Tech Week in Review

Grammar gripes, portability, Windows worms, and random ruminations

Starting off this week is a gripe. I apologize in advance for griping first-off, but this has to be aired out sometime, and it's likely something I'll harp on occasionally in the future, so be forewarned.

Its Bad Grammar

Why can't people who publish "journalistic" news-style sites spell or use proper grammar? Most folks on the Mac web are pretty blameless here, but I'm thinking particularly of The Mac Mind in this case. I got pulled in reading a story about franchising the Apple Store, which is an excellent and provocative article. However, the copy editor at The Mac Mind appears to be on permanent vacation. It's a particular pet peeve of mine when people insert apostrophes in words that don't need them or leave them out of words that do. At times, it seems that half the folks in this country don't know the difference between "it's" and "its," and people seem to think "its'" (that's I-T-S-apostrophe) is a word.

Short grammar lesson: "It's" is not possessive. It is a contraction for "it is," and nothing more. "Its" is the correct possessive form. "Its'" simply doesn't exist, unless you're talking about something possessed by an entity called "Its," in which case it should always be capitalized. There are other awkward parts in the article, but as I said, the message is pretty clear.

The problem that this is a Web site that has (or at least tries to project) an air of journalistic conscience about itself, as do many sites on the WWW. Bill Walsh, webmaster of The Slot, would certainly agree that this sort of stuff needs to be curtailed to the extent possible, and if that means you take the extra five minutes to proof your article before uploading or submitting it, please take the time to do so. It makes your work look so much more professional.

(Just so this isn't seen as an attack solely on The Mac Mind, which is not what I intended, think of it as constructive criticism. There was a very blatant error on earlier this week where a headline, of all things, referred to "the freshmen class." Oops.)


Moving right along... There's an interesting story on osOpinion about the iMac and where its place is in the "digital hub" lifestyle that Steve Jobs is now touting as The Next Big Thing™. I love my laptop, and I wouldn't ever buy another desktop but for two things: price (smaller usually costs more, significantly so in the case of equal performance) and the fact that laptops have a tendency, as Eric Schwarz recently noted, to grow legs and walk off when you're not looking. I dunno about you, but the idea of someone walking off with the hub of my "digital lifestyle" isn't too appealing.

SirCam Worm Spam

Next on my list is another gripe, but not at anyone specifically. No, this time I'm complaining about all these peecee users who are so clueless that not only do they open suspect attachments from people they may or may not know, but they do this twenty-five times in 14 hours. Yes, you heard me right. The SirCam worm is a nasty little piece of software, and it's understandable that someone might accidentally open one infected attachment — but over 20 of them?

[Name withheld to protect the ignorant] seems to think anyone who sends him an attachment has nothing but the best of intentions, but it got so bad (8 MB worth of completely unexpected attachments to my email address in under 14 hours, all downloaded on a 56K line) that I contacted my server admin with a desperate request to block his return address and IP from our mail server. Not only that, but only three of the messages were properly encoded, which, as anyone using Eudora knows, requires that the message be downloaded again in raw format to get it off the server. I telnetted in and did it manually to save myself the extra hour, but boy was I annoyed last night. I'll be having a talk with the guilty party when we return to school in the fall.

SirCam is an evil piece of code written, no doubt, by some disgruntled, laid-off tech industry worker, but its most insidious feature is that it attaches a random file from the user's hard disk to each and every email it sends out. My understanding is it works something like this:

  1. User opens infected attachment.
  2. SirCam chooses a random file from the user's "My Documents" folder.
  3. SirCam sends this file with a new file extension such as .pif, .lnk, .com, etc. to everyone in the unsuspecting user's address book, including a copy of itself "for convenience."
  4. Rinse and repeat for each subsequent infected attachment and clueless user.

So anyway, I had seen a few SirCam copies over the past couple of weeks, but nothing too bad until the guy from school. The funniest one, however, came the night before, on Tuesday night, from "Johnny User" (name changed to protect the innocent). Good 'ol Johnny dutifully opened up his infected attachment (no doubt appearing to have come from a buddy who had Johnny in his address book) and the worm chose its random file. What file? "Johnny User's Passwords.xls." Opened it up with a text editor and bingo! I had passwords for about 30 Web sites, his wife's driver's license number, his wife's 401(k) PIN number, and scads of other personal information. Oops.

The first lesson to be learned here is that you never ever open unsolicited attachments unless they are from someone you explicitly trust and someone who knows better than to pass on viruses (or who wouldn't do it for fun, as I'm sure some of my friends would just to cause trouble). The second lesson to be learned is that you never, and I mean never, leave any personal information unencrypted on your hard disk. There are plenty of free encryption programs out there that will easily defeat all casual snoops and almost all but the most-determined of hackers, and if you get something like PGP, your files are essentially unbreakable. (The third and obvious lesson, of course, is never allow anyone to buy a Windoze-based peecee because it's THOSE people who cause junk like this to propagate.)

Code Red Goes Bust

Now for another worm musing: Code Red was a bit of a bust, but not as much of a bust as some people were saying it would be. The following sequence of events simply astounds me:

Two things strike me as very shocking: one, that Microsoft took nearly six weeks to write a patch for IIS with as many programmers as they have, and two, that there were still well over 100,000 (maybe as many as 300,000) infected hosts this time around. You know, because all these people administering IIS servers are hiding under rocks and not reading security bulletins.

Hello, McFly! If you're a server admin, reading security bulletins is your job. These folks had two weeks' notice to fix things and what did they do? At least 100,000 of them with vulnerable hosts did nothing and simply let the worm propagate once more.

Maybe it's all these casual-user-type folks running unsecured NT boxen on DSL and cable connections or something. Some people have brought up an idea in the past that I'm more and more inclined to agree with: You need a license to operate a motorcycle. You need a license to drive a car. You need proper training to use heavy equipment. What about a license to operate a server on the Internet? You know, if you're running *nix or Windoze, you have to show that you have the ability to close open mail relays, install patches that prevent your box being used for a DDoS attack, that kind of thing. Or just buy a Mac, get Quid Pro Quo or MacHTTP, and you're worry-free, since the worst thing someone can do to either of those is pretty much just hang the server.

Check out these two sites for where I'm getting the above statistics on the Code Red infections:

Excellent Tech Writing

On to some more positive news now. Philip Machanick and Del Miller over at Mac Opinion deserve kudos for their recent excellent and easily comprehensible articles on CPU design. It takes a bit of a gift with technical terms to make threading, pipelines, caches, and other aspects of CPU architecture comprehensible to the average Joe, but Philip and Del have done a remarkable job. If you're wondering what exactly Jon Rubenstein meant by his Megahertz Myth presentation at Macworld New York, check out their articles.

Random Reflections

On a related note, from the "Apple-even-has-spies-on-Low-End-Mac" department.

Sometime around the end of March, I was trying to come up with column ideas when I hit on one about what I termed the "Megahertz Myth." It was to be a column about why MHz as a measure of a CPU's power was silly and what alternative benchmarks could be used. It was never published and was mentioned a couple of times on our staff writers list, but the article sort of died in development because I couldn't find any MIPS numbers for Intel and AMD hardware. (I'd still be interested in doing the column if someone can point me to MIPS ratings for the Pentium II and higher.) Four months later, Apple used my title at Macworld (cue spooky music).

On another related note, from the "Gee-that-really-sounds-like-a-conspiracy-to-me" department.

About five years ago, when Apple was in the middle of plans for Copland and then Rhapsody and all that mess, somebody asked what Apple ought to name their next Mac OS. This was right about the time that it became widely known Mac OS 8 and 9 were going to be the end of the Mac OS as we knew it, and after that it was going to change. I made a quick mockup of a retail box for a product called "OS X," with a big X as the central design element. I have since lost the mockup, and I used different colors from what Apple is using now, but the box I came up with looked a heckuva lot like what OS X is shipping in now. Think maybe I have a lawsuit?

Guess that's about it for this week. I'm hoping to make this a regular Friday publication, kinda like a pre-weekend wrap-up of everything I think is notable. Let me know what you think of the new format and what you'd like to see changed. I'm already planning fewer gripes for next week.

copyright ©2000-2004 by Chris Lawson