I want to redesign my website, just for the heck of it.
But isn’t this a sign of Internet Addiction?
I should be writing stuff instead.
My work place was just one of the many sites hit this Thursday by the
“ILOVEYOU” virus.
Contrary to what you may hear, the virus doesn’t really depend on
a specific security flaw in Outlook (except for how easy it is to use it
from an external program to send mail). It doesn’t run when you read the
infected e-mail. It will run once you open (double click) the attachment.
And once you’ve done that,
it doesn’t really matter what mail client you’re using. If the
attachement is a program or a script with an associated interpreter,
it will run.
The point here isn’t the insecurity of a mail client, it’s the
vulnerability of the typical high-tech work place: Everyone running
the same platform (windows), with the same e-mail client (Outlook)
open. Everyone has updated Microsoft products with WScript.exe, and
the whole thing has a permenant connection to the internet.
And as far as opening attachements goes, the work place is the worst offender, with
everyone’s pals sending them kewl pics, animations, screen savers
and whatever. It’s part of the culture there.
It’s Bangkok without condoms, and any high schooler
can cut and paste together a new HIV strain in the span of a lazy afternoon.
ILOVEYOU is a pretty lazy hack, done by a bored high-schooler.
It looks like something put together by someone with little programming
skill from some windows scripting host code samples.
And it burned through my workplace like a brushfire.
If there’s someone who is left looking stupid after this virus it’s
Anitvirus software manufacturers. Their software is still looking
for boot-sector parasites written by smart assembler hackers, but
these are going extinct alongside the floppy disk. Programs that rely on lists of known viruses look ridicilous when the current
windows monoculture let’s script kiddies write killer worms in 10 minutes.
Maybe its time Microsoft started taking security seriously.
When every cell around has the same DNA, new kinds of viruses thrive,
and these drive the development of new solutions. Really big
multi-cellular bodies have immune systems to protect themselves,
which are quite different (and several orders of magnitude more
sophisticated) than the “anti-virus software” single-celled organisms
have.
Maybe Microsoft should get into
the anti-virus business
The existance of MS created hundreds of niches where other software companies thrive.
Once in a while, MS go after one
of these niches and crush their competition like bugs. Once it was
the FAX software people, another time it was people working on 3D
software APIs, and most noticably it was Netscape’s browser niche.
Having MS eat up the anti-virus business will be a development
most users would cheer.
Breaking up Microsoft is brain-surgery with chainsaws, used to
remedy a mental health issue. But MS have been in denial about
an obvious problem. By having their software everywhere, making all
the pieces play nice together, enabling automation, etc. they’ve
done some remarkable things. But they did this while ignoring
the core problem of security. It is time for them to realize the
fundemental problem and do something about it.
I don’t think MS can get around the problem of Security (“developing an immune system”)
with a white paper or “security update”. They can’t just whip up
a security-concious version of WScript.exe, cmd.exe and their other
general interpreters without breaking lots of stuff everywhere, and
they probably aren’t going to really address the problems of users
running unsafe content in any forseeable version of Windows.
How about instead of breaking up MSoft, the US government passes a regulation specifying that no more than 50% of the desktops in any
work place may run an OS from the same manufacturer? There are
stupider regulations, and this will at least hinder the spreading
of viruses a bit, so it’s a bit of a safety regulation. (I say from
the same manufacturer to catch the smart alec who thinks that NT
& Win98 are different OSes – “we play both kinds of music, Country
AND Western”…)
-
This will break the MS monopoly, which is based on business sales.
It won’t actually damage the company, but it will force it to
deliver solutions for hetrogeneous environments. -
Web applications and cross-platform browsers (like the one made by
whatstheirname) will get a big boost out of this. -
People will stop sending Word and Powerpoint attachments (or stupider
things; a publisher I know, a Mac-only shop, once received a logo from
a client as an image file embedded in a Word document…).
Categories
Mozilla Rant & Manila UI
Some new features in EditThisPage, like an HTML text edit box
that works only in IE, but seems like pure JavaScript.
Cool.
Except that it doesn’t seem to support the most simple HTML element
I always find myself typing, the P tag.
Like This.
Oh, it lets you put in paragraphes, under the “Alignment…” menu.
Anyway, one feature Manilla doesn’t have is easily changing a story into the Front Page. Or seeing where the Front Page went to when
you change it.
So Here’s a link to my Mozilla Rant.
Categories
Mozilla Rant
Mozilla is not a browser, it’s a webpage.
Sorta.
Way back when Mozilla first went Open Source, Dave Winer’s reaction was negative. His take was “Netscape doesn’t get it”. He said that Netscape was forgetting their “core following”, the web developers, who would not care to hack C++ code.
Well, the Mozilla people sure got it. Because everything they have done in the last two years of development can be seen as basically a reaction to Dave’s comment.
They took the browser and turned it inside out. They scrapped everything, all the platform-specific, MFC/Motif/MetroWorks framework stuff, all the spaghetti HTML rendering code with its special cases for each new feature added since HTML 2.0. They build a completely new rendering engine with a highly modular design that would make any C++ programmer proud and happy, and then they invested an enormous amount of work to ensure that this engine would be used for everything.
Because they wanted to bring in the Web Developers.
Cameron Barrett is the showcase here. He’s not a C++ hacker (maybe he is on the weekends, I don’t know enough about him to tell); He’s a web designer, who fiddles with HTML and similar mark-up languages,
with JavaScript, with CSS, and with PhotoShop. And what he’s built
isn’t what the general public considers a “skin” (i.e. a bitmapped
texture layered over an unchanged UI), it’s a proper GUI, with
customized functionality (limited, I might add, but he’s only worked on it for a month). Like all the other Mozilla applications,
it’s a Web App, something you would once run in a webpage. Except that Mozilla provides web developers with UI widgets and UI logic at
a much higher level then plain old DHTML gave them.
Following Dave’s advice, Netscape/Mozilla engineers have spent considerable time and effort to allow web developers (and not just programmers) to hack Mozilla.
IBM’s Mozilla BiDi team have posted their first code contributions
sometime on Monday, but I only caught up on the newsgroup today.
(Some weblogger I am…)
There’s a patch on this page:
http://bugzilla.mozilla.org/show_bug.cgi?id=24199
And also a post on the newsgroup (netscape.public.mozilla.i18n).
Mostly, it’s not that interesting, just code to switch the scrollbars on the windows, and a begining of setting up Bidi preferences. The interesting stuff will be an actual bidi rendering engine fiddling with layout. Still, it’s a good excuse to download and recompile Mozilla again (and also to try out my new PC at work…)
Other notable news of the month (duh) is that http://sf-f.org.il is now online with it’s new, Moose / slashdot style interface.
And I spent last weekend getting a cramp in my neck and overhauling the look of the ArmageddonCon site. I was pleased with it Saturday night, and I’m finding more and more flaws as the week shambles along…
I had a dream I was fired and lost my e-mail, which was the most painful aspect of it. I wonder if dotan@softlinkusa.com is still there or not? (It must be, I’m still getting the weekly WebReview mailing; their only “how to unsubscribe” instructions point me to a long-defunct Netscape “Inbox Direct” account…
Thank god for corky.net
P.S: In case anyone is actually reading this (ha!), Bidi is short for Bi-Directional, i.e. writing that contains both Hebrew (or Arabic) sequences, read from right to left, and Latin sequences (English, numbers, whatever), read from left to right. Supporting Bidi properly in any application (especially if you’ve only got one application, not a whole OS + Office suite) is very non-trivial.