Sunday, June 24, 2007

Choose your poison: HIV or something else

Nonbiologists like me may read this Zimmer article with mouth firmly open ...
The Loom : Pleistocene Medicine for Battling HIV

...It turns out that human TRIM5-alpha does an excellent job of wiping out this ancestral virus. Its superior performance depends on a short bit of one of the virus's genes--a bit that shows signs of having experienced strong natural selection in our hominid ancestors. But evolving a strong resistance to PtERV1 meant giving up resistance to HIV. The viruses seem to force primates to make an evolutionary choice: defend against one or the other, but not both. In our ancestors, the scientists argue, TRIM5-alpha evolved into a powerful weapon against PtERV1--so powerful that we carry no trace of the virus in our genomes. But it left us with little protection against HIV
In order to test the modern reponse to the "ancestral virus" researchers had to resurrect it from relics buried in the human genome. The practice is kind of a cross between archeology and ... ummm ... omnipotence. We may not have jet packs or sentient AIs (as far as we know, yet), but our biology is well beyond what science fiction writers of the 1960s expected ...

China: totalitarian anarchy?

The NYT has been doing an excellent job following up on China's flurry of quality and fraud issues, most recently covering the "Lead Thomas" news. Today David Barboza gives us some insight on what's going on behind the scenes after a visit to Thomas's home -- RC2, the largest toy manufacturing facility in the world ...
David Barboza - My Time as a Hostage - New York Times

AS an American journalist based in China, I knew there was a good chance that at some poozaint I’d be detained for pursuing a story. I just never thought I’d be held hostage by a toy factory.

That’s what happened last Monday, when for nine hours I was held, along with a translator and a photographer, by the suppliers of the popular Thomas & Friends toy rail sets.

“You’ve intruded on our property,” one factory boss shouted at me. “Tell me, what exactly is the purpose of this visit?” When I answered that I had come to meet the maker of a toy that had recently been recalled in the United States because it contained lead paint, he suggested I was really a commercial spy intent on stealing the secrets to the factory’s toy manufacturing process.

“How do I know you’re really from The New York Times?” he said. “Anyone can fake a name card.”

Thus began our interrogation, which was followed by hours of negotiations, the partial closing of the factory complex and the arrival of several police cars, a handful of helmet-wearing security officers and some government officials, all trying to free an American journalist and his colleagues from a toy factory.

Factory bosses, I would discover, can overrule the police, and Chinese government officials are not as powerful as you might suspect in a country addicted to foreign investment...

For American journalists, there’s a tradition of showing up at a crime scene, or visiting a place that has made news. But in China, where press freedoms are weak, such visits can be dangerous.

Last year, a young man working for a Chinese newspaper was beaten to death after he tried to meet the owners of an illegal coal mine. Local officials later insisted he was trying to extort money.

My colleagues at The Times have been detained several times. And one of our Chinese research assistants is now serving a three-year prison term for fraud. He originally had been accused of passing state secrets to The Times, a charge this paper has denied.

.... Many experts have told me that one of the most serious problems in China is that the government lacks the power to control the nation’s Wild West entrepreneurs, deal makers and connected factory owners.

Bribery is rampant, and government corruption widespread. Just a few weeks ago, the top food and drug regulator was sentenced to death for taking huge bribes from pharmaceutical companies. But it’s not clear that strong messages like that will stop the anarchy.

“China effectively has no oversight over anything,” said Oded Shenkar, a business professor at Ohio State University and author of “The Chinese Century: The Rising Chinese Economy and Its Impact on the Global Economy, the Balance of Power and Your Job.”

“People have this idea they are Big Brother and everyone is under watch,” Mr. Shenkar said. “But this is not China. In China, local authorities often turn a blind eye to problems because maybe they’re invested in it.”

Indeed, the impotence of local officials was clear to me from my visit to the RC2 Industrial Park in the city of Dongguan, which is thought to be the largest toy manufacturing center in the world.

The private plant is the main supplier to the RC2 Corporation, an Illinois company. And the Hong Kong or Chinese entrepreneurs who run the facility seemed to hold great sway over the government.

We had no problem entering the complex or looking around until we met “Mr. Zhong,” a rough-looking factory complex supervisor. He scolded us for entering the grounds and taking photographs, and then invited us to a small villa on the campus, a stylish house filled with luxurious rooms, black leather chairs, a giant-screen TV, a huge stock of Cuban cigars, even a massage parlor.

This would be our prison. (Business correspondents are a more fortunate breed than war reporters.) Mr. Zhong offered an interview and a tour. But he later changed his mind and issued an ultimatum: hand over the pictures or we call the police.

Confident we had signed in properly with the security guards, who had allowed us onto the campus, we opted for the police. After over an hour, the police failed to show up, and we tried to leave, only to be nearly tackled by the factory’s ragtag army of security officers.

My translator then called the police.

The scene was farcical. We were locked inside the factory gate, surrounded by 16 security guards and 4 or 5 factory bosses. All trucks trying to bring supplies in or out of the complex were rerouted. Inside, large crowds of factory workers in blue uniforms were gawking. A crowd had also gathered outside the gates.

The police arrived an hour later, listened to both sides and then stood around. More police officers came. And more police officers stood around. It was clear they had no power to intervene.

So we called government officials, who suggested other government officials, who offered up more.

Finally, after hours of waiting, a higher-level government official arrived to settle the dispute.

He was a friendly man who admitted that he could not release us, that he didn’t have the power. We should negotiate, he said. For the next five hours, he shuttled between rooms in the villa trying to negotiate a settlement. There were shouting matches. There were demands that pictures be turned over.

After hours of squabbling, Mr. Zhong demanded we write a confession saying we had trespassed. He settled for a few sentences explaining why I had come and that I had not asked his permission to take any pictures.

The fight between government and factory during our detainment seemed to underscore the dysfunctional relationship the Chinese government has with industry.

In the endless back and forth, it was apparent that the government I often imagined as being all powerful and all seeing could be powerless and conflicted when it came to local businessmen and factory owners.

When we were released early Tuesday from a local police station, where we were sent to fill out a report, we noticed that while our translator was giving an account of the day to the police, the factory bosses were laughing and dining in another room, making the nexus of power in these parts and in this age ever more clear.
I'm visiting my parents in Montreal, and as we drove out to lunch my father told me how things worked in the 40s. Then, if you were stopped by the underpaid and undertrained provincial police, you'd offer the officer a cigarette (everyone smoked), with $5 tucked in the pack. A payment of $500 would get anyone a job on the police force - no questions asked.

Ten years earlier, in the 1930s, the Chicago business scene would have been very familiar to Mr. Zhong. Twenty years earlier Sinclair Lewis described Chinese-style factory life and practices in the US.

Times change. Only an idiot would try to bribe a Quebec provincial police officer today. It might work, or it might get you arrested. That's enough uncertainty to ensure no-one will try. (On the other hand, Bill Clintons million dollar speeches prove that bribery has not vanished, it's just become more refined.) China's changing fast, maybe the rule of law will emerge there in twenty years rather than fifty years.

In the meantime it seems easiest to think of China as 1930 Chicago with an added dash of totalitarian tradition. That means we shouldn't waste our time trying to get China to enforce food safety laws. Instead, we should make American importers legally liable for whatever problems are found, including criminal liability where that applies. That kind of pressure will force change all the way down the supply chain.

The missing Google solution: no file sharing

I make fairly frequent use of Google Page Creator (still a "lab" product), Google Documents, and, indeed, most of what Google produces including their photo sharing service. I even have 3 or 4 (it's easy to lose count) Google app domains including our family domain. I've been a Google fan since the first few weeks they had a web presence, back when everyone else I knew was still using Alta Vista (yes, it still exists).

Yeah, I 'm a fan. Google is awesome, the paradigmatic (hey, it's a good word) 21st century company. If they ever open an R&D office in the Twin Cities I'll send in my resume -- just so I can say I tried. There are some things, however, that Google has steered clear of. It's this kind of omission, the "dog that didn't bark in the night"omission, that catches my attention.

Google doesn't provide a quality service for uploading files to share on the web. Yahoo xdrive doesn't either. The old webdav services I used to use, that did provide URL (http port 80) access have faded away.

Sure, Google Pages ("lab" supposedly, but it's part of the free Google Apps service) lets you upload a file, but it doesn't scale. You can't rename a file once its been uploaded, there's no metadata save name and size, there's no real browser -- it's such a barebones solution that it underscores how reluctant they are to provide a web accessible file store.

Look at Google Apps Premier edition. Sure there's no presentation software, but that's on the way. More intriguingly, there's no file server.

So why won't Google, or xdrive, provide a file server solution with a web accessible addresses? It can't simply be fear of copyright violation -- Google owns YouTube! I wish someone better connected than I am would notice this and track it down a bit ...

Whistling past the cell phone graveyard

I expect iPhone 1.0 to induce massive gnashing of teeth among the foolish early adopters. Apple has the creativity gene, not the quality gene. If I buy one, it won't be before November -- and I can't buy one ever if there isn't a reasonably reliable solution for bidirectional synchronization of tasks, contacts, and calendars with Outlook (via .Mac or gCal would be ok - I expect Google will give us this even if Apple won't).

On the other hand, I think the cell phone industry will never be the same again after June 29th. The current crop of cell phones are, for geeks like me, a travesty. The closest thing to acceptable is the senescent and absurdly expensive Treo, now being placed on life support. So it's interesting to watch the reactions of industry insiders:
AT&T Hoping the iPhone Has Coattails - New York Times

...Mr. Lanman said Verizon already had at least 18 music-capable phones. In the next few weeks, he said, it plans to introduce a new model of its Chocolate phones that allows not just downloading of songs over the air but also transferring music from computers.

Mr. Lanman said he was not worried that AT&T would steal customers because Verizon’s network infrastructure is superior and offers better connection coverage and stability. “For Apple, I think the big risk is the AT&T network.”...

... .Edward Snyder, an equity analyst with Charter Equity Research, said that many people would be turned off by the price; older customers who can afford it, he said, will not care about all the fancy features of the iPhone, while younger ones who are excited about the device will not like the cost.

Over all, Mr. Snyder said, the iPhone will appeal to maybe 3 percent to 5 percent of wireless phone users. And he said he was skeptical that it would work as well as advertised.

“Implementing a cellphone is absolutely more difficult than anything Apple’s done to date,” he said, noting that, in particular, the phones might have trouble delivering consistently good voice communications and that the devices could suffer overall reliability problems. “Go out and buy an iPod and hold it at waist level and drop it. That’s the end of the iPod.”

“I don’t think Apple’s going to be a big player in this at all.”...

... Bill Plummer, vice president of Nokia’s multimedia group in North America, disagreed with the assertion that the iPhone would bring fundamental change to the market. He said Nokia already sold high-end phones with a wide range of functions, including the N95, which has a five-megapixel camera and a hard drive to store and play music. The phone works on either the AT&T or T-Mobile network and sells for $749.

The iPhone, he argued “is an evolution of the status quo.”...

Mr. Lanman's comments are probably the smartest. He's clearly concerned but careful about what he says -- but he's omitting the DRM problem. Downloaded music to Chocolate phones will all be DRMd; I wonder how well CD ripping works for the Chocolates, and whether they can plan non-DRMd AAC. If they can't then Verizon is pretty dumb. (AAC is not an Apple technology; neither of the "A"s stand for "Apple".)

Mr. Snyder wasn't doing too badly until he got to the part about dropping an iPod. You can drop a Nano from a rooftop and it will keep working - even if the case cracks. He's confusing a hard drive iPod with a flash iPod. I'll give him a little credit because the iPhone looks extremely fragile (titanium clamshell is more my style), but he botched this one.

Mr. Plummer's claim that the iPhone is "an evolution of the status quo" is hilarious.

In case we didn't know it already, the iPhone is clearly terrifying the cellular industry. If it does nothing else, it's already a modest success.

Update 6/26/07: Daring Fireball has a more entertaining summary of these interviews.

Rating cellular service by customer turnover

It's not a great metric, since different contractual practices will produce different churn rates, but we really don't have much data to rate cellular service providers so churn may have to do:
AT&T Hoping the iPhone Has Coattails - New York Times

...AT&T is now losing around 1.7 percent of its subscribers each month, compared with 1.1 percent at Verizon. T-Mobile’s churn is 2.6 percent, while Sprint’s is 2.3 percent....
T-mobile and Sprint look pretty bad based on this metric and Verizon is in a league of its own.

Saturday, June 23, 2007

The paperless office - closer than you think

Crooked Timber tells us that US paper consumption has been falling for years. It's easy to miss these slow changes, but I can confirm that my use has been declining.

Large screen high resolution dual monitors have reduced my need to use paper as a transient "screen extender" and full text search that works (Spotlight on OS X, Windows desktop search on XP*) has increased the value of digital documents. I still take notes on paper; the more decrepit my brain gets the less bandwidth I can spare for managing computer interaction -- also it's faster.

What does get printed now is transient. It's printed, distributed, read and recycled.

* Yes, I've gone to the dark side for XP search. Google Desktop Search is not as good, Yahoo gave up the ghost, and X1 is vanishing now that Vista has integrated search.

Friday, June 22, 2007

Hume: The greatest philosopher?

I'm seeing quite a bit of Hume recently. The more I read or hear (In Our Time) the more impressed I am. Hume deserves much more attention ...
Designs, Intelligent and Stupid | Cosmic Variance

...In a word, Cleanthes, a man who follows your hypothesis is able perhaps to assert, or conjecture, that the universe, sometime, arose from something like design: but beyond that position he cannot ascertain one single circumstance; and is left afterwards to fix every point of his theology by the utmost license of fancy and hypothesis. This world, for aught he knows, is very faulty and imperfect, compared to a superior standard; and was only the first rude essay of some infant deity, who afterwards abandoned it, ashamed of his lame performance: it is the work only of some dependent, inferior deity; and is the object of derision to his superiors: it is the production of old age and dotage in some superannuated deity; and ever since his death, has run on at adventures, from the first impulse and active force which it received from him....
I wonder if Hume knew of Bonsai trees? If he did he might have come up with another explanation for the twisted state of a designed world...

See also:

Blink by Malcolm Gladwell - a review

A colleague who favors instinctive decisions urged me to read Blink! I decided to overcome my stodgy resistance to pop-psychology books and see if I should be paying more attention to unreasoned impulses. I was surprised to discover that the book is rather more ambivalent than my colleague thought (did she read the whole book?), though it is also a big muddled. Here's my Amazon review ...
Blink: The Power of Thinking Without Thinking: Books: Malcolm Gladwell

The strangest thing about Blink! Is the contradiction between the contents and the cover. Did any of the people quoted on the back cover actually read the book? (Hint: Blurb writers rarely read the books they comment on.) The quotes rave about the power of snap decisions, but Gladwell is much more ambivalent. He's particularly concerned with how racial stereotypes misinform judgments, so much so that Gladwell finds he has an intuitively negative opinion of African Americans -- despite being a black man. I suspect he spent some time thinking about when he was going to introduce his Jamaican mother; the book itself is an experiment in the power of framing and bias.

Contrary to the back cover, and the subtitle of "the power of thinking without thinking", this is a book about both the power and the treachery of the unspeaking mind. On the one hand we have powerful non-verbal detection of deception and emotional context, on the other hand we have unconscious bias based on height and ethnicity, the election of George ... err .. Warren Harding and the shooting of Amadou Diallo.

I'd been expecting a superficial justification of impulsive thinking, so I was pleasantly surprised to find Gladwell's Blink! is a much deeper wrok. On the other hand, the book is also somewhat muddled. Once Gladwell moved away from domains in which natural selection has build powerful non-verbal tools, such as deception, mating and eating, his examples of good impulsive analysis became much less persuasive. The "red team" commander's success seemed to owe much more to correct and measured analysis than impulsive decisions (I'd read the story before by the way. The US military needs to retire a lot of generals.). The Cook County MI algorithm story is about the superiority of an analytic decision tree over both analytic human reasoning and non-verbal impressions. I couldn't tell what the Diallo story was trying to communicate, I think he was saying that under high stress situations human reasoning collapses (the autism connection is highly speculative and has no biological foundation). That's certainly true, but hardly novel.

In other cases I had a "Blink" type suspicion that we was cherry-picking and shading anecdotes. I'm particularly suspicious that there was more to the Cook County story than we were told -- it would be very odd for a test to be so sensitive and specific that prior probability of disease was irrelevant. In an afterword he introduces new research findings that contradict the simplistic models in the early book; that's commendable but it doesn't make the book more cohesive.

I think Gladwell lost out by omitting an evolutionary context to human thinking -- a choice that may reveal his biases. An evolutionary approach to cognition explains why the "silent mind" can do so well with decisions lizards, birds and primates evolved around, such as mating, eating, fighting and deceiving. It also explains why the non-verbal mind can make terrible mistakes when evaluating CEOs, presidents, or cell phones. He could have connected the evolution of mind with his thesis experts do best when they combine the silent mind with formal symbolic analysis (words).

I did learn one or two new things. I was impressed by the research on how easy it is to alter emotional state through priming methods. Maybe those days when everyone around me seems to be driving badly are the results of some particularly noxious talk radio show.

Ultimately Gladwell comes across, to me, as suspicious of the intuitive mind. I think he decides that non-experts should "trust" their intuition in domains where natural selection operates, but that even there they need to identify and adjust for bias based on appearance, gender, ethnicity, race, etc. Domain experts do best when they combine non-verbal intuition with analytic reasoning; they can use the intuitive input as a guide to developing a rational and defensible decision (something non-experts are said to have great difficulty with).

That sounds like a plausible path. When making expert decisions in the non-primeval world, write down that initial "Blink!" impression -- but don't trust it. Adjust for bias and use it as the basis for a time limited and bounded analysis by translating it into a defensible rationalization. Then attack the rationalization. If it survives, then credit the silent mind. If it dies, recognize the failure of the paleolithic mind in a technocentric century.

Boingo - how to run a business - into the ground

Boingo teaches us that great wealth brings great ... stupidity?

Our local airport has outsourced their wireless services to Boingo. Fair enough, I thought, I'll just get an $8 day pass. I've done that with T-mobile and they have a reasonable approach. Enter a credit card number, get access.

So, I click and wait, and wait, finally the service responds. It tries twice to sign me up for a 3 month pass, but I'm trying to keep this simple. I don't want a relationship with Boingo, I want net access.

Ok, I finally get to the day pass. Now sign up requires an email address (so they can send me spam) and an username and password. I guess they really do want a relationship.

I give 'em my spam address (only spam goes there, occasionally I retrieve product trial keys from it) and my usual username. It's in use. I probably signed up once before. Ok, I'll try another. It's in use too. This is getting annoying. I start using scatological usernames, like "idiots" and "stupidboingo" and, finally, fckboingo. In use. All of them. Including the last.

Boingo clearly has a less than delighted customer base.

I give up. Is Boingo some sort of evil psychology experiment? A Scientologist [1] plot to activate deeply buried engrams? More proof that there's no sense to where money flows? Or all of the above ...

[1] Boingo's CEO, Sky Dayton, is a prominent Scientologist.

Wednesday, June 20, 2007

Fraud and Globalization: Toy Story III

The NYT has 3 related globalization and fraud stories in their top 25 list today, and they are 1,2,3 in the business section rankings:
This is, of course, really a story about fraud. Buyers think they're buying one thing (safe toys), but they get another.

Some useful quotes:
China manufactured every one of the 24 kinds of toys recalled for safety reasons in the United States so far this year, including the enormously popular Thomas & Friends wooden train sets, a record that is causing alarm among consumer advocates, parents and regulators...

...Scott J. Wolfson, a second Consumer Product Safety Commission spokesman, would not say how long ago RC2 discovered the problem or when it first reported it to federal authorities.

In the last two years, the staff of the consumer product commission has been cut by more than 10 percent, leaving fewer regulators to monitor the safety of the growing flood of imports.

Some consumer advocates say that such staff cuts under the Bush administration have made the commission a lax regulator. The commission, for example, acknowledged in a recent budget document that “because of resource limitations,” it was planning next year to curtail its efforts aimed at preventing children from drowning in swimming pools and bathtubs. ..

and

... Over the last two decades or so, American companies have generally followed a two-pronged outsourcing strategy. First, the companies have tried to move as much of their manufacturing as possible to places where wages are just a fraction of what they are here. Second, the companies have distanced themselves from their overseas production. They usually don’t own the factories and refuse to say much about them.

The current issue of The Atlantic Monthly has a fascinating cover article by James Fallows taking readers on a tour of Shenzhen, a southeastern city of eight million people (stunningly, up from just 80,000 a generation ago) that isn’t far from the factories that make the Thomas trains. Many of the world’s best-known companies — like a company that Mr. Fallows describes as a “very famous” American retailer — get products from Shenzhen. But he didn’t get permission to connect any of the individual factories in his article with a specific brand.

“In decades of reporting on military matters, I have rarely encountered people as concerned about keeping secrets as the buyers and suppliers who meet in Shenzhen and similar cities,” he wrote.

This secrecy brings a number of advantages. It keeps competitors from finding out tricks of the trade. It keeps consumers from discovering that their $100 brand-name shirt comes from the same assembly line as a $40 generic version. And it prevents activists from criticizing a company for the working conditions in a factory where its products are made. The companies get the cost advantages of outsourcing without the publicity disadvantages.

In the days since the Thomas recall was announced, the company that owns the Thomas brand, HIT Entertainment, has stuck to this script. HIT is an English company that holds the rights to a number of popular characters, including Barney and Bob the Builder, and then licenses the toy manufacturing to companies like RC2.

Except for a small link on the Thomas Web site to RC2’s recall announcement, HIT has otherwise acted as if it has nothing to do with the situation. Its executives haven’t even said that they regret having been promoting toys with lead paint in them. They haven’t said anything publicly.

When I suggested to the company’s public relations agency, Bender/Helper Impact, that this might not be the smartest approach, the agency e-mailed me a two-sentence unsigned statement. It said that HIT appreciated the concerns of its customers and was working with RC2 on the recall, but that the recall was “clearly RC2’s responsibility.”

In effect, HIT has outsourced Thomas’s image, one of its most valuable assets, to RC2. And RC2 has offered a case study of how not to deal with a crisis, which is all the more amazing when you consider that the company also makes toys for giants like Disney, Nickelodeon and Sesame Street.

When it first announced the recall, RC2 said that its customers would have to cover shipping costs to mail back the trains. It reversed that decision after parents reacted angrily, but it is still going to wait about two months to send the postage refunds. Why? “Because finance is in another building,” as one customer service employee on RC2’s toll-free hotline told me.

Most important of all, the company hasn’t yet explained how the lead got into the trains or what it’s doing to avoid a repeat. Like their counterparts at HIT, the RC2 executives have stayed silent...
There's not much new in either story. The last ends with a feeble hope that consumers will "punish" companies with unsafe products. They could do this, for example, by not buying toys. Gee, maybe that would work food and medicine too. If we stop buying food, toys and medicine maybe things will get better ...

I don't have that much faith in our overwhelmed populace. I have much more faith in the hunger of our lawyers. If they can find a way to sue the British based HIT Entertainment then we might see some changes. Alternatively, they can in future sue Walmart (for example) for selling items that any reasonable person would expect to be unsafe. If Walmart starts to worry about being sued, I'm reasonably sure toys from China will become much safer ...

Tuesday, June 19, 2007

Battle of the titans: Google, Microsoft and drawing on your screen

This is fun to watch, albeit scary. The frozen world of vector graphics (you know - maps, drawings, presentations), the long neglected alternative to bandwidth sucking 19th century raster graphics, is warming up. Is there any future for Adobe, or will they throw themselves into Google's arms? Can Apple "punch about its height" and somehow swing the market away from the dark shadows of Silverlight? Will Google pluck the long neglected W3C "structured vector graphics" from the grave?

The next few months may tell the story ...

The 36 (+10) classic mistakes of software development

This list is frighteningly familiar. I'm posting it so I can read it daily ...
Coding Horror: Escaping From Gilligan's Island

Which is why you should have every single one of the 36 classic mistakes outlined in McConnell's Rapid Development committed to memory by now....

... Making mistakes is inevitable, but repeating the same ones over and over doesn't have to be. You should endeavor to make all-new, spectacular, never-seen-before mistakes. To that end, Steve McConnell highlighted a few new classic mistakes in his blog that he's about to add to the canon, 10 years later:

Monday, June 18, 2007

Google.org - its mission

I feel this nagging obligation to try to save humans from themselves. Really, it's a nuisance; with the notable exception of my extended family and friends humans are not even a particularly attractive species. Anyway I'm stuck with it, but since I have no power this could get frustrating ... except that Google has it covered:
Google.org - mission
  1. Global Development: develop scalable, sustainable solutions to poverty by focusing on economic growth in the private sector and improving access to information and services for the poor.
  2. Global Public Health: enable the world to better predict, prevent and eradicate communicable diseases through better access to and use of information.
  3. Climate Change: mitigate the effect of climate change on the poor by reducing greenhouse gas emissions, improving energy efficiency, and supporting clean energy sources.
Thanks Google. Now how about world peace?

Lessons for the iPhone from browsing with an old version of Internet Explorer

Have you ever refreshed an old machine with XP? It's a very tedious process. You do the install, then hours of repeated updates to get the machine to a semi-modern state.

In the midst of all this tedium you may need to fetch some code from the net.The reasonable way to do this is to download and install Firefox and use that. The suicidal approach is to skip both the five minute Firefox install AND the 12 hour Windows update process, and browse to a slightly shady web site to download something using an antique copy of Internet Explorer.

Jeff Atwood, who definitely knows better, decided on impulse to use an non-updated version of IE to fetch some code. Essentially, he figured the risk of infection was low enough for a non-critical system to justify saving five minutes. He was wrong, one of the sites he used turned out to be far sleazier than he'd imagined. His misadventures led to a good essay, so it wasn't a total loss. It's dramatic story of how quickly an old version of IE will be compromised when exposed to the wild*, but within it there's one sentence in particular I'll comment on (italics).

Coding Horror: How to Clean Up a Windows Spyware Infestation

... it's a wonder people don't just give up on computing altogether. Once the door is open, it seems the entire neighborhood of malware, spyware, and adware vendors take up residence in your machine. There should be a special circle of hell reserved for companies who make money doing this to people.

At first, I was mad at myself for letting this happen. I should know better, and I do know better. Then I channeled that anger into action: this is my machine, and I'll be damned if I will stand for any slimy, unwanted malware, adware, or spyware that takes up residence on it. I resolved to clean up my own machine and fix the mess I made. It's easier than you might think, and I'll show you exactly how I did it...

As Jeff probably knows, there's no "wonder" here because, in reality, people do "give up on computing altogether". They may still have a computer, but they don't use it very much because it's so unstable and unresponsive. Eventually it gathers dust.

The only reason my mother's computer still runs and works, despite having not been patched in the past six months ** is that she's running OS X and browsing with Safari. She's not a significant target and she mostly browses a few major news and weather sites. For most people in her situation, the computer just stops working and they don't go back.

Which may, despite all the conspiracy theories, be the real reason the iPhone is a closed system. In other words, Jobs was almost telling the truth (shocking, I know). Apple wants a closed iPhone not because a phone is a particularly bad thing to hack (though it may be), but because Apple is trying to produce a computing platform that will be relatively reliable for the average user.

--

* Web stories on old systems dying within minutes of net exposure are mostly baloney -- almost no-one every runs a PC with a direct IP connection. We all have NAT redirectors and de facto firewalls, even many users aren't aware they exist.

** I don't want her to deal with the patch process, and remote control and maintenance solutions for OS X have not been nearly good enough to be worth my using them. I've been betting we could get buy with my maintaining the system every 6 months or so, and that's been working well.

Update 6/25: Coding Horror (Jeff Atwood) wrote a f/u piece quoting a security expert, Adam McNeill, who analyzed how the attack occurred. Here's an excerpt:
...GameCopyWorld displays a "Find Your Love at Bride.Ru" advertisement. That advertisement "refers" to linktarget.com in order to display an advertisement for the DVD software produced by Slysoft.com. That advertisement "refers" to 39m.net which in turn creates an [iframe] to buyhitscheap.com. Buyhitscheap.com in turn calls fkdomain.info who attempts to deliver a series of exploits to a users system in hopes of installing a trojan dropper. The fkdomain.info site attempts to exploit the following...
It's interesting to imagine the reaction of someone from 1994 reading that summary. The emergent sophistication of a modern security attack is fascinating and reminiscent of how prison exploits evolve. Atwood, who I think has been guilty of previously deprecating the importance of running as a non-administrator admits that a non-admin user would not have been vulnerable. He manages not to mention that OS X defaults users to non-admin status and it works very well (except for a few Adobe applications, which is a good reason not to buy them).

Stop electing judges

The numbers are looking bad: The Best Judges Business Can Buy - New York Times. We can only fight corruption on so many fronts at once, popular election of judges simply opens another front. Let's concentrate on reducing corruption in the state legislature and return to a system of appointing judges.

Yes, we could move to public financing of judicial elections, but why only for judges?

In any case, I am rarely able to find any useful information to guide my judicial votes. I end up simply voting the MN DFL party line, so the whole process is a waste.