Rupert Goodwins' Diary

Thursday 12/1/2005

Andy Grove's got a lot to answer for. OK, so he steered Intel from a tiny start-up to one of the monsters of modern technology, but didn't he realise the responsibilities that this entails? Responsibilities that mean people are going to take you seriously if you write a book called Only The Paranoid Survive — and the level of paranoia in the industry in 2006 seems to be growing week by week. We'll be at Cuban Missile Crisis levels by May.

Take the accusations today that Symantec is shipping a rootkit . I don't like Symantec's products or marketing very much. I've had to sort out too many friends who've been bemused by Norton AV demanding money for protection, when they didn't even know it was installed on their new computer. The software's big, messy and intrusive. It's still not fair to say that it's using rootkit ideas just because it hides a directory. In any case, there's no need to go over the top. Symantec's had plenty of genuine vulnerabilities in the past.

And that's one of the big problems with all these extra layers of security — it's just more stuff to go wrong. I used to run a UPS in line with the mains to my computer: it went wrong more often than the London Electricity Board, so after a while it went.

This is going to help poison DRM, which is even worse: it's designed so that if it does go wrong, it fails closed. It removes the flexibility needed which lets people of common purpose get around problems. It's the bureaucrat who'll never cut you an inch of slack, will never listen to your case and is perfectly capable of popping off for three hours for their lunch at the most inconvenient time.

These are not desirable attributes in the retail channel, a point that one hopes may be getting through to the people at the top. Spielberg's already likely to miss out on his chance at the Baftas because someone shipped "Munich" on the wrong sort of encrypted DVDs to the judges. Why go to all that trouble? If you want to show people trade secrets, which is what a film is before it opens, then put them under NDA and ship them watermarked copies. At that sort of level of distribution, you can edit in the watermarks by hand and burn individual discs: if someone does break the rules, you've got evidence of who it was and the legal wherewithal to make it matter.

Or you try and work out the actual cost to you of a leak, versus the cost of going all out to stop it and messing up, and pitch your countermeasures somewhere appropriate. You know, proper risk analysis. If any of the DRM proponents have actually done this, I'll eat a Mariah Carey CD.

Anything but listen to it.