Network Associates Buys Deersoft

Certainly spam is a problem. And where there is a problem, there is money to be made in providing a solution. However, somehow it just doesn't seem right to be making money in providing spam filtering. I feel that way because people shouldn't have to pay to get rid of spam. They are innocent victims.

Imagine this scenario: Five years from now, spam filtering tools are widely used, and millions of email users pay a subscription for spam filtering tools. Then it's easy to measure the cost of spam: X number of email users pay Y number of dollars to fight spam. At that point, when the bean counters start reporting huge numbers as the cost of spam, then the government steps in and passes laws that prohibit spam.

Well, it's not that simple. Laws in the U.S. can't affect spammers who work from overseas.

So, can you create a solid business based on anti-spam tools? Perhaps. I'm considering giving it a try. But there are risks. If spam is a really big problem -- and it is -- open source developers will devote much of their effort to producing anti-spam tools. Perhaps that's how it should be. Innocent email users shouldn't have to pay for getting rid of spam.

9:26:10 PM   

Visual Studio.NET Quirks

One of the things you learn, as a developer learning a new development environment, is the set of quirks that the development environment has.  Once you know the quirks, then you can recognize them and deal with them.  But until you know them, life can be difficult.

Well, today I learned one of the quirks of Microsoft Visual Studio.NET.  If you examine variables while stopped at a breakpoint in the debugger, magical things can happen.  I don't know how that happens, but it probably has to do with a class's properties.  I my case, some instance variables are set as properties that depend on other instance variables.  These instance variables somehow get set magically when you examine their values in the debugger.  I verified that if I don't examine the instance variables, they have the values I expect (empty string, verified by printing them).  If I do examine them, then they get correct values in some magical way, presumably by calling the code that "gets" the property (but without stopping at a breakpoint in that code).

Now that I have found that quirk, life with Visual Studio.NET can go on.

2:38:31 PM   

Mozilla beats Internet explorer

I think I'll start using Mozilla as my default web browser.  The biggest single factor influencing my decision is the fact that Mozilla allows you to change the font sizes.  Internet Explorer does not.  On my laptop computer, the normal size fonts are small, while the small size fonts are almost unreadable.

There are other factors too.  For example, Mozilla allows you to stop the animations.  Some animations are too distracting, making it difficult to read the text on the page.

On a philosophical level, Mozilla is not so beholden to corporate (that is, Microsoft's) interests.

8:16:49 AM   

Why privacy really does matter

I had a scary thought about privacy.  Since there are other countries that are not subject to the laws of the United States (or subject to the laws of other industrialized nations for that matter), it's conceivable that a company could try to make money selling your personal information.  They could operate out of some place in the world where they couldn't be touched by the laws of the U.S.  They could make money selling searches to anyone who would pay for it.  It's even conceivable, that once your most sensitive personal information escapes outside of responsible control, it could be forever out there being passed around in a black market.

7:45:27 AM   

While getting involved in some SSL/TLS programming in recent days, I have been wondering about real versus perceived threats to secure communication.  Read any of the articles and books about secure communications, and you hear of many possible threats, some actually quite intricate.  These books and articles rarely put threats into perspective.  Here are a few examples of threats:

• short key length of DES makes it "easy" to crack
• insufficiently random data
• possibility of finding two strings that hash to the same value
• a "man in the middle" causes communicating parties to negotiate down to a weaker algorithm

These are all threats, to be sure.  But how much of a threat?  How do these compare to the threat that a private key is compromised and the CRL is not distributed in time to stop the damage?  Or the threat that someone falsely impersonates an organization to the Certification Authority to get a certificate? (like someone impersonated Microsoft not too long ago)

12:37:48 AM   

Yahoo says it will start using PHP for scripting its web pages.  It will deep-six its own proprietary web scripting language, called yScript. [CNET News.com]

PHP is a very good web scripting language.

But what about other proprietary scripting languages, like Cold Fusion.  Isn't Macromedia supposed to make money selling large Cold Fusion licenses to big companies like Yahoo?  Or do they just sell large licenses to financial institutions and other organizations that seem to commonly choose expensive proprietary solutions (for some inexplainable reason).  I can't see why anyone would buy a license for Cold Fusion, when PHP is equally good, if not better, and free.  This can't be good news for Macromedia.  Eventually, there will be a time when even the financial institutions will stop paying for Cold Fusion.

There's a lesson to be learned.  If you are in the software business, you must pay attention to Open Source software.  Depending on the products you sell, it's possible that one day in the not-so-distant future, you will be unable to sell your products because of an Open Source alternative.

12:21:24 AM   

The spam war has only just begun.

The Internet still relies too much on socially responsible behavior, and therefore, it is vulnerable to abuse by those with no social conscience.

Last week, it was a distributed denial of service attack on the root DNS servers.  The denial of service attack problem has still not been solved.  Fortunately, researchers are working on the problem, and there may be a solution.  [See Aggregate-Based Congestion Control.]

Now, there is a story about spamming referrer links in web server logs.  [wired news] [slashdot.org]  I know there are sophisticated web users who dislike the referrer links that browsers send to web sites.  But most of those users don't understand the web log culture.  In the web log culture, the referrer links provide a form of cross-pollination that makes web logs more interesting.  Now, that culture has been shamelessly trampled on by abusive spammers.  (For the record, I am in favor of a broad definition of the term spam.  Until we come up with a better term for intrusive marketing, I am fine with using the term spam to denote it.)

This problem with the spamming of web site log files brings to mind the potential for a lot more abuse.  For example, how about the potential for adding porno site links to guestbooks on personal home pages?  How about other kinds of clever denial of service attacks?

The jury is still out on whether the Web will ultimately succumb to the Tragedy of the Commons.

9:54:17 AM   

What will the future be like for digital media?

I have some thoughts on this that are not completely organized.  I don't have time to get them really organized, so I'm just going to present my thoughts in perhaps a somewhat disorganized way.

What is missing today, which will make a big difference years hence, is a wealth of public domain content.  A lot of the digital content available today is treated by many consumers as if it were public domain.  That use by consumers is what has got the content owners so angry.  On the one hand, we have consumers wanting to claim "fair use" rights, and on the other hand we have content owners wanting to call every use they don't approve of "piracy". 

Leaving aside a discussion of fair use rights, I don't think this situation would be so charged if there were a large selection of public domain content.  Consumers have the tools to do lots of very creative things with digital content: the result being what is often called "derivative works".  There just isn't that much public domain content at the present time.

I would be quite happy just to get public domain recordings of popular classical works, and even some of the jazz and big band recordings from the first half of the 20th century.  Many of these recordings are no longer marketable.  Really, no one's going to make any money off some of the old recordings from the 1940's and 1950's.  Let's get them into the public domain.  Same with the old movies and photographs.

A wealth of content in the public domain would certainly lessen the value of current content.  For that reason, the content owners have a vested interest in trying to keep works out of the public domain.  Nevertheless, I think the public domain is good for consumers.  It will force the current content producers to compete, to produce something of real value, not artificially inflated value that results from artificial scarcity.

With a large number of works in the public domain, the beta-max argument applied to peer-to-peer file sharing becomes more compelling.  The Napster clones would have a legitimate use in exchanging content that's in the public domain.

I would like to see the issue of digital rights resolved with a push to get more content into the public domain.  Content owners should be able to protect their content for the "limited times" that is stated in the U.S. constitution.  However, all content should eventually pass into the public domain.  We can argue over how long that should be.  Certainly, 75 years is away too long (as specified by the Copyright Term Extension Act).

If you think about it, there will be more and more content in the public domain as time goes on.  For that reason, I don't think the issues today, about how much control content owners should have over their content, will be issues 50 years from now.  By then, there should be a lot of content in the public domain.  That means there will be legitimate, legal, free content available as an alternative to non-free content.  Most people like me won't care that the latest content isn't free.  We will just choose the free content when we can.  That will happen with Pallidium or without it.

I'll be watching Eldred v. Ashcroft.

5:49:39 PM   

1:10:18 AM   

So, Dataplay is dead.  Why am I not surprised.

You know what Dataplay is?  It's a technology that stores data, particularly multimedia data, on small disks the size of a quarter.  The company thought the disks would be attractive to consumers because of their small size.  They also thought the disks would be attractive to the music labels because the devices can restrict copying.  Music on Dataplay disks can't be "ripped".  The last I remember hearing about Dataplay, they were supposed to start releasing pre-recorded music on the small disks in stores.  They actually thought that consumers would like a new kind of "CD" that doesn't permit ripping!  Someone should have told them about the Divx disks.

1:06:52 AM