers operate? Maybe an Internet RFC?"

Matthew Priestley has written an excellent essay on News in the Slashdot Decade. It talks about how The Internet is changing the way that news moves about, and discusses problems and advantages related to it. Interesting its a really excellent piece.

The following was written by Slashdot Reader Matthew Priestley, who, despite his email address, is a pretty cool guy Honest News in the Slashdot Decade
In this paper, we discuss the nature of biased and unbiased news in terms of 'trust decisions', using the cryptographic sense of that phrase. We examine the biases in modern media and identify their causes. Two examples of community news services are examined: Slashdot.org, and FreeRepublic.com. (0) From this analysis we derive a model of community news.

Disclaimer: The author of this paper works for Microsoft, but his opinions may not be the opinions of Microsoft. In fact, they aren't. The author hereby declares that nobody important at Microsoft is even aware of his existence, and that he is about as significant to Bill Gates as a single bacterium in your colon is significant to the weather in France.

0 Introduction
There is a malaise of distrust among news consumers. In recent years the number of news outlets has dwindled due to mergers and attrition, leaving information consumers with a scrawny range of choice. As the global quantity of information grows at a jaw-dropping rate, individuals increasingly despair of their ability to filter the news without aid from massive corporations.

Almost half of adults have little or no trust in media agencies (1), yet almost all delegate news collection to companies they will condemn if asked. When consumers knowingly act against their own interests, a form of coercion must be in operation. In the case of news, this coercion is a stranglehold enjoyed by media companies over filtered information. If their services are not accepted, the consumer sinks in a sea of data. In a world in which no one can process all the news and still enjoy a full life, having all information is as useless as having no information at all.

1 Nature and weakness of trust decisions
The selection of a news-filtering agency resembles what is called in cryptology a 'trust decision'. Briefly, a trust decision is a choice made by the user to validate another user's digital certificate. By assigning trust to the certificate, any content signed by that certificate becomes, in a limited sense, trustworthy. (2)

It is burdensome to evaluate the trustworthiness of every certificate, and a typical user lacks the expertise to investigate each exhaustively. For this reason, most users choose to trust a Certification Authority or CA, a central agency empowered to make trust decisions on their behalf. By endowing a single node with the power to filter certificates, the user is spared this chore. (3)

This process is analogous to the decision to accept news from an established information outlet. It would require an unreasonable effort and scads of time for any individual to audit all the news. Apart from sheer volume, appraising facts often requires background familiarity. Sources must be checked, viewpoints solicited, and impact considered. It becomes clear that this is no task for a person who hopes to conduct, for example, a life on the side. Hence the necessity of the trust decision.

Due to the exhausting claims of evaluating news, authority to filter information must be delegated.

2 Sources of bias in modern media
2.1 Opinion pollution
That trust decisions are subject to predation should be apparent. The most evident form of bias is opinion pollution, in which the subjective feelings of a reporter taint the news. Such bias may either systemic, or it may be the fault of "rogue" reporters, or both.

This form of bias is trivial to establish. In a July 8th article discussing a verdict against tobacco companies, the New York Times dwells on the volume of damning evidence presented by the plaintiffs. The deformities of the smokers are described, and the article drops a helpful tip about joining the suit. (4) Covering precisely the same event, the Wall Street Journal scrupulously avoids discussing the smokers, save to describe their organizers as 'flamboyant'. The spectre of a flooded court system and billions in costs is raised multiple times, and the guilty verdict categorized as a legal 'aberration'. (5)

This form of trust violation can be characterized in two ways. If the tolerance for personal beliefs in the news is not widespread, but isolated to a few reporters, then officials of the corporation have delegated their authority unwisely. An organization that is otherwise trustworthy will eventually correct this error. If the corruption runs throughout, however, then the consumer's initial trust decision was poor. In either event, ongoing opinion pollution can only be sustained by broad organization-wide consensus on the value of certain ideas.

Opinion pollution is a trait of homogeneous groups.

2.2 Advertising revenue and corporate ownership
Often overlooked as a source of bias is the murky relationship between news providers and advertisers. The age-old subscription model has fallen by the wayside, unable to compete with advertiser-funded services that appear to offer information for free. (6)

One fallacy is that advertising flows toward high readership, rewarding popularity with success. In reality, corporations are not interested in buyers, not readers. The Daily Herald, a worker's paper in 1960's England, boasted a readership of 4.7 million the year of its demise - nearly double that of the Times, the Financial Times, and the Guardian combined. (7) But the Herald's readers were demi-socialists, and failed to support the very businesses keeping their paper alive. The advertising money melted away.

A look at subscription income and advertising income emphasizes the dwindling importance of readers. A copy of The Washington Post costs as little as 24 cents a day. By contrast, one inch of black-and-white advertisement in the paper commands $257.55. (8) Economically, it would be more prudent for the Post to alienate 1000 readers than one business buying a daily inch of print. If the lost readership were confined to non-buyers, advertising rates would not even have to drop. When profit per advertiser squashes profit per consumer, the business of advertiser-funded information outlets becomes not the sale of information, but the sale of a receptive audience.

The situation is aggravated when a large corporation owns the news-filtering outlet. Most fans of TV news are unaware ABC is owned by Disney, NBC by GE with investment from Microsoft, and CBS by Westinghouse Electric. Stories critical to these interests are treated gingerly in the news. (9)

Reliance on advertising or corporate ownership selects for news that is business-friendly. High readership is no exemption.

2.3 Feeder authority
Any reader who has attempted to wrest information from the government is aware of its inertia. Similarly, the PR departments of businesses are known for their unhelpful volubility. In the first case the problem is information deficit, in the second it is disinformation glut, but ultimately the predicament is the same.

The situation is no different in a modern newsroom. Effective reporters are those who have established personal relationships with 'sources' inside various institutions who feed them privileged information. These reporters are superior information gatherers because they may ask questions that typically are rebuffed.

Without the goodwill of their 'feeders', even competent journalists drown in a sea of flack. Should an information gatherer alienate an important feeder, the gatherer is instantly severed from a pool of developing information. Pains are taken to ensure feeders are pleased with the treatment of their comments in published accounts. (10) This creates an unhealthy environment for the analysis of news. If an information outlet were to criticize the statements of a feeder, or if fallacies or lies were exposed in the feeder's reasoning, the potential effect on the outlet would be calamitous. This allows the feeder to make use of information outlets as occasional distributors of propaganda, knowing that refusal is unlikely.

Information from a small number of feeders may be propagandized.

3 News distribution over the Internet
Slashdot.org and FreeRepublic.com are representatives of a new class of news filter. While using these sites, consumers alter the fundamental structure of their trust decision. Rather than inhabiting a descending tree, in which trust is derived from progressively higher and fewer nodes, a Slashdotter or Freeper distributes their trust. In a distributed trust model, each consumer inhabits a single node in a formless but highly connected graph. Central authority is weak, participants are anonymous, and all nodes perform small amounts of voluntary labor.

3.1 Slashdot.org
Recently thrown mainstream as a gathering spot for Linux advocates, Slashdot.org has a large and devoted following of geeks and technophiles. Interestingly, because of its adherence to transparency and peer review, Slashdot has evolved a news system that defeats several of the biases described above. Slashdot is the conceptual descendent of the Internet newsgroup and the old-timer's BBS. Members log in to the web board and select one or more current items to discuss, then post their reactions.

3.1.1 Successes of the Slashdot model Participants on Slashdot are only identifiable if they wish to be. Widespread use of aliases insulates participants from real-world reprisal - a Slashdotter may criticize the government, their employer, or other feeders with small risk. Handle-use also renders a state of meritocracy on Slashdot. Comments and topic submissions are judged by their own merits, since little is known about their real-world source. Aliases grow trusted in the forum as a result of their owner's contributions. Deprecated aliases have only themselves to blame.

Members submit topics on Slashdot, and those with promise are posted to the forum. By distributing the labor of reporting, the process of information collection becomes inexpensive, and the likelihood of discovering important news increases - much like the 'Have you seen this child?' ads on milk cartons. (11) When the system requests voluntary labor, it is limited to tasks costing only a few mouse clicks. The decision of what is 'newsworthy' is also simplified, since an audience member has provided the item. If each registered Slashdot member contributed only 1 minute per day, their efforts would sum to 1083 work-hours of labor - absolutely free.

Relinquishing trust to anonymous lurkers appears foolhardy, but as randomness grows, so does quality. The web demographic is a straw poll in the worst sense of the term (12), but there are tide pools of demographic validity if groups are narrowly defined. When a site achieves a certain level of notoriety, Slashdot for example, a cross-section of users may fairly be said to represent its supporting community, in this case idealistic geeks. An information consumer is not interested in topics useful to the average person; rather they are interested in what is useful to people like themselves.

No opinion is authoritative until it runs the Slashdot gauntlet. Members comment on topics, share experiences, and take potshots at sloppy reasoning. This is more egalitarian than the feedback model of magazines, TV, or books. In those cases, if a retort is even possible, it is run in the following issue, with no guarantee to reach the original audience. On Slashdot, user comments frequently upstage the 'official' news, and it is a testament to their quality that reading the primary source is often unnecessary. Because most topics excite a gamut of opinions, Slashdot defeats the threat of opinion pollution.

To tame dull or off-topic comments, Slashdot members are randomly empowered to moderate the 'score' of remarks. Moderators are chosen by the system with a preference towards regular but not ubiquitous readers. Comments that gain the approbation of everyday participants gradually move up through statistical effects. Pointless comments sink into oblivion. Visitors to the forum may choose their own threshold of dependence on this ratings system. On Slashdot, the uniform opinions of classic information outlets are rare.

Finally, the scripts and HTML that run Slashdot are released to the community. This ensures, within reason, that the site truly operates as billed, as well as opening the code to all the benefits of open source.

3.1.2 Failings of the Slashdot model
Among its positive effects, anonymity damages credibility. If Secretary of State Madaleine Albright posted a remark on technology export limitations, her opinion would be more significant than had 'DrDeath' typed precisely the same opinion. Validation of real-world credentials can be desirable. One solution would be to support either the S/MIME or PGP signing standards as a user option. A hash of important messages could be included with the post, thereby validating the identity of the signer. (13)

No Slashdot participant receives a handle until they submit an e-mail address to the Slashdot central authority. Those who do not may participate as 'Anonymous Cowards'. AC's suffer numerous disadvantages, not the least that their posts begin at a lower score. Though this distinction discourages meddling from non-regulars, it is risky. Regular members are no less anonymous or even cowardly than AC's, save that they have disclosed their private information to the Slashdot central authority. This makes criticism of the authority more difficult, since critical remarks are safe only as an AC post from a lab computer, which is immediately scored down.

There is one departure on Slashdot from democracy. While consumers do submit the discussion topics, these are dropped into an administrative black box, unseen until a few emerge handpicked by the central authority. Inside the 'box', a small number of humans, vulnerable to self-interest, choose which of the topics will be news. In theory, the authority could even replace submitted topics with its own. A better system would be an open one, moderated in the same manner as user remarks. Along with their ration of remark-points, moderators would be given a supply of topic-points, which could be spent on proposed topics in a pool. Users could set topic thresholds in the same manner that they set thresholds for remarks. This method would be self-policing and eliminate tedious work for the central authority. (Update: 07/16 01:15 by CT : See the Slashdot FAQ for the reason that I've decided not to do this)

Slashdot is funded by banner advertisements, and on 6/29/99 announced that it had been acquired by Andover.net. (14) While there is little danger of the various Linux distros exerting pressure as yet on Slashdot, and while Andover rarely appeared on Slashdot in the past, nonetheless these developments cast a shadow on the impartiality of the community forum. Is it less likely that a story criticizing Sony will be run when an advertisement for the Sony AIBO adorns the top banner? What would become of stories damaging to Andover? Members should be alert for signs of conflicting interest.

3.2 FreeRepublic.com
Similarly evolved, although less highly automated, is FreeRepublic.com, a forum for the exchange of conservative commentary. FreeRepublic is similar to Slashdot in appearance and general design. We will focus on their differences.

3.2.1 Successes of the FreeRepublic model
FreeRepublic's most notable trait is the freedom members enjoy in topic selection. Power is so far in their hands that every member may post any topic they choose, resulting in dozens of discussed topics per day. A true distributed trust network has no single point of entry. Since the number of daily articles is finite, any given node in a sea of nodes has negligible influence. Individuals may be bought or coerced, but since the merits of each contribution are peer-reviewed and peer-diluted, successful corruption must be hugely widespread. The resources needed to influence a majority of users would be prohibitive, and only dubiously worthwhile. Once accomplished, the forum would cease to serve the needs of valid members and would naturally dissolve. Attempts to corrupt distributed news forums are by nature self-defeating.

FreeRepublic reaps no funding from advertisement or corporate ownership. The site is fed by out-of-pocket donations from participants. Though it should be noted that FreeRepublic's supporting community stereotypically has more disposable income than the average netizen, even so the site is accountable to none save its members. When the object of a news outlet is the aggregation of money, it should be unremarkable when money supersedes the pursuit of information. But in a community forum, participants have no aim other than valuable and convenient news.

Participants on FreeRepublic meet physically, organize in chapters, and crusade in the real world to accomplish their aims. There is little risk to anonymity, since there is no need to divulge onscreen handles. Provided chapters are small and independent, the inevitable discussion of principles will not even dampen diversity of opinion, which could expose the forum to opinion pollution. Participants also leave the meetings with a sense of community, which increases their voluntary labor.

3.2.2 Failings of the FreeRepublic model
Although a blessing, complete freedom of topic selection is also a curse. At times of peak activity, two successive clicks on Refresh may result in two completely different topic lists. Crackpots frequently post and their topics slide off the page untouched by regulars. There is much duplication as news breaks. Most topics receive fewer than twenty comments, reducing the effects of peer-dilution and peer-review. All these problems could be resolved if FreeRepublic were to transition to the scoring-based topic selection approach recommended previously.

FreeRepublic has no moderation method for comments, and consequently all remarks carry equal weight. In its absence, opinions win by volume or position near the top of the remark list rather than insight or appeal to the median qualities of the community. Corruption of an unmoderated forum is trivial given fifty aliases and sufficient time.

On FreeRepublic, community participants are not permitted to comment or post discussion topics unless they are logged on. This is an extreme case of Slashdot's Anonymous Coward dilemma. No contribution can be made to the forum without being noted by the FreeRepublic central authority. There is no guarantee the central authority will not terminate or diminish the accounts of those who criticize its practices.

Finally, FreeRepublic is closed source. Though the site is more static than Slashdot, what scripts it has are not disclosed to the forum. Members must take it on trust that no back doors lurk in the code.

4 Issues in Internet news distribution
4.1 The trouble with enthusiasm
One trait of both Slashdot and FreeRepublic is that their populations contain a percentage of zealots. This fact attracts the attention of non-members and ensures the continued participation of long-standing ones. While allegiance to a specific viewpoint is in no way an exclusionary criterion on Slashdot or FreeRepublic, most users share a common opinion on a few controversial issues. This may reflect the fact that contentious topics generate the most passionate interest.

Regrettably, this bond introduces a capacity for bias. Most information processed on a trust graph will lie outside the emotional boundaries, allowing peer-review and peer-dilution to ensure honest news analysis. But when discussion touches on a 'hot button' topic, rampant uniformity of opinion eliminates these safeguards.

FreeRepublic may safely be termed incapable of objective thought when the topic of President Clinton is broached. One recent post discussing Clinton's attendance at the World Cup bore the helpful keywords 'CLINTON RAPIST EVIL SLEAZY TRAITOR'. (15) Similarly, the high quality of discourse on Slashdot disintegrates when Microsoft enters the headlines. Both communities may be absolutely correct in their opinions on these topics, but the mere fact of consensus mimics the effects of corruption and degrades the community information filter. Whether it is desirable or even possible to generate a community forum without this sort of bias is a question for further debate.

4.2 Overcoming feeder bias
Although incisive analysis may overcome the flaws in a poorly written news article, community forums are ultimately limited by their feeders. These feeders are not usually primary sources, except in cases where significant documents are available online. Far more common is the linking of news articles from established information filtering corporations. The question arises whether community news efforts can surmount partiality on the part of the original reporters.

The answer appears to be yes. When CPU-maker AMD recently released comparisons between its chips and those of rival Intel, Slashdot was quick to dissect the biases in presentation and supply the necessary omitted background. (16) However, it should be noted that processors are a topic enjoying high familiarity among the technical elite who visit the site. Had the discussion been on the political condition of Nicaragua, results would be sketchy at best. Fortunately, community information forums are inherently unlikely to encounter this dilemma. Since the group as a whole selects topics, discussions lying outside the expertise of the majority are rare. A more difficult question is this: will community news replace traditional news outlets, or merely supplement them?

5 Conclusion
Community information filters are a novel approach to news. Trading on the principles of self-interest and distributed trust, they levy the expertise of thousands into producing honest, cheap daily news. In a world where command of information is rapidly becoming the root of institutional power, distributed trust graphs refocus information upon the needs of the citizen. While they remain in a state of infancy, the rise of sites such as Slashdot and FreeRepublic herald the demise of traditional information flows. We have entered the Slashdot decade, and only time will judge our success.

6 References
(0) http://www.slashdot.org, http://www.freerepublic.com
(1) http://www.gallup.com/poll/releases/pr990108.asp
(2) http://www.rsa.com/rsalabs/faq/html/4-1-3-11.html
(3) E.g. http://www.thawte.com
(4) "Tobacco Industry Loses First Phase of Broad Lawsuit", New York Times, 6/8/99
(5) "A 'Class' Trial Finds Tobacco Firms Liable; Big Payments May Follow", Wall Street Journal, 6/8/99
(6) Cable is an exception. The means of distribution in cable are monopoly-owned, preserving cable from direct competition with TV.
(7) Herman & Chomsky, Manufacturing Consent, Pantheon Books, p15, [cf.]
(8) As of July 1999, Washington Post, http://www.washingtonpost.com/wp-srv/guide/sub/sub.htm, http://adsite.washpost.com/rates/retail/fullrun.html
(9) http://www.fair.org/media-woes/media-woes.html
(10) E.g. http://independent.org/tii/content/events/f_macarth.html
(11) http://www.missingkids.org
(12) http://www.ntia.doc.gov/ntiahome/digitaldivide
(13) http://www.rsa.com/rsalabs/faq/html/2-2-2.html
(14) "Slashdot Acquired by Andover.Net"
(15) "Clinton hopes for soccer diplomacy"
(16) "Athlon Benchmarks Out"

Matthew Priestley has written an excellent essay on News in the Slashdot Decade. It talks about how The Internet is changing the way that news moves about, and discusses problems and advantages related to it. Interesting its a really excellent piece.

The following was written by Slashdot Reader Matthew Priestley, who, despite his email address, is a pretty cool guy Honest News in the Slashdot Decade
In this paper, we discuss the nature of biased and unbiased news in terms of 'trust decisions', using the cryptographic sense of that phrase. We examine the biases in modern media and identify their causes. Two examples of community news services are examined: Slashdot.org, and FreeRepublic.com. (0) From this analysis we derive a model of community news.

Disclaimer: The author of this paper works for Microsoft, but his opinions may not be the opinions of Microsoft. In fact, they aren't. The author hereby declares that nobody important at Microsoft is even aware of his existence, and that he is about as significant to Bill Gates as a single bacterium in your colon is significant to the weather in France.

0 Introduction
There is a malaise of distrust among news consumers. In recent years the number of news outlets has dwindled due to mergers and attrition, leaving information consumers with a scrawny range of choice. As the global quantity of information grows at a jaw-dropping rate, individuals increasingly despair of their ability to filter the news without aid from massive corporations.

Almost half of adults have little or no trust in media agencies (1), yet almost all delegate news collection to companies they will condemn if asked. When consumers knowingly act against their own interests, a form of coercion must be in operation. In the case of news, this coercion is a stranglehold enjoyed by media companies over filtered information. If their services are not accepted, the consumer sinks in a sea of data. In a world in which no one can process all the news and still enjoy a full life, having all information is as useless as having no information at all.

1 Nature and weakness of trust decisions
The selection of a news-filtering agency resembles what is called in cryptology a 'trust decision'. Briefly, a trust decision is a choice made by the user to validate another user's digital certificate. By assigning trust to the certificate, any content signed by that certificate becomes, in a limited sense, trustworthy. (2)

It is burdensome to evaluate the trustworthiness of every certificate, and a typical user lacks the expertise to investigate each exhaustively. For this reason, most users choose to trust a Certification Authority or CA, a central agency empowered to make trust decisions on their behalf. By endowing a single node with the power to filter certificates, the user is spared this chore. (3)

This process is analogous to the decision to accept news from an established information outlet. It would require an unreasonable effort and scads of time for any individual to audit all the news. Apart from sheer volume, appraising facts often requires background familiarity. Sources must be checked, viewpoints solicited, and impact considered. It becomes clear that this is no task for a person who hopes to conduct, for example, a life on the side. Hence the necessity of the trust decision.

Due to the exhausting claims of evaluating news, authority to filter information must be delegated.

2 Sources of bias in modern media
2.1 Opinion pollution
That trust decisions are subject to predation should be apparent. The most evident form of bias is opinion pollution, in which the subjective feelings of a reporter taint the news. Such bias may either systemic, or it may be the fault of "rogue" reporters, or both.

This form of bias is trivial to establish. In a July 8th article discussing a verdict against tobacco companies, the New York Times dwells on the volume of damning evidence presented by the plaintiffs. The deformities of the smokers are described, and the article drops a helpful tip about joining the suit. (4) Covering precisely the same event, the Wall Street Journal scrupulously avoids discussing the smokers, save to describe their organizers as 'flamboyant'. The spectre of a flooded court system and billions in costs is raised multiple times, and the guilty verdict categorized as a legal 'aberration'. (5)

This form of trust violation can be characterized in two ways. If the tolerance for personal beliefs in the news is not widespread, but isolated to a few reporters, then officials of the corporation have delegated their authority unwisely. An organization that is otherwise trustworthy will eventually correct this error. If the corruption runs throughout, however, then the consumer's initial trust decision was poor. In either event, ongoing opinion pollution can only be sustained by broad organization-wide consensus on the value of certain ideas.

Opinion pollution is a trait of homogeneous groups.

2.2 Advertising revenue and corporate ownership
Often overlooked as a source of bias is the murky relationship between news providers and advertisers. The age-old subscription model has fallen by the wayside, unable to compete with advertiser-funded services that appear to offer information for free. (6)

One fallacy is that advertising flows toward high readership, rewarding popularity with success. In reality, corporations are not interested in buyers, not readers. The Daily Herald, a worker's paper in 1960's England, boasted a readership of 4.7 million the year of its demise - nearly double that of the Times, the Financial Times, and the Guardian combined. (7) But the Herald's readers were demi-socialists, and failed to support the very businesses keeping their paper alive. The advertising money melted away.

A look at subscription income and advertising income emphasizes the dwindling importance of readers. A copy of The Washington Post costs as little as 24 cents a day. By contrast, one inch of black-and-white advertisement in the paper commands $257.55. (8) Economically, it would be more prudent for the Post to alienate 1000 readers than one business buying a daily inch of print. If the lost readership were confined to non-buyers, advertising rates would not even have to drop. When profit per advertiser squashes profit per consumer, the business of advertiser-funded information outlets becomes not the sale of information, but the sale of a receptive audience.

The situation is aggravated when a large corporation owns the news-filtering outlet. Most fans of TV news are unaware ABC is owned by Disney, NBC by GE with investment from Microsoft, and CBS by Westinghouse Electric. Stories critical to these interests are treated gingerly in the news. (9)

Reliance on advertising or corporate ownership selects for news that is business-friendly. High readership is no exemption.

2.3 Feeder authority
Any reader who has attempted to wrest information from the government is aware of its inertia. Similarly, the PR departments of businesses are known for their unhelpful volubility. In the first case the problem is information deficit, in the second it is disinformation glut, but ultimately the predicament is the same.

The situation is no different in a modern newsroom. Effective reporters are those who have established personal relationships with 'sources' inside various institutions who feed them privileged information. These reporters are superior information gatherers because they may ask questions that typically are rebuffed.

Without the goodwill of their 'feeders', even competent journalists drown in a sea of flack. Should an information gatherer alienate an important feeder, the gatherer is instantly severed from a pool of developing information. Pains are taken to ensure feeders are pleased with the treatment of their comments in published accounts. (10) This creates an unhealthy environment for the analysis of news. If an information outlet were to criticize the statements of a feeder, or if fallacies or lies were exposed in the feeder's reasoning, the potential effect on the outlet would be calamitous. This allows the feeder to make use of information outlets as occasional distributors of propaganda, knowing that refusal is unlikely.

Information from a small number of feeders may be propagandized.

3 News distribution over the Internet
Slashdot.org and FreeRepublic.com are representatives of a new class of news filter. While using these sites, consumers alter the fundamental structure of their trust decision. Rather than inhabiting a descending tree, in which trust is derived from progressively higher and fewer nodes, a Slashdotter or Freeper distributes their trust. In a distributed trust model, each consumer inhabits a single node in a formless but highly connected graph. Central authority is weak, participants are anonymous, and all nodes perform small amounts of voluntary labor.

3.1 Slashdot.org
Recently thrown mainstream as a gathering spot for Linux advocates, Slashdot.org has a large and devoted following of geeks and technophiles. Interestingly, because of its adherence to transparency and peer review, Slashdot has evolved a news system that defeats several of the biases described above. Slashdot is the conceptual descendent of the Internet newsgroup and the old-timer's BBS. Members log in to the web board and select one or more current items to discuss, then post their reactions.

3.1.1 Successes of the Slashdot model Participants on Slashdot are only identifiable if they wish to be. Widespread use of aliases insulates participants from real-world reprisal - a Slashdotter may criticize the government, their employer, or other feeders with small risk. Handle-use also renders a state of meritocracy on Slashdot. Comments and topic submissions are judged by their own merits, since little is known about their real-world source. Aliases grow trusted in the forum as a result of their owner's contributions. Deprecated aliases have only themselves to blame.

Members submit topics on Slashdot, and those with promise are posted to the forum. By distributing the labor of reporting, the process of information collection becomes inexpensive, and the likelihood of discovering important news increases - much like the 'Have you seen this child?' ads on milk cartons. (11) When the system requests voluntary labor, it is limited to tasks costing only a few mouse clicks. The decision of what is 'newsworthy' is also simplified, since an audience member has provided the item. If each registered Slashdot member contributed only 1 minute per day, their efforts would sum to 1083 work-hours of labor - absolutely free.

Relinquishing trust to anonymous lurkers appears foolhardy, but as randomness grows, so does quality. The web demographic is a straw poll in the worst sense of the term (12), but there are tide pools of demographic validity if groups are narrowly defined. When a site achieves a certain level of notoriety, Slashdot for example, a cross-section of users may fairly be said to represent its supporting community, in this case idealistic geeks. An information consumer is not interested in topics useful to the average person; rather they are interested in what is useful to people like themselves.

No opinion is authoritative until it runs the Slashdot gauntlet. Members comment on topics, share experiences, and take potshots at sloppy reasoning. This is more egalitarian than the feedback model of magazines, TV, or books. In those cases, if a retort is even possible, it is run in the following issue, with no guarantee to reach the original audience. On Slashdot, user comments frequently upstage the 'official' news, and it is a testament to their quality that reading the primary source is often unnecessary. Because most topics excite a gamut of opinions, Slashdot defeats the threat of opinion pollution.

To tame dull or off-topic comments, Slashdot members are randomly empowered to moderate the 'score' of remarks. Moderators are chosen by the system with a preference towards regular but not ubiquitous readers. Comments that gain the approbation of everyday participants gradually move up through statistical effects. Pointless comments sink into oblivion. Visitors to the forum may choose their own threshold of dependence on this ratings system. On Slashdot, the uniform opinions of classic information outlets are rare.

Finally, the scripts and HTML that run Slashdot are released to the community. This ensures, within reason, that the site truly operates as billed, as well as opening the code to all the benefits of open source.

3.1.2 Failings of the Slashdot model
Among its positive effects, anonymity damages credibility. If Secretary of State Madaleine Albright posted a remark on technology export limitations, her opinion would be more significant than had 'DrDeath' typed precisely the same opinion. Validation of real-world credentials can be desirable. One solution would be to support either the S/MIME or PGP signing standards as a user option. A hash of important messages could be included with the post, thereby validating the identity of the signer. (13)

No Slashdot participant receives a handle until they submit an e-mail address to the Slashdot central authority. Those who do not may participate as 'Anonymous Cowards'. AC's suffer numerous disadvantages, not the least that their posts begin at a lower score. Though this distinction discourages meddling from non-regulars, it is risky. Regular members are no less anonymous or even cowardly than AC's, save that they have disclosed their private information to the Slashdot central authority. This makes criticism of the authority more difficult, since critical remarks are safe only as an AC post from a lab computer, which is immediately scored down.

There is one departure on Slashdot from democracy. While consumers do submit the discussion topics, these are dropped into an administrative black box, unseen until a few emerge handpicked by the central authority. Inside the 'box', a small number of humans, vulnerable to self-interest, choose which of the topics will be news. In theory, the authority could even replace submitted topics with its own. A better system would be an open one, moderated in the same manner as user remarks. Along with their ration of remark-points, moderators would be given a supply of topic-points, which could be spent on proposed topics in a pool. Users could set topic thresholds in the same manner that they set thresholds for remarks. This method would be self-policing and eliminate tedious work for the central authority. (Update: 07/16 01:15 by CT : See the Slashdot FAQ for the reason that I've decided not to do this)

Slashdot is funded by banner advertisements, and on 6/29/99 announced that it had been acquired by Andover.net. (14) While there is little danger of the various Linux distros exerting pressure as yet on Slashdot, and while Andover rarely appeared on Slashdot in the past, nonetheless these developments cast a shadow on the impartiality of the community forum. Is it less likely that a story criticizing Sony will be run when an advertisement for the Sony AIBO adorns the top banner? What would become of stories damaging to Andover? Members should be alert for signs of conflicting interest.

3.2 FreeRepublic.com
Similarly evolved, although less highly automated, is FreeRepublic.com, a forum for the exchange of conservative commentary. FreeRepublic is similar to Slashdot in appearance and general design. We will focus on their differences.

3.2.1 Successes of the FreeRepublic model
FreeRepublic's most notable trait is the freedom members enjoy in topic selection. Power is so far in their hands that every member may post any topic they choose, resulting in dozens of discussed topics per day. A true distributed trust network has no single point of entry. Since the number of daily articles is finite, any given node in a sea of nodes has negligible influence. Individuals may be bought or coerced, but since the merits of each contribution are peer-reviewed and peer-diluted, successful corruption must be hugely widespread. The resources needed to influence a majority of users would be prohibitive, and only dubiously worthwhile. Once accomplished, the forum would cease to serve the needs of valid members and would naturally dissolve. Attempts to corrupt distributed news forums are by nature self-defeating.

FreeRepublic reaps no funding from advertisement or corporate ownership. The site is fed by out-of-pocket donations from participants. Though it should be noted that FreeRepublic's supporting community stereotypically has more disposable income than the average netizen, even so the site is accountable to none save its members. When the object of a news outlet is the aggregation of money, it should be unremarkable when money supersedes the pursuit of information. But in a community forum, participants have no aim other than valuable and convenient news.

Participants on FreeRepublic meet physically, organize in chapters, and crusade in the real world to accomplish their aims. There is little risk to anonymity, since there is no need to divulge onscreen handles. Provided chapters are small and independent, the inevitable discussion of principles will not even dampen diversity of opinion, which could expose the forum to opinion pollution. Participants also leave the meetings with a sense of community, which increases their voluntary labor.

3.2.2 Failings of the FreeRepublic model
Although a blessing, complete freedom of topic selection is also a curse. At times of peak activity, two successive clicks on Refresh may result in two completely different topic lists. Crackpots frequently post and their topics slide off the page untouched by regulars. There is much duplication as news breaks. Most topics receive fewer than twenty comments, reducing the effects of peer-dilution and peer-review. All these problems could be resolved if FreeRepublic were to transition to the scoring-based topic selection approach recommended previously.

FreeRepublic has no moderation method for comments, and consequently all remarks carry equal weight. In its absence, opinions win by volume or position near the top of the remark list rather than insight or appeal to the median qualities of the community. Corruption of an unmoderated forum is trivial given fifty aliases and sufficient time.

On FreeRepublic, community participants are not permitted to comment or post discussion topics unless they are logged on. This is an extreme case of Slashdot's Anonymous Coward dilemma. No contribution can be made to the forum without being noted by the FreeRepublic central authority. There is no guarantee the central authority will not terminate or diminish the accounts of those who criticize its practices.

Finally, FreeRepublic is closed source. Though the site is more static than Slashdot, what scripts it has are not disclosed to the forum. Members must take it on trust that no back doors lurk in the code.

4 Issues in Internet news distribution
4.1 The trouble with enthusiasm
One trait of both Slashdot and FreeRepublic is that their populations contain a percentage of zealots. This fact attracts the attention of non-members and ensures the continued participation of long-standing ones. While allegiance to a specific viewpoint is in no way an exclusionary criterion on Slashdot or FreeRepublic, most users share a common opinion on a few controversial issues. This may reflect the fact that contentious topics generate the most passionate interest.

Regrettably, this bond introduces a capacity for bias. Most information processed on a trust graph will lie outside the emotional boundaries, allowing peer-review and peer-dilution to ensure honest news analysis. But when discussion touches on a 'hot button' topic, rampant uniformity of opinion eliminates these safeguards.

FreeRepublic may safely be termed incapable of objective thought when the topic of President Clinton is broached. One recent post discussing Clinton's attendance at the World Cup bore the helpful keywords 'CLINTON RAPIST EVIL SLEAZY TRAITOR'. (15) Similarly, the high quality of discourse on Slashdot disintegrates when Microsoft enters the headlines. Both communities may be absolutely correct in their opinions on these topics, but the mere fact of consensus mimics the effects of corruption and degrades the community information filter. Whether it is desirable or even possible to generate a community forum without this sort of bias is a question for further debate.

4.2 Overcoming feeder bias
Although incisive analysis may overcome the flaws in a poorly written news article, community forums are ultimately limited by their feeders. These feeders are not usually primary sources, except in cases where significant documents are available online. Far more common is the linking of news articles from established information filtering corporations. The question arises whether community news efforts can surmount partiality on the part of the original reporters.

The answer appears to be yes. When CPU-maker AMD recently released comparisons between its chips and those of rival Intel, Slashdot was quick to dissect the biases in presentation and supply the necessary omitted background. (16) However, it should be noted that processors are a topic enjoying high familiarity among the technical elite who visit the site. Had the discussion been on the political condition of Nicaragua, results would be sketchy at best. Fortunately, community information forums are inherently unlikely to encounter this dilemma. Since the group as a whole selects topics, discussions lying outside the expertise of the majority are rare. A more difficult question is this: will community news replace traditional news outlets, or merely supplement them?

5 Conclusion
Community information filters are a novel approach to news. Trading on the principles of self-interest and distributed trust, they levy the expertise of thousands into producing honest, cheap daily news. In a world where command of information is rapidly becoming the root of institutional power, distributed trust graphs refocus information upon the needs of the citizen. While they remain in a state of infancy, the rise of sites such as Slashdot and FreeRepublic herald the demise of traditional information flows. We have entered the Slashdot decade, and only time will judge our success.

6 References
(0) http://www.slashdot.org, http://www.freerepublic.com
(1) http://www.gallup.com/poll/releases/pr990108.asp
(2) http://www.rsa.com/rsalabs/faq/html/4-1-3-11.html
(3) E.g. http://www.thawte.com
(4) "Tobacco Industry Loses First Phase of Broad Lawsuit", New York Times, 6/8/99
(5) "A 'Class' Trial Finds Tobacco Firms Liable; Big Payments May Follow", Wall Street Journal, 6/8/99
(6) Cable is an exception. The means of distribution in cable are monopoly-owned, preserving cable from direct competition with TV.
(7) Herman & Chomsky, Manufacturing Consent, Pantheon Books, p15, [cf.]
(8) As of July 1999, Washington Post, http://www.washingtonpost.com/wp-srv/guide/sub/sub.htm, http://adsite.washpost.com/rates/retail/fullrun.html
(9) http://www.fair.org/media-woes/media-woes.html
(10) E.g. http://independent.org/tii/content/events/f_macarth.html
(11) http://www.missingkids.org
(12) http://www.ntia.doc.gov/ntiahome/digitaldivide
(13) http://www.rsa.com/rsalabs/faq/html/2-2-2.html
(14) "Slashdot Acquired by Andover.Net"
(15) "Clinton hopes for soccer diplomacy"
(16) "Athlon Benchmarks Out"

Mintslice was one of the first to write in with the latest major major hole that's been found in Microsoft's IIS4.0. The hole, a nice little number, called remote users can gain root access, using buffer overflow is "being treated" seriously by the corporation. Mmm...Apache.

UncleRoger writes "A friend pointed me to this article would would appear to explain why eBay has had such troubles with downtime, including the outage since Wednesday evening. " It would appear that MS is tired of having the finger pointed at them - as they point out, it's an Oracle database that's running on Solaris that's causing the troubles.