CIOs may be very well-informed and very clever, as well as having a good understanding of their company's business and the marketplace in general. In my experience, modern CIOs are quite unlikely to be specially interested in IT as such; it is basic dogma for them that "the business comes first", and they always look to the bottom line (if only because they live or die by it).
But the qualities that mark a great CIO are not those that are best for leading a company. Remember the research that shows optimists live longer, and do better, than realists? Again in my experience, CEOs tend to be extremely confident - even when such confidence is not warranted by the facts and figures. This sheer exuberance helps them create a favourable impression, and carries people with them regardless of the objective reality.
That, I think, is one good reason why salespeople tend to become CEOs, while CIOs do not.
Well, if the intellectual hub of the cosmos, packed with giant legislative, executive and judicial brains, can't make the cut... there's obviously something wrong with the assessment system.
Come on people - this is the city where George W Bush lives and thinks!
Yes, you have put your finger on the glaring weakness in this story. Once you see that it was an OLD mainframe versus a PRESENT-DAY Linux grid, you realise that no useful conclusions can be drawn. (Although, as others have noted, the narrowness of the margin achieved suggests that the mainframe would win easily in a fair contest).
These "old-versus-new" comparisons are the stock-in-trade of marketing and PR departments, which are perpetually issuing press releases bragging that the latest Foowhatzit Humdinger 24-processor with thousands of GB of storage outperformed someone's 10-year old VAX or AS/400. To Slashdotters, that's a subdued "Wow!" (that they would attempt such barefaced trickery, that is) and on to something potentially interesting. But to the broad masses who know nothing about computers, it is quite impressive. PHB readers habitually skip over all the "techie details" anyway, so they probably come away with the desired message: "We need Foowhatzit Humdingers, and we need 'em now!"
People with arts degrees are big on quoting Mies van der Rohe's "God is in the details". Perhaps it's time they realised that "God is in the numbers" too.
I have noticed that, broadly speaking, those who are most uncritically in favour of "IT with everything" are technical dunces. (British prime minister Tony Blair is an outstanding example of this syndrome; by his own confession, he does not even know "how to use a keyboard", but he is absolutely sure that hospitals, libraries, schools and government offices will benefit from being filled up with Windows PCs).
Slashdot readers, on the other hand, are mostly qualified to judge when a given task is suitable for computerization, and when it is not. At the present state of the art (and state of political corruption), it seems to me that voting for political representatives is not a suitable application. We need to understand the security and integrity aspects of distributed multiuser systems far better before such a project is worth even thinking about. Come back in 15-20 years - maybe.
There is a school of thought that seems to think FOSS can never do more than provide cheap knock-offs of existing commercial software products. (I phrased that offensively to reflect the tone of articles I have read). That seems to be a half-truth at best.
Certainly, one of the main tasks that FOSS developers have tackled has been to emulate many existing products that people find useful, necessary, or both. That is one obvious reason for writing FOSS. But it is by no means the only one, and there are already plenty of examples of FOSS that are quite original.
Creating a functional equivalent of Microsoft Office looks like an eminently sensible first step to take. It's something millions of people have been waiting for, and (apart from anything else) it will give many of them the chance to migrate to Linux now that they are no longer tied to Windows by the need to use Office formats.
In future, it will be possible to improve on Microsoft's ideas. Joy's Law more or less guarantees that this is possible. Perhaps OpenOffice.org could provide two options: a "closest to Microsoft" version, and a "better than Microsoft" version.
I think you have missed the point. Profiling could not have detected Hindawi, as he was not a passenger on the aircraft. It was Murphy who had the explosives, so it was Murphy whom the profilers had to detect.
Considering the vastness of our collective ignorance, and the smaller - but even more frightening - ignorance of people in key positions about the work for which they are responsible, it is absurd to argue that managers should lack domain expertise.
It seems obvious to me that a manager who understands what his people are doing will be more successful. BUT there are a few provisos that might blur the issue:
1. A "techie" manager must be able to resist the temptation to get sucked into micromanaging or - worse still - trying to compete with his own team. Instead, he should be mature enough to let people learn and grow, even if they must make mistakes in the process (and no one learns without a few mistakes).
2. As others have noted, not even the most gifted and expert techie knows it all. The manager must realise that, even in his own field of expertise, other opinions are valid - and sometimes might be better than his own.
3. Unless he is able to stay current (which is unlikely if he is doing his current job properly), a manager must always be careful to allow for the time that has passed since he was an active practitioner. The state of the art ten years ago is apt to be laughably obsolete today, especially in fast-changing fields like IT. (On the other hand, wisdom of the type contained in "The Mythical Man-Month", for instance, is just as relevant as it ever was).
4. A manager needs to be able to switch communication modes when talking to non-techies. Even a CIO will be unsuccessful if the other CxOs are baffled by what they they perceive as his "technical mumbo-jumbo". It is essential to talk each person's own language, stay within their comfort zones, and reason in ways they can appreciate and follow.
5. Even if technical knowledge is very desirable, it is not the most important attribute of a good manager. Leadership, the ability to listen and understand, team building, and sensitivity have to come first. Far better a seasoned, sympathetic manager from a different industry than a stubborn, micro-managing, blinkered techie whose ideas have passed their sell-by date.
"Beware of he who denies you access to information, for in his heart he dreams himself your master."
That should be "beware of him..." It's the object of "beware", and that overrides the consideration that it is also the subject of "who denies". More to the point, the way you have it sounds wrong.
Whenever I see a phrase like "up to 50%", I always rephrase it mentally as "not more than half". Funny how much difference that can make to the overall impression you get.
As usual with legislation from the British government (and many others), this is a dumb, badly-written law. The main problem is not so much that the authors didn't understand the technology (although they probably didn't); it is that they failed to think the alleged offense through properly. They had no doubt heard of some DOS events, which struck them as outrageous; and, as our noble lawmakers so often do, they reacted knee-jerk fashion by demanding that "something must be done!"
When these laws bring about mayhem in the courts, or at least unjust verdicts, their authors will no doubt protest that "we didn't mean it to be interpreted that way!" Programmers will recognise this frame of mind: it's DWIM all over again. ("Do What I Mean" - not what I say). Writing laws and writing code have a lot in common, but it's not always as easy to tell when a law has bugs.
Does this mean that domestic newspapers, TV and radio stations, bloggers, etc. can expect to receive the full Al-Jazeera treatment from the US armed forces? It might be quite exciting, with cruise missiles, Hellfire rockets, and plain old iron bombs criss-crossing the urban landscapes of New York, LA, SF, etc. I suppose we in old Blighty will get the lion's share though, as we have a surplus of impudent journalists and virtually no air defence (and what little we did have has probably been sent off to Afghanistan).
Has anyone considered that the terrorists might exploit this bold move by sending squads of suicide journalists to scribble their poison from the heart of US civilisation?
"...we have won wars where propaganda was relatively successful and lost when it was not".
And here I was thinking that the USA won wars whenever its enormous advantages in wealth, military technology, and (often) numbers were not outweighed by other factors.
As a matter of interest, did you have in mind any lost wars other than Vietnam? (Which wasn't technically a war, according to the US administration itself, but never mind). The recent war in Iraq was comprehensively won by the USA, which routed and destroyed the formal armed forces of the Iraqi state. Having won the war, the US forces are now being unpleasantly harrassed by angry Iraqi citizens who resent being subjugated by foreign armies. And the US administration is, apparently, embarrassed at the public revelation of its incompetence and the frightful mess it has made out of what was once a relatively successful (if badly governed) state.
As for your belief that any amount of propaganda is permissible in wartime, it is reduced to absurdity by the mere observation that a government can simply choose to declare continuous war - as this one has, for instance. Then it has got rid, at a stroke, of the tedious apparatus of freedom of speech.
... but I did nothing, for I was not a pub-going beer-drinker.
See how it works? First of all techniques like camera surveillance, fingerprinting, and biometric ID cards are essential to protect us from mad terrorists who want to kill us all (because they hate our freedom). Then they turn out to be pretty useful against those dreadful paedophiles... and kiddy porn dealers... and (kiddy) porn viewers... and rapists. Then, after a while, the scope is extended to violent drunks, muggers, groups of suspicious-looking people standing around for no obvious reason, people who send emails or make Slashdot posts mentioning Tony Blair and Iraq... Until finally, one day we wake up to find that children are fingerprinted and/or iris scanned every time they enter their school (which they are compelled to do, by law, every day); and perhaps adults get the same treatment every time they visit a supermarket checkout, take their car into or out of a parking lot, or go a restaurant or the movies... and satellites track every movement of their cars... and so on.
Once you make the initial concession, the rest of it seems so logical and inevitable. Why wouldn't you feel safer knowing the state is keeping track of you every minute of every day and night? You don't have anything to hide, do you? Do you? Do you?
Uh-oh, redneck alert. In my experience, no one drags in a preemptive slur about liberal bias, unless that person is guiltily aware of having an opposite bias. My twopence worth.
Why not discuss the question on its merits, without having recourse to poisoning the well?
"If anything, things are moving in the other direction".
Yes, they certainly have been doing so. But past performance does not necessarily predict future performance. Trends can change. My thesis is that the present confused situation is a function of the complexity and power of computers, the evolution of software, and the distribution of demand in the marketplace. As computer power grows rapidly, it will be possible to clump together massive amounts of embedded systems to perform almost any definable set of requirements. When you have computers woven into your clothes, built into your spectacles, hiding in your walls and windows, and controlling more and more aspects of everyday life, will you still want the ability to program them? Welcome to chaos if you do. Computers are now obsolescent within three or four years at most, and this interval will drop - so there is less and less need to wring the most out of sunk investments.
Anyway, we will not have the luxury of choosing. So far, for reasons that escape me, the vast majority of security penetrations have been by pranksters who did not seek to do serious harm. Now that attackers are looking to maximize their return on investment, while a few may even be waging electronic warfare, it is very questionable whether we can go on exposing hundreds of millions of wide-open targets to them.
'These problems all seem to stem from most PC users being lazy and not wanting to know these things. What they want is to have everything complicated hidden from them and everything to "just work"'.
Exactly. The problem here is one that pervades the world of computing today, and will have to be resolved one way or another. Computers are unbelievably (almost infinitely) flexible devices, yet we have established an IT industry that sells them as consumer appliances. 99.99 percent of the computers sold are never programmed (in any meaningful sense of the word) by their owners, who really just want an appliance that handles email, browsing, messaging, games, and perhaps running Office or something similar. Yet what they get is a fully-equipped Turing machine with lots of software tools, and access to a truly immense amount of software just an Internet link away. It's like giving someone a nuclear power station when all they need is a dry cell.
Unfortunately, the IT industry could not have grown so quickly - and stimulated such fast technology advance - by any other means. It's wasteful, it's inelegant, it's dangerous - but it maximizes the speed of progress. Personally, I expect that the present regime - where general-purpose computers are sold to all and sundry as consumer appliances - will soon come to an end. Then consumers will be able to get a wide variety of (possibly self-enhancing) data appliances that do everything they want, without being freely programmable. That would greatly reduce the security risks faced by the industry as a whole: appliances connected to the public Internet could be hardened, while development machines would be given much better protection (ideally, not even connected to the public network except when really necessary).
Please note that I am definitely not suggesting that access to programming machines should be restricted. That would be intolerable, and probably impossible. All I am saying is that it would be better if two types of machine were manufactured, allowing consumers who do not need programming facilities to buy a cheaper, simpler, and more secure device.
"They did outperform their rivals, by definition..."
Yes, but at what? Selling product, not writing good software. You don't have to take a moral position on this to recognise that the two things are logically different. Some might go so far as to assert that writing really good software is actually incompatible with earning shedloads of money. The trick is to maximize total ongoing profit over a period of decades. Put too much effort into a good architecture and high-quality initial releases, and you will be bankrupt before five years are out. No first decade, even. But if you do what Microsoft did, you will forever be playing catch-up in the quality game: quality, like security, is not something you can bolt on later as an afterthought, when the marketing department tells you that's what the punters want this year.
"Surely any terrorist worth his 72 virgins can figure out that it's better to buy a round-trip ticket even if you're not planning to use the second part..."
Precisely. Yet we get this nonsense from the very same authorities who tell us it is necessary to check every little transaction for "money-laundering", and crow about their success in "cutting off the terrorists' funds". I cannot see how 9/11 could have cost more than a few average people could easily save in a year or two - so why on earth are they looking for massive funds transfers?
'No, but neither were they called terrorists. The term wasn't much in use before 9/11. Before that such people were quite properly called "criminals"'.
That turns out not to be the case. The word "terrorist" has a long pedigree, and its core meaning is a distinctive and useful one: namely, someone who stages violent attacks in order to create terror. As long as I can remember (back to the early 1960s) the news has regularly mentioned terrorists and terrorism. Americans may have been lucky enough to escape much of it, but that doesn't mean it didn't happen.
The subjective nature of the word is also important. I have read accounts of German soldiers' WW2 experiences, in which - without the slightest irony or self-consciousness - they routinely describe the French and other national resistance movements as terrorists. From their point of view, that was quite justified. France had declared war on Germany, not the other way round, so when it was defeated in war the Germans were entitled to expect that French people would accept the outcome and submit to having been conquered. Before you impulsively exclaim that no self-respecting free people should ever submit themselves to foreign conquest just because they lost the formal war and their government was toppled, recall that this is exactly the situation in Iraq at present.
At the bottom of all these arguments about whether someone is a terrorist or a freedom fighter, we usually arrive at the irreducible gut feeling that "we are right, and they are wrong". Fine, but it's hard to erect a legal framework on the basis of such special pleading.
Nations have established their respective bodies of law, based on the assumption that there is such a thing as a well-defined area of national jurisdiction. In the past, that was (mostly) true. Thus a given act could be legal in some nations, and illegal in others. Anyone was entitled to form an opinion of the rightness or wrongness of such acts, regardless of their legal status. So there were three separate issues: whether a given act is legal or illegal in any nation's view; whether that act is considered right or wrong; and whether the person committing the act can, in practice, be brought to book.
Today, the Internet is available worldwide, so the idea of a nation's physical jurisdiction has become obsolete - at least as regards crimes that can be committed remotely, such as gambling, looking at pornography, Holocaust denial, blasphemy, reading news reports, or political discussion. (Remember all of these are crimes somewhere, though probably none of them is a crime everywhere).
This state of affairs is obviously unstable. Many of the contributors to this thread seem to believe that some laws are right, while others are wrong; and that it is only those laws that they consider right that need to be obeyed. Unfortunately this takes a giant step from the (more or less) objective domain of law to the (almost entirely) subjective domain of morality. For a largely American group of people, that does not necessarily pose a serious problem: the default assumption is that US laws are right, whereas other nations' laws are right to the extent that they coincide (or at least are compatible) with US laws. Based on this assumption, the US government often asserts a right to judge people living anywhere in the world, regardless of their nationality, and if necessary to seize them and transport them to the USA for trial under US law.
But the US government can do that only because it has the power to make almost everyone else comply. ("Might is right"). Imagine for a moment that China - or for that matter Cuba - suddenly acquired a magical superweapon that could defeat all known weapons, and destroy any enemy. Suddenly, US law would be put back into its box, while the Chinese or Cuban or whatever government would be able to extend its writ worldwide. How would we like that?
In the long run, and sooner rather than later, national governments are going to have to find some way of reconciling their legal systems with the existence of a single, seamless global communication space. It's going to be interesting.
Slashdot Mirror
"It's a great starting point, but you can't trust the information completely".
You can't trust *any* information completely. Isn't that one of the key things you learn from a good education?
... would most likely lie cynically to its customers, suppliers, and partners - and possibly the government as well.
Now, you can look at that in one of two ways.
1. That's what corporations do; I have to work for one of them, so I must make the best of things as they are.
2. There are decent companies out there, and I will try to get a job with one of them.
CIOs may be very well-informed and very clever, as well as having a good understanding of their company's business and the marketplace in general. In my experience, modern CIOs are quite unlikely to be specially interested in IT as such; it is basic dogma for them that "the business comes first", and they always look to the bottom line (if only because they live or die by it).
But the qualities that mark a great CIO are not those that are best for leading a company. Remember the research that shows optimists live longer, and do better, than realists? Again in my experience, CEOs tend to be extremely confident - even when such confidence is not warranted by the facts and figures. This sheer exuberance helps them create a favourable impression, and carries people with them regardless of the objective reality.
That, I think, is one good reason why salespeople tend to become CEOs, while CIOs do not.
Well, if the intellectual hub of the cosmos, packed with giant legislative, executive and judicial brains, can't make the cut... there's obviously something wrong with the assessment system.
Come on people - this is the city where George W Bush lives and thinks!
Yes, you have put your finger on the glaring weakness in this story. Once you see that it was an OLD mainframe versus a PRESENT-DAY Linux grid, you realise that no useful conclusions can be drawn. (Although, as others have noted, the narrowness of the margin achieved suggests that the mainframe would win easily in a fair contest).
These "old-versus-new" comparisons are the stock-in-trade of marketing and PR departments, which are perpetually issuing press releases bragging that the latest Foowhatzit Humdinger 24-processor with thousands of GB of storage outperformed someone's 10-year old VAX or AS/400. To Slashdotters, that's a subdued "Wow!" (that they would attempt such barefaced trickery, that is) and on to something potentially interesting. But to the broad masses who know nothing about computers, it is quite impressive. PHB readers habitually skip over all the "techie details" anyway, so they probably come away with the desired message: "We need Foowhatzit Humdingers, and we need 'em now!"
People with arts degrees are big on quoting Mies van der Rohe's "God is in the details". Perhaps it's time they realised that "God is in the numbers" too.
I have noticed that, broadly speaking, those who are most uncritically in favour of "IT with everything" are technical dunces. (British prime minister Tony Blair is an outstanding example of this syndrome; by his own confession, he does not even know "how to use a keyboard", but he is absolutely sure that hospitals, libraries, schools and government offices will benefit from being filled up with Windows PCs).
Slashdot readers, on the other hand, are mostly qualified to judge when a given task is suitable for computerization, and when it is not. At the present state of the art (and state of political corruption), it seems to me that voting for political representatives is not a suitable application. We need to understand the security and integrity aspects of distributed multiuser systems far better before such a project is worth even thinking about. Come back in 15-20 years - maybe.
Please mod the parent up. It is the only thing that needs to be said on this subject.
There is a school of thought that seems to think FOSS can never do more than provide cheap knock-offs of existing commercial software products. (I phrased that offensively to reflect the tone of articles I have read). That seems to be a half-truth at best.
Certainly, one of the main tasks that FOSS developers have tackled has been to emulate many existing products that people find useful, necessary, or both. That is one obvious reason for writing FOSS. But it is by no means the only one, and there are already plenty of examples of FOSS that are quite original.
Creating a functional equivalent of Microsoft Office looks like an eminently sensible first step to take. It's something millions of people have been waiting for, and (apart from anything else) it will give many of them the chance to migrate to Linux now that they are no longer tied to Windows by the need to use Office formats.
In future, it will be possible to improve on Microsoft's ideas. Joy's Law more or less guarantees that this is possible. Perhaps OpenOffice.org could provide two options: a "closest to Microsoft" version, and a "better than Microsoft" version.
No, I don't think your post was really off topic. Rather, it helped to put the topic in perspective - a very useful contribution IMHO.
I think you have missed the point. Profiling could not have detected Hindawi, as he was not a passenger on the aircraft. It was Murphy who had the explosives, so it was Murphy whom the profilers had to detect.
Considering the vastness of our collective ignorance, and the smaller - but even more frightening - ignorance of people in key positions about the work for which they are responsible, it is absurd to argue that managers should lack domain expertise.
It seems obvious to me that a manager who understands what his people are doing will be more successful. BUT there are a few provisos that might blur the issue:
1. A "techie" manager must be able to resist the temptation to get sucked into micromanaging or - worse still - trying to compete with his own team. Instead, he should be mature enough to let people learn and grow, even if they must make mistakes in the process (and no one learns without a few mistakes).
2. As others have noted, not even the most gifted and expert techie knows it all. The manager must realise that, even in his own field of expertise, other opinions are valid - and sometimes might be better than his own.
3. Unless he is able to stay current (which is unlikely if he is doing his current job properly), a manager must always be careful to allow for the time that has passed since he was an active practitioner. The state of the art ten years ago is apt to be laughably obsolete today, especially in fast-changing fields like IT. (On the other hand, wisdom of the type contained in "The Mythical Man-Month", for instance, is just as relevant as it ever was).
4. A manager needs to be able to switch communication modes when talking to non-techies. Even a CIO will be unsuccessful if the other CxOs are baffled by what they they perceive as his "technical mumbo-jumbo". It is essential to talk each person's own language, stay within their comfort zones, and reason in ways they can appreciate and follow.
5. Even if technical knowledge is very desirable, it is not the most important attribute of a good manager. Leadership, the ability to listen and understand, team building, and sensitivity have to come first. Far better a seasoned, sympathetic manager from a different industry than a stubborn, micro-managing, blinkered techie whose ideas have passed their sell-by date.
"Beware of he who denies you access to information, for in his heart he dreams himself your master."
That should be "beware of him..." It's the object of "beware", and that overrides the consideration that it is also the subject of "who denies". More to the point, the way you have it sounds wrong.
Whenever I see a phrase like "up to 50%", I always rephrase it mentally as "not more than half". Funny how much difference that can make to the overall impression you get.
As usual with legislation from the British government (and many others), this is a dumb, badly-written law. The main problem is not so much that the authors didn't understand the technology (although they probably didn't); it is that they failed to think the alleged offense through properly. They had no doubt heard of some DOS events, which struck them as outrageous; and, as our noble lawmakers so often do, they reacted knee-jerk fashion by demanding that "something must be done!"
When these laws bring about mayhem in the courts, or at least unjust verdicts, their authors will no doubt protest that "we didn't mean it to be interpreted that way!" Programmers will recognise this frame of mind: it's DWIM all over again. ("Do What I Mean" - not what I say). Writing laws and writing code have a lot in common, but it's not always as easy to tell when a law has bugs.
... they realise that they are sucking up all the available power, and dooming the biosphere in the process?
Not that they would necessarily give a rat's ass about the biosphere.
Does this mean that domestic newspapers, TV and radio stations, bloggers, etc. can expect to receive the full Al-Jazeera treatment from the US armed forces? It might be quite exciting, with cruise missiles, Hellfire rockets, and plain old iron bombs criss-crossing the urban landscapes of New York, LA, SF, etc. I suppose we in old Blighty will get the lion's share though, as we have a surplus of impudent journalists and virtually no air defence (and what little we did have has probably been sent off to Afghanistan).
Has anyone considered that the terrorists might exploit this bold move by sending squads of suicide journalists to scribble their poison from the heart of US civilisation?
"...we have won wars where propaganda was relatively successful and lost when it was not".
And here I was thinking that the USA won wars whenever its enormous advantages in wealth, military technology, and (often) numbers were not outweighed by other factors.
As a matter of interest, did you have in mind any lost wars other than Vietnam? (Which wasn't technically a war, according to the US administration itself, but never mind). The recent war in Iraq was comprehensively won by the USA, which routed and destroyed the formal armed forces of the Iraqi state. Having won the war, the US forces are now being unpleasantly harrassed by angry Iraqi citizens who resent being subjugated by foreign armies. And the US administration is, apparently, embarrassed at the public revelation of its incompetence and the frightful mess it has made out of what was once a relatively successful (if badly governed) state.
As for your belief that any amount of propaganda is permissible in wartime, it is reduced to absurdity by the mere observation that a government can simply choose to declare continuous war - as this one has, for instance. Then it has got rid, at a stroke, of the tedious apparatus of freedom of speech.
... but I did nothing, for I was not a pub-going beer-drinker.
See how it works? First of all techniques like camera surveillance, fingerprinting, and biometric ID cards are essential to protect us from mad terrorists who want to kill us all (because they hate our freedom). Then they turn out to be pretty useful against those dreadful paedophiles... and kiddy porn dealers... and (kiddy) porn viewers... and rapists. Then, after a while, the scope is extended to violent drunks, muggers, groups of suspicious-looking people standing around for no obvious reason, people who send emails or make Slashdot posts mentioning Tony Blair and Iraq... Until finally, one day we wake up to find that children are fingerprinted and/or iris scanned every time they enter their school (which they are compelled to do, by law, every day); and perhaps adults get the same treatment every time they visit a supermarket checkout, take their car into or out of a parking lot, or go a restaurant or the movies... and satellites track every movement of their cars... and so on.
Once you make the initial concession, the rest of it seems so logical and inevitable. Why wouldn't you feel safer knowing the state is keeping track of you every minute of every day and night? You don't have anything to hide, do you? Do you? Do you?
"... liberally-biased person..."
Uh-oh, redneck alert. In my experience, no one drags in a preemptive slur about liberal bias, unless that person is guiltily aware of having an opposite bias. My twopence worth.
Why not discuss the question on its merits, without having recourse to poisoning the well?
"If anything, things are moving in the other direction".
Yes, they certainly have been doing so. But past performance does not necessarily predict future performance. Trends can change. My thesis is that the present confused situation is a function of the complexity and power of computers, the evolution of software, and the distribution of demand in the marketplace. As computer power grows rapidly, it will be possible to clump together massive amounts of embedded systems to perform almost any definable set of requirements. When you have computers woven into your clothes, built into your spectacles, hiding in your walls and windows, and controlling more and more aspects of everyday life, will you still want the ability to program them? Welcome to chaos if you do. Computers are now obsolescent within three or four years at most, and this interval will drop - so there is less and less need to wring the most out of sunk investments.
Anyway, we will not have the luxury of choosing. So far, for reasons that escape me, the vast majority of security penetrations have been by pranksters who did not seek to do serious harm. Now that attackers are looking to maximize their return on investment, while a few may even be waging electronic warfare, it is very questionable whether we can go on exposing hundreds of millions of wide-open targets to them.
'These problems all seem to stem from most PC users being lazy and not wanting to know these things. What they want is to have everything complicated hidden from them and everything to "just work"'.
Exactly. The problem here is one that pervades the world of computing today, and will have to be resolved one way or another. Computers are unbelievably (almost infinitely) flexible devices, yet we have established an IT industry that sells them as consumer appliances. 99.99 percent of the computers sold are never programmed (in any meaningful sense of the word) by their owners, who really just want an appliance that handles email, browsing, messaging, games, and perhaps running Office or something similar. Yet what they get is a fully-equipped Turing machine with lots of software tools, and access to a truly immense amount of software just an Internet link away. It's like giving someone a nuclear power station when all they need is a dry cell.
Unfortunately, the IT industry could not have grown so quickly - and stimulated such fast technology advance - by any other means. It's wasteful, it's inelegant, it's dangerous - but it maximizes the speed of progress. Personally, I expect that the present regime - where general-purpose computers are sold to all and sundry as consumer appliances - will soon come to an end. Then consumers will be able to get a wide variety of (possibly self-enhancing) data appliances that do everything they want, without being freely programmable. That would greatly reduce the security risks faced by the industry as a whole: appliances connected to the public Internet could be hardened, while development machines would be given much better protection (ideally, not even connected to the public network except when really necessary).
Please note that I am definitely not suggesting that access to programming machines should be restricted. That would be intolerable, and probably impossible. All I am saying is that it would be better if two types of machine were manufactured, allowing consumers who do not need programming facilities to buy a cheaper, simpler, and more secure device.
"They did outperform their rivals, by definition..."
Yes, but at what? Selling product, not writing good software. You don't have to take a moral position on this to recognise that the two things are logically different. Some might go so far as to assert that writing really good software is actually incompatible with earning shedloads of money. The trick is to maximize total ongoing profit over a period of decades. Put too much effort into a good architecture and high-quality initial releases, and you will be bankrupt before five years are out. No first decade, even. But if you do what Microsoft did, you will forever be playing catch-up in the quality game: quality, like security, is not something you can bolt on later as an afterthought, when the marketing department tells you that's what the punters want this year.
"Surely any terrorist worth his 72 virgins can figure out that it's better to buy a round-trip ticket even if you're not planning to use the second part..."
Precisely. Yet we get this nonsense from the very same authorities who tell us it is necessary to check every little transaction for "money-laundering", and crow about their success in "cutting off the terrorists' funds". I cannot see how 9/11 could have cost more than a few average people could easily save in a year or two - so why on earth are they looking for massive funds transfers?
'No, but neither were they called terrorists. The term wasn't much in use before 9/11. Before that such people were quite properly called "criminals"'.
That turns out not to be the case. The word "terrorist" has a long pedigree, and its core meaning is a distinctive and useful one: namely, someone who stages violent attacks in order to create terror. As long as I can remember (back to the early 1960s) the news has regularly mentioned terrorists and terrorism. Americans may have been lucky enough to escape much of it, but that doesn't mean it didn't happen.
The subjective nature of the word is also important. I have read accounts of German soldiers' WW2 experiences, in which - without the slightest irony or self-consciousness - they routinely describe the French and other national resistance movements as terrorists. From their point of view, that was quite justified. France had declared war on Germany, not the other way round, so when it was defeated in war the Germans were entitled to expect that French people would accept the outcome and submit to having been conquered. Before you impulsively exclaim that no self-respecting free people should ever submit themselves to foreign conquest just because they lost the formal war and their government was toppled, recall that this is exactly the situation in Iraq at present.
At the bottom of all these arguments about whether someone is a terrorist or a freedom fighter, we usually arrive at the irreducible gut feeling that "we are right, and they are wrong". Fine, but it's hard to erect a legal framework on the basis of such special pleading.
Nations have established their respective bodies of law, based on the assumption that there is such a thing as a well-defined area of national jurisdiction. In the past, that was (mostly) true. Thus a given act could be legal in some nations, and illegal in others. Anyone was entitled to form an opinion of the rightness or wrongness of such acts, regardless of their legal status. So there were three separate issues: whether a given act is legal or illegal in any nation's view; whether that act is considered right or wrong; and whether the person committing the act can, in practice, be brought to book.
Today, the Internet is available worldwide, so the idea of a nation's physical jurisdiction has become obsolete - at least as regards crimes that can be committed remotely, such as gambling, looking at pornography, Holocaust denial, blasphemy, reading news reports, or political discussion. (Remember all of these are crimes somewhere, though probably none of them is a crime everywhere).
This state of affairs is obviously unstable. Many of the contributors to this thread seem to believe that some laws are right, while others are wrong; and that it is only those laws that they consider right that need to be obeyed. Unfortunately this takes a giant step from the (more or less) objective domain of law to the (almost entirely) subjective domain of morality. For a largely American group of people, that does not necessarily pose a serious problem: the default assumption is that US laws are right, whereas other nations' laws are right to the extent that they coincide (or at least are compatible) with US laws. Based on this assumption, the US government often asserts a right to judge people living anywhere in the world, regardless of their nationality, and if necessary to seize them and transport them to the USA for trial under US law.
But the US government can do that only because it has the power to make almost everyone else comply. ("Might is right"). Imagine for a moment that China - or for that matter Cuba - suddenly acquired a magical superweapon that could defeat all known weapons, and destroy any enemy. Suddenly, US law would be put back into its box, while the Chinese or Cuban or whatever government would be able to extend its writ worldwide. How would we like that?
In the long run, and sooner rather than later, national governments are going to have to find some way of reconciling their legal systems with the existence of a single, seamless global communication space. It's going to be interesting.