Zhonka is the new OlyWa

On a lark, I checked Zhonka’s website and learned something I did not realize:

Founded and managed by experienced Internet pioneers from OlyWa.net …

I had mentioned OlyWA in previous posting in relation to smaller ISPs being purchased by telecoms, in this case OlyWa purchased by ATG. So, now it turns out that at least some of the OlyWa people have moved on. Also, the OlyWa website now goes to a 404 at ATG/Eschelon.

It’s interesting to go back and check on old players. I used to check every once in a while on old players like Spry and others, but slowed down when things got boring. However, here’s proof that there’s still some entertainment to be had in spotting the changes to the old guard.

As an aside, I notice that on the bottom of the Zhonka page is the following:

“As per RCW 19.190.40, it is a punishable offense to send unsolicited e-mail to Washington state addresses.”

Which is a statement that I find specific to a certain generation of Internet savvy people in Washington state. It’s something I added to the bottom of my page back in the day, and still retain there.

Ambient sound found in Pompeii pottery?

Via Digg, “Archaeologists get ancient audio from grooves on Pompeii pottery

This seems unreal. I watching MirrorMask on DVD, which is, well, City of Lost Children on acid, and there seems to have been a leak of the surreal. Is this for real?

Finding audio in the incidentally disturbed groves in pottery made hundreds, if not thousands of years ago … what if someone where able to recover the sounds of ancient egyptian being spoken, since we do not know what it sounded like?

This seems like a most amazing breakthrough. The video at the source site is all in French, but there’s a sample of the recovered audio …

Ah, not real, apparently. What a brilliant hoax. It was an april fools for Belgian TV, it seems. It’s the new War of the Worlds. Well done!

Following Good Guys, RadioShack closes stores.

Via Yahoo! News, “RadioShack to close up to 700 stores

Harsh news. I wonder if the Radio Shack in the Capital Mall will be one of the stores to go? Large national chains closing … this is economic recovery?

There was a time when my personal test of whether a town was a city was whether it had a Radio Shack. I remember the old Radio Shack that was in a building east of the Ralph’s on the east side of Olympia. I remember going in there, but I honestly cannot recall what I was looking to buy.

Radio Shack was the vendor of my first computer, a Tandy TRS-80 Color Computer. A seemingly sleek silver case with 4k of memory and Microsoft Basic in ROM, back before Microsoft purchased DR-DOS.

Radio Shack always seemed a bit too thick with schlock. I seem to recall that my Color Computer had this odd behaviour where the screen would go all fuzzy and lose vertical sync. If I pressed down on the top of the plastic case, I could fix it for a short spell. Radio Shack couldn’t fix it, but I don’t remember ever getting very good service.

I’m having such a strong memory of lusting after the impossibly large storage of an 8-inch floppy drive … 1.2 megs! I could hardly imagine … such a vast expanse of storage!

Problems with a “flat” namespace

Via digg, “Dell sues web designer because he has the same name.“:

“Paul Dell builds web sites. So, he has had a URL stating as much: dellwebsites.com. Somehow, Dell, the giant computer vendor thinks that people would be confused by that is and is suing for 100,000 Euros in damages.”

Back in the day, I tried to help Olympic Boat Centers register a domain for a company website. Try as we might, the registration would be rejected. the International Olympic Committee had a lock on any domain with the string “olympic” and, as far as I could tell, they were highly prejudicial. The sense of “olympic boat” was completely different depending on the context, and one context was connected to the Olympics. This one meaning was given exclusive meaning because of the relationship and agreement between the IOC and InterNIC/NetSol. Olympic Boat Centers finally gave up trying to argue their case, though they tried everything they could. They finally settled for boatnut.com.

This is the semantic danger of having a flat namespace, where contexts overlap. Another example is the way that disambiguation occurs for wikipedia terms. The relationship between the meaning and the sign is linear and not characterized. Other namespaces that are flat occur in folksonomic tags.

One technique is to offer a label for the relationships. This is also a technique for concept mapping that I recommend. Being able to explain the connection between elements, nodes, terms, etc … is one way to provide texture to the tags. Programmatically, I see this existence of this texture as offering quicker and easier ways to discern the deep texture of a taxonomy that would otherwise be hidden in context.

Update: I wrote an update here, but moved it to a new post.

The Flying Luxury Hotel – Popular Science

Via “The Flying Luxury Hotel – Popular Science“:

This is not a Blimp. It’s a sort of flying Queen Mary 2 that could change the way you think about air travel. It’s the Aeroscraft, and when it’s completed, it will ferry pampered passengers across continents and oceans as they stroll leisurely about the one-acre cabin or relax in their well-appointed staterooms.

Unlike its dirigible ancestors, the Aeroscraft is not lighter than air. Its 14 million cubic feet of helium hoist only two thirds of the craft’s weight. The rigid and surprisingly aerodynamic body—driven by huge rearward propellers—generates enough additional lift to keep the behemoth and its 400-ton payload aloft while cruising. During takeoff and landing, six turbofan jet engines push the ship up or ease its descent.

This two-football-fields-long concept airship is the brainchild of Igor Pasternak, whose privately-funded California firm, Worldwide Aeros Corporation, is in the early stages of developing a prototype and expects to have one completed by 2010.

This seems like such a great idea. This kind of craft could replace the transit answers offered by trains and busses for long haul. Since it’s VTOL, it could land at all the little municipal airports, offering milk-run trips that current carriers can’t afford or manage technically. Heck, these could do all kinds of ferry activities around the sound.

How about a shuttle from downtown Seattle to the ski slopes? At 174 mph, that’s half an hour, or less.

If this could be more affordable than air travel, and one might hope it to be more environmentally sound, whole new options for transportation destinations and corridors could arrive.

I can imagine people sitting in traffic along I-5, stuck, watching one of these fly overhead, or even going over twice the speed limit of the ground traffic.

In a place like the Puget Sound where we’re bound by water for so many of our transportation choices, something like this could be very welcome.

An hour to Long Beech from Olympia, instead of 3 or more, seems like it would completely re-vitalize many destinations. But more importantly, that means that roads don’t have to be built, or even maintained. What about creating a landing area at Mt. Rainier, and removing the roads there? One would drive to a place outside, or at the perimeter, and then board one of these air vehicles to make over the forest, to the mountain itself.

One of these could have a milk-run that links all the cities around the rim of the puget sound.

If this were affordable and environmentally safer than air travel now, I could see a complete revolution in the way we travel and where we go.

Plus, I think there would be something wonderfully majestic about the way these take off, travel and land. There might be a little more poetry to these flights. Perhaps a little touch of the river boat …

SGI warns that bankruptcy might be year-end option | Channel Register

Via SGI warns that bankruptcy might be year-end option | Channel Register“:

SGI issued its most ominous regulatory filing to date, warning that a bad 2006 could force the former high-flyer into bankruptcy.

Another tech legend heading to boot hill. I remember once many years ago working with a customer to get their IRIX system to connect via dial-up, and writing a help document about that. I also remember thinking how awesome the machines looked, but crazy expensive.

HBO wants its business to be off-limits for customers

Via Ars Technica, “HBO wants its programming to be off-limits for DVRs“:

HBO has joined the fray with a recent FCC filing in which it argues that its programming—and all “Subscription Video On Demand” services—should fall into the category of “Copy Never.” In a broadcast-flagged world, that translate into consumers not being able to record content broadcast by HBO. No TiVo, no VCR, no video capturing on your PC, no nada.

For me this connects with the network neutrality issue through an essential pattern of economic control. This then is further connected to the overall debates over copyright, intellectual property, and the public sphere.

When the content of our discussions are owned then our conversations are owned and there is no longer a public sphere in which culture can occur, develop or survive.

Okay, that’s a long chain of links, but that’s how far we’ve gone down the path. When the government mandates that the spectrum for analog television is returned, and digital content is mandated; then and there we find ourselves collectively moved into a technology which is being bound and gagged as we speak so that we cannot speak and cannot share and cannot think without paying someone for the use of their copyrighted material.

It’s not just about money. This is a fight over a pattern of economic behaviour that has the result of privatizing all collective and public culture.

Copyright is a consession by the public that grants a period of economic exclusivity to the author. It is not an inalienable right. Quite the opposite. Copyright is an easement on the inalienable rights of the public to the public sphere. It is in fact a consession of the right of the public domain in an attempt to compensate authors for their work. It is the inalienable right of the public that is being legislated away.

The eviscerated corpse of the public domain has left the cemetary and is knocking on the door, yelling, “I want my commons back!”

Multi-Touch Interaction Research

Via Digg, “Multi-Touch Interaction Research“:

Bi-manual, multi-point, and multi-user interactions on a graphical interaction surface.

This is a very cool demo. Reminds me a little bit of the music demo I saw a while ago, but I can’t seem to find where I saved the link, for an interface to create music on a lighted board. There’s a great video of several practical demos. The note about future work including the wish to be able to identify which fingers are touching suggest even cooler things ahead.

The demo video really put into my mind all the imaginary interfaces to virtual space in movies, especially, in Johnny Mnemonic. My understanding, say what one might about Keanu Reaves, that he improvised his movements in the scene where he manipulates a virtual space and that is what I find myself thinking about when I see the video.

To have a 36 x 27 inch “drafting table sytle implementation” workspace on which one could work is another great aspect of this demo.

Update: I found the link to the other demo. The first 1/2 is a technical demo, the second is a performance.

Licensing? You’re soaking in it.

In the credits of Blade: Trinity, appears the following:

This motion picture is being exhibited under specific license and is not for sale.

This is the first time that I’ve specifically noticed a movie, especially a DVD release, that claims to be licensed not sold. This is from Netflix, so it’s possible it’s a rental DVD version different than the one people would purchase in a store, but I bet it’s the same.

Shouldn’t stores label products that customer aren’t actually buying as not for sale? When the point at which one has allegedly entered into a binding contract is indistinguishable from any other moment, can one have actually ever agreed to the contract? If the licensor has taken every opportunity to disguise the moment when the contract event has taken place, can that be a binding contract for anyone other than, say, the Mob?

Suddenly scope-locked on net neutrality

Om Malik posts about an article the issue of network neutrality which appears quite good. Additionally, there’s a much better metaphor than mine here:

Via Om Malik’s Broadband Blog, “Net Neutrality Not An Optional Feature of Internet“:

“The telco and cable companies have in mind creating another type of customer not a class of service. They want suppliers to pay for the right of transit. It amounts to airlines charging Time Warner for the right of readers to take Time magazine on an airplane. It means charging Ford tolls in addition to drivers for the right of Ford cars to use highways.”

Great point about this being a way for companies to buy market results, not just network performance. This seems like my worry about the notion of “postal” charges for routing around spam filters. After all, if a company is paying a large amount of money, the mail provider is incentivized to keep that revenue, not in controlling the content of the messages that would otherwise be filtered.

And, here’s the thing: a source is only likely to pay to be routed around a spam filter if the content of the message is likely to be filtered in the first place. Perhaps there’s a reason it was going to be filtered, and the recipient hadn’t added the source to their whitelist or address book? It’s because that content is or resembles spam, right? Or why pay to be routed around a filter in the first place?

So, who’s the product for then? It’s a way to get questionable content to the recipient, so the product is, in a way, to create a threshold, and economic barrier to questionable content. It doesn’t eliminate the questionable content, but rather gentrifies it.

The network management quality of service argument for ending network neutrality misses the fact QoS does not work outside a private network environment where a single entity controls usage end to end. The implementation of QoS remains limited to private networks, because it makes the negotiation of interconnection compensation intractable.

Or, if the mahor carries are able to create a formal or informal cartel, in which they perhaps become as close as they can towards an oligonomy. With the quickly diminishing number of carriers, there’s very likley to be a time when informally the battle fields for competition are agreed upon by the carriers instead of determined by the market.

I note with interest the “free lunch” meme seen from AT&T’s Whitacre now appears in a report of words from Verizon’s John Thorne as well. Sure, it could have been independent development, but it’s interesting to see both appearing to espouse such similar thoughts. These two nominal competitors have aligned, and that’s not good.

Via Washington Post, “Verizon Executive Calls for End to Google’s ‘Free Lunch’“:

“The network builders are spending a fortune constructing and maintaining the networks that Google intends to ride on with nothing but cheap servers,” Thorne told a conference marking the 10th anniversary of the Telecommunications Act of 1996. “It is enjoying a free lunch that should, by any rational account, be the lunch of the facilities providers.”

The current government is overwhelmingly aligned with large corporate and multi-national interests, so network neutrality could be in clear and present danger.

Monetize that service!

Over at Boing Boing, they offer comment on something going around the Net, AOL/Yahoo: our email tax will make the net as good as the post office!

AOL and Yahoo have proposed a system to charge senders a quarter of a cent for each email delivered to their customers.

I keep hearing Adam Ant singing, “Stand and deliver, your money or your life!”

This is another potential loss of network neutrality, of course. The large providers are transiting huge amounts of mail, and they could create tiers. I would expect they would develop at least a third tier of expedited delivery and interstitial-like behaviour for an even greater premium.

I think the concern over groups not being able to deliver is a little bit reactionary. I would suspect that non-paying e-mail would be treated like spam, with exceptions for contacts in one’s own address book. In the NYT article, this is pretty much explicit by saying the cost of the stamp is “if they want to be certain” and the the system “gives preferential treatment” to paid deliveries. This is essentially a way for a company to buy a way around spam filters.

The danger comes not from the stamp charge, but if the rest of the e-mail is treated differently than it is now when the stamp cost is put into place. Do I trust that they won’t try to incentivize sources to upsell by treating unpaid mail poorly? Not really. Do I trust that they will not treat paying senders preferentially by delivering corporate spam wrapped up in a cloak of respect, like AOL’s old pop=up ads? Not really.

I notice that the NYT article does make an explicit connection between this topic and the broader issues of network neutrality.

Update: Boing Boing has updated their posting to better reflect the source material, and now say:

AOL and Yahoo have proposed a system to charge senders a quarter of a cent for guaranteed delivery on each email delivered sent to their customers.

Google is the new black

Rumours mount over Google’s internet plan

Google is working on a project to create its own global internet protocol (IP) network, a private alternative to the internet controlled by the search giant, according to sources who are in commercial negotiation with the company.

With job postings for positions that fit with Google transitioning from a search engine into a global backbone provider.

Very interesting follow-up to other thoughts about all that dark fibre. But don’t forget the borg cubes they’ve been working on. This would be a content provider with their own backbone, and that means they are more akin to an Internet version of a cable network.

I can’t help but be reminded by this search engine becoming a global carrier of the way that many BBS operators became Internet Service Providers in the first days of the commercial Internet, early in the 90’s when the rules changed.

I don’t think many of those BBS operations managed to survive independently. I suppose, now that I think about it, AOL started that way and they consumed Compuserve too, which was the service that was packaged with every modem for so many years, including my old C64’s 300 baud modem.

But, the mom & pops all died or got bought, I suspect. Quite a few got consumed by small telecoms or conglomerated into national providers, like Olywa being purchased by ATG and Verio/NTT, or even Earthlink’s aquisitions as just a sample. They got shoved out of the business because they couldn’t keep up with the constant changes in technology, with two version of 56k, ISDN, and then DSL. Then, on the other side, there’s the changes in the marketplace. Once the big companies realized it was a stable market in which profits could be made, they stepped in to take that profit directly, instead of indirectly through intermediaries to whom they sold bandwidth.

When ISPs were making money, the backbone providers cried sour grapes about all the money they weren’t making, that was being made by the providers. Now, once again, there’s a similar reaction to Google making money providing services over the backbone. This reminds me of the way that large technology players drop R&D onto the marketplace, and then purchase what is successful, this is the Microsoft strategy par excellence. By externalizing the cost of risky development, most of which is likely to fail, it is possible to stablize R&D on more conservative ventures; this is in part a response to investor skittishness as well?

It may just happen that content moves closer to the large players, like how CBS has pulled in episodes of Survivor onto their own website. Seems like AOL just missed the curve when they got some cable broadband. I wonder if they should buy a backbone like Google is doing?

This is an interesting pattern of networks and services contracting into and diverging from each other. I suppose exploring back, the FIDOnets and BBS networking was a bit of and expansion from when BBS services were self-contained. Then, there’s also cases where ISPs attempted to provide local services, like game servers, etc … Any local service was almost free in comparison to accessing something outside the local network.

When the network is tied to the service, people will desire to uncouple them. But, when they are too abstracted, I wonder whether they desire them more closely tied together, for ease of use. This was the dynamic that kept AOL customer tumbling off into the hands of the local ISPs, until the major telecoms figured out how they could be unfriendly enough to push the independents out while staying within their regulatory binds.

Western Union Stops Sending Telegrams; Make your own

Via The Huffington Post in “LiveScience.com – Era Ends: Western Union Stops Sending Telegrams

After 145 years, Western Union has quietly stopped sending telegrams.

In other news, Western Union was still sending telegrams …

However, there’s always Retro-Gram via snail or e-mail. Or, check out the free prop Western Union telegram from HPLHS. I actually prefer the Self-mailing Telegram.

Update: I noticed that Digg mentions this now, and they brought the funny:

Unable to install the latest patch, Western Union finally stops supporting “Telegram” 1.0

Update: It would take far too long to explain how I got there, but it turns out there’s a note on the Wikipedia page about the “Pangram” of relevance to the topic of Western Union, of all things, which I didn’t know:

For example, the pangram The quick red fox jumps over the lazy brown dog was developed by Western Union to test Telex/TWX data communication equipment for accuracy and reliability.

There ain’t no such thing as a free ride.

Via Broadband Reports, in “FT.com / Companies – AT&T chief warns on internet costs“:

“We have to figure out who pays for this bigger and bigger IP network,” said Mr Whitacre, who was in New York ahead of AT&T’s annual presentation to investors and analysts on Tuesday. “We have to show a return on our investments.”

“I think the content providers should be paying for the use of the network – obviously not the piece from the customer to the network, which has already been paid for by the customer in Internet access fees – but for accessing the so-called Internet cloud.”


“Now they might pass it on to their customers who are looking at a movie, for example. But that ought to be a cost of doing business for them. They shouldn’t get on [the network] and expect a free ride.”

There ain’t not such thing as a free ride and there never was.

First, this is the CEO of AT&T asking that other carriers demand payment for transiting data that originates through AT&T. Every other carrier should immediately send AT&T a bill, care of Mr. Whitacre CC’d to the shareholders.

Second, there is already no free ride. Every connection to the Internet costs someone something already. Even if one were to connect up to a public peering point, there’s a cost for equipment, but I’m willing to bet that Google does pay someone quite a bit for access already. So, who’s Google’s upstream provider? Is that upstream provider going to allow AT&T to surcharge its own customer without retaliation?

On the otherhand, is this a pre-emptive strike against Google before they light up all that dark fibre? If Google used newly lit fibre to bypass much of the existing backbone, much like Internap innovated to bypass public peering with cross-negotiated connections with the carriers directly, doesn’t Google actually become on par with an AT&T as a fellow backbone provider? I wonder if that’s the real fear expressed here. AT&T could become irrelevant.

This strategy is one that the other carriers should encourage AT&T to follow through on because it well put AT&T out of business.

Third, the Internet routes around damage. If AT&T pipes become expensive, then other carriers will see business increase. AT&T will not see the money that Witacre seems to think it will. The loss of network neutrality will slow adoption of services and lose AT&T customers in the long run.

On the other hand, if all the carriers adopt the same strategy, then broadband is dead. The two-way, interactive Internet is dead and becomes just another implementation of on-demand cable services. I wonder what would grow up to replace it?

Wouldn’t this be the same kind of refusal to service customers that motivated Tacoma to bypass TCI for cable service and implement a municiple network instead?

At the vary least, a loss of network neutrality would make it increasingly profitable by comparison for a service company like Google to light up that dark fibre and start selling DSL services. That was pretty much the direction that Earthlink seemed to be innovating.

AT&T could drop off the Internet as consumers and providers all route around those pipes.

Fourth, doesn’t AT&T have service agreements that this would contradict, over which they could be sued? If a customer buys a DSL connection with some broadband speed, and AT&T itself throttles the sites the customer desires to reach … isn’t that misleading, a hidden cost, or worse?

Fifth, I forget what my fifth point was, but … Oh, yeah, so this whole “so-called Internet Cloud” thing … by analogy that would be a toll to drive your car onto the freeway paid directly out of your pocket and a charge each time you drove off the freeway, passed on to you in the cost of the goods you purchased and services you consumed at your destination. There is no such thing, really, as an “Internet Cloud” … which is really a web of interconnected private TCP/IP networks, which is the definition if the capital “I” Internet. (And, yes, there can be more than one. This isn’t Highlander, folks.)

Sixth, if I were an investor in AT&T, I would think seriously about diversifying. This is the CEO of AT&T saying that they do not have a sustainable business model. This is old school phone company monopoly behaviour in a world that has moved on to other monopolies. I doubt “retro” was the company image AT&T wanted in the marketplace.

I wrote a strategy memo a long time ago, over a decade ago now, while I was working at a regional ISP. In this document I talk about ideas of continued success, and touch on network neutrality issues. In one paragraph, I talked about the two-tier Internet that might be around the corner, both then (last edited Aug 98) and, apparently now again:

One of the theories that I’d had a couple of years ago was that the Internet as we now know it was going to split into two networks under the pressure from commercialization. My theory stated that since the needs of the commercial use of the Internet are essentially one-way and not interactive, there would be developed technologies that would provide high-bandwidth to the consumer and an asymmetrical bandwidth back up the pipe. This would satisfy the extent of the commercial use of the Internet so that people could click on the “Buy Now!” button while not burdening the commercial providers with any of the abstracted technical needs of a more fully interactive network. Further, this split would leave the ISP and other symmetrically allocated services as a second-class citizen on slower networks, thus relegating the non-commercial Internet to a backwater of pokey interconnections they’d negotiated among themselves.

Out of nostalgia, I’ve attached that document to this posting: Continued Success? (rtf 24k). It’s interesting to read these things.

Old NeXT apps on intel, I wonder?

I was going through a box and found some CD-ROMs of old NeXT software. On a lark, I thought I would stick one in and see what happened. Well, Mac OS X recognized the app, gave it an icon, but with an overlay.

Starting up the application offers that the application cannot open because it is not supported on “this architecture” so that begs a very interesting question. The original architecture for the NeXT cubes and slabs was old motorola 68000 chips. The self-same motorola chips that Apple was using in their Mac II machines, which honestly boggled me at the time because of how much better the NeXT systems were when compared to the Mac II, in my experience.

However, most later applications offered fat binaries, essentially just the ‘app’ directory contained distinct compiled binaries for each architecture. Along with the motorola 68000 binaries, NeXT fat binaries often included PA-RISC and Intel.

So, do old NeXT apps for intel work on the new intel Mac OS X boxen?

For the most part it just wouldn’t matter, since the old apps are mostly curiosities now. The one app that I couldn’t live without was Diagram, but that has been replaced on my Mac by Omnigroup’s OmniGraffle, which for the longest time I called OmniGiraffe for some reason. In the back of my head, I do think about WordPerfect, although I doubt I’d use it, prefering to place my hope in some future native OpenOffice to replace Microsoft Office or if Apple keeps working on iWork. Of course, I also have InDesign, which I have yet to touch …

Yeah, okay, it’s just pure geeky curiosity then.

Google Agrees to Buy Radio Ad Company

Via The Washington Post, “Google Agrees to Buy Radio Ad Company“:

“Google Inc. is continuing to expand its advertising capabilities beyond the online world, agreeing to buy a company that automatically connects advertisers with radio stations. The price could top $1.2 billion.

The company, dMarc Broadcasting Inc. of Newport Beach, Calif., creates an automated platform that lets advertisers more easily schedule and deliver ads over radio and keep track of when they air. On the broadcaster side, the dMarc technology automatically schedules and places such advertising, helping stations minimize costs.”

Maybe not just so beyond the online world, if this also turns into an adsense for podcasting, yeah? Now, that would be something big.

If hacked, it could be the mythic “urban spelunking” tool

Via Scobleizer – Microsoft Geek Blogger, “The word-of-mouth killer product of CES“:

It’s a $400 box with a lens that you look through.

It comes out in April. …

You look through this device at the night-time sky and it tells you what you’re looking at. Oh, it doesn’t need to be night, either.

Celestron is a famous maker of telescopes (I sold a truckload of their product in the Silicon Valley camera store I used to manage and they always made great products).

It has GPS, gravity, and magnetic field sensors to detect where it’s going.

But it just gets better from there. You can tell it ‘show me the cool stuff in the sky right now.’ It’ll take you on a tour and show you how to point the device with a series of LED’s in the viewfinder.

But it gets cooler than that. It has an audio guide that tells you what you’re looking at and gives you some facts about it.”

If this thing could be hacked to show arbitrary data about the world, it could be the mythic “urban spelunking” tool that Neil, Jason and I were dreaming about one day.

Say, you’re wandering around town, you look through this device at some building and it shows you “hidden” information that had been left by other people about that location in space. Notes could be left around anything in the ambient environment, viewed from any odd angle … a tagging folksonomy for the real world. Maybe even, somehow connected to concepts like Geocaching and some Google Earth API-based way to leave the notes.

Now, that would be cool.

Congratulations! It’s a Design Flaw.

Via F-Secure : News from the Lab

“When Windows Metafiles were designed in late 1980s, a feature was included that allowed the image files to contain actual code. This code would be executed via a callback in special situations. This was not a bug; this was something which was needed at the time.

This function was designed to be called by Windows if a print job needed to be canceled during spooling.

This really means two things:
1) There are probably other vulnerable functions in WMF files in addition to SetAbortProc
2) This bug seems to affect all versions of Windows, starting from Windows 3.0 – shipped in 1990!

“The WMF vulnerability” probably affects more computers than any other security vulnerability, ever.”

A fundimental design flaw then, is it?

Back in the day, there were essentially no ways to infect NeXT machines. However, I remember having a conversation with someone I worked with that had worked with NeXT boxes longer than I had. Turns out that there was a way. The display system in NeXT was called Display Postscript. Postscript could contain executable code, and so it was possible to have a file, and image, that when viewed on a NeXT machine, would execute arbitrary code.

The display system in Mac OS X is essentially the same except that Adobe wanted to torpedo the display postscript, and so Apple went with, if I remember, essentially what could be called “display PDF” instead. I am not sure of PS files are still vulnerable to embedded code. I have vague memories that the issue was addressed in the past.

So, the flaw in WMF of having embedded executable code isn’t something that was only by design in WMF files. It appears that this design flaw was widely expected in graphic files that were to be used for printing graphics.

I wonder if the design flaw in WMF was developed to copy the postcript funtionality? I mean, would that not just be just? Instead of innovation in vulnerability, Microsoft may have even copied that from someone else, too.

And, some say that Open Source is all imitation of other people’s work?

Score one more for Microsoft’s powers of innovation

Via “Northwest Progressive Institute: WARNING: Windows users, you are at risk to new security vulnerability – act now

Unlike with previously revealed vulnerabilities, computers can be infected simply by visiting one of the Web sites or viewing an infected image in an e-mail through the preview pane in older versions of Microsoft Outlook, even if users did not click on anything or open any files. Operating system versions ranging from the current Windows XP to Windows 98 are affected.

We used to tell people, when I worked at ISPs, that it wasn’t possible. Now it is possible. Just but looking at a website, just by reading an e-mail. No need to even activate an application now. Well, congratulations to Microsoft for their successful innovation!

I once observed in a letter to the editor, I think, of the Computer User magazine, that there was a great significance to the spread of VBA and Macro viruses. What Microsoft had managed to do was create a cross-platform virus, which was more and more likely to be a problem as higher level program environments became available, ones which were not platform dependent. So, here’s another way that Microsoft has innovated in the market place. They are just following their own tradition of innovation in vulnerability.

After all, security is “an opportunity for third party developers.”