Internet Worm Brings Down SCO! scream the headlines. No it doesn't! SCO Takes Down Own Website, Sets Up Alternative is more accurate -- although not without spending a couple of days conspicuously off the air, during which it issues sorrowful press releases bemoaning its fate. Why the break? Who knows. Not a good advert for the company's products, but a good clue that they see their business model as being a professionally aggrieved party rather than a software developer.
But little of this registers with the mainstream media. I do a quick phone interview on the World Service, and fortunately get enough time to explain some of the background -- although some questions prove unanswerable. "Is it the most virulent worm yet?" being one. How do you cope with that? "The darn thing spread well but probably won't do much DDoS damage," I said, "and is much the same as previous worms in many ways." You didn't answer the question, said the interviewer. Sigh. At least I get the 'If SCO is off the air it's because they want to be' point across, I think.
That doesn't seem to feed through to the rest of the BBC, let alone the rest of the world. The rampaging worm ("$30 billion damage done!" Yeah, right.) is poised to turn the entire developed world into rubble, if you believe the press. The BBC even publishes an article saying that the worm is part of the campaign of open-source supporters against SCO: anyone got Hutton's phone number?
Perhaps the sanest thing I hear is from Bruce Schneier, CTO of Counterpane and long-term voice of reason, whom Radio 5 has the good sense to stick on the air. He does a far superior job of debunking the rot. "Will terrorists use these worms?" asks the presenter. "No," says Schneier. "Terrorists blow up things. Worms are just annoying, like spray-painting graffiti. Terrorists don't go out spraying walls. Yeah, it's irritating, but that's all it is."
I wish I could feel the same way about mainstream tech reporting.
Ya know that strange relationship between the entertainment world and sexy science -- the one where NASA lands a probe on Mars at exactly the same time as Universal release a movie about bug-eyed Martians eating our children? I suspect others are at it. The day after Intel finally let Prescott out into the world and decide to call it a Pentium, a group of scientists announce they've created two new elements -- one of which is called Ununpentium. That stuck around for ninety milliseconds -- curiously, exactly the same time as a Prescott survives if its cooling fails -- before decaying into Ununtrium. That had a long and satisfying life of over a second -- making it a veritable Methuselah among the synthetic transuranics -- before turning into a pile of ordinary Gunkium.
OK, so it had to be called Ununpentium under the rules of the game. Following some really nasty Cold War arguments over the naming of new elements -- the Yanks wanted to call stuff LiveFreeUnderCapitalismWithGunsium, while the Ruskies favoured TheRuleOfTheProletariatGlorifiesMarxon -- people agreed to name discoveries after their atomic number. Ununpentium means element number 115; ununtrium is 113. See how it works? Shame it makes for some ugly monikers, and if this continues we'll have a hundred new elements all beginning unun. That's handy.
That's not the only odd-name fun you can have with the new Intel chip. Prescott also happens to be the name of George W Bush's grandfather, a businessmen and politician whose company interests in pre-war and wartime Germany are well worth half an hour of anyone's reading time. Unfortunately, he never seemed to have got into oil -- meaning jokes about Prescott's long pipelines will have to stay in abeyance.
Microsoft's latest IE patch is patchy. So users tell us -- the magic to stop information hiding in URLs past the @ sign only works if you haven't got much else installs that uses Internet Explorer. It's also not quite true for Microsoft to say that the patch itself -- which merely rejects URLs with @ in -- is acceptable because nobody uses such things legitimately.
Which just ain't so. The syntax lets you include username and password in a URL, so http://fred:firstname.lastname@example.org -- which isn't very secure, but it's a powerful way to give non-technical users limited access to resources. I run an FTP server and use it a lot to send huge files -- pictures, PDFs and the like -- to people whose mailboxes wouldn't cope with the impact of a few megs, and who aren't comfortable with logging in. Just create an account for them, invent a password, roll an FTP URL and slam it off: all matey has to do is click and download, and the file is theirs. It doesn't matter if someone intercepts the URL; after the file's been transferred I just delete the account, and it's only got read access to a single directory anyway. No, you wouldn't use it for many purposes -- but half the trick of security is finding the appropriate solution to each problem.
Now I can't do that, not because there's an inherent flaw in the idea but because one implementation is wonky. Now MS has poisoned the whole business: even if they fix IE in the future to deal with the problem properly, there'll be an unknown number of users out there with browsers that just won't work.
One more little trick that made the Net our own removed, and for no good reason. Gah, I say.
Interesting news from abroad: a set of hackers in the US have prised open the minimal security inside Motorola's cable modems and released the operating system within. You have to shove a serial cable inside, hook it up to a terminal program and interrupt its boot-up sequence by sending the appropriate commands, but once you've done that the whole of the modem lies at your beck and, indeed, call.
There are lots of nice details -- the processor and the operating system are the same as that on the Mars Rovers (presumably with better file management) -- but the lesson is clear. Systems like this have vulnerable points where you can not only get things you shouldn't, but can get total control. People are currently using it to uncap their cable connections, speeding up their downloads, but stuff like packet sniffers and security scanners are all on the cards. Infrastructure hacking like this creates whole new layers of potential virus, spam and remote control possibilities: given that most people seem to have trouble keeping viruses off their computers despite having enormous control over their software environment, heaven only knows what they'll do about badness in embedded systems. And they will be everywhere.
There's a Philip K. Dick short story called The Short Happy Life Of The Brown Oxford, which is about a shoe that comes to life and misbehaves. It is a whimsical, throw-away piece: very typical of the man but with no distinguishing features. I read recently that in the current Hollywood feeding frenzy for all matters Dickian, even that fluffy confection had been optioned: the sound of a barrel being scraped by an android was clearly audible.
But now I see the piece was strangely prescient, and more than worthy of celluloid. We already have shoes with built-in processors -- monitoring fitness, recording distance travelled, beating the cards at Vegas -- and once the spirit of hacking into objects really takes off, we won't be able to trust a wellington boot as far as we can throw it.
Our intrepid Insight editor, Andrew Donoghue, has been out and about talking to spacemen. Well, Star Commander Pat Norris, one of the blokes behind Logica's Space And Defence division, who had a hand in the unfortunate Beagle and is also busy with the better starred Galileo. That's the European satellite navigation system, designed to work with -- and in competition with -- the American GPS service.
The Americans aren't sure about this. They may have come in peace for all mankind, but that was the hippy sixties. Now it's the terror two thousands and Uncle Sam's thoughts are more about Total Spectrum Domination, which as you may gather is slightly less inclusive. You can't Totally Dominate if someone else has got stuff up there as good as you -- but the nervous nancies have been placated with promises of cooperation. That and their program of space weapons that'll blow up anything in orbit they don't like.
Let's hope SCO doesn't get involved in the guidance systems, for as Galactic General Norris says there's no reason why Galileo couldn't use open source. Now, I'm not sure that the overlap between open-source developers and Star Trek fans is exactly 100 percent, but it's always been a fact that the Starship Enterprise runs on some derivative of Unix -- a fact so obvious that it never needed to be mentioned in the script. This could be one of the first steps towards realising that future: grab that GCC compiler, my children, and reach for the stars!