419 closure upsets Reg reader

Letters: Let's kick off with a 419 letter. We reported on the closure of the online front of a UK-based 419 advance fee fraud gang, following our investigation of a scam recently run by the group.

Not everyone was happy to see them go:

'Tis a shame sites like this have to be shut down... surely it is perfect justice that anyone stupid enough to be so wreckless with their money, or greedy/shady enough to accept these deals that, even if they WERE to be genuine, are patently illegal, should be ripped off like they so rightly have.

It amazes me that people have the patience to read through their maybe 100+ spam emails a day to find this gem and THEN get in contact with them to make some illegal money. Maybe it is time for some state funded tattoo to be issued to these people that have no regard for their money, letting the world know how lacking these people are in common sense; something along the lines of "Please, please, take all my money" or "I lost my money to a pyramid scheme" would be appropriate, so that people will be able to spot these gullible people more easily.

Thanks for your time...

The Drummer Boy

Next up, the most recent holes in IE seemed to have precipitated a mass defection to alternative browsers, such as Mozilla.

Lies, damned lies and statistics, you said:

DOOMED! MSFT BELL HAS TOLLED! LOSING JUST OVER 1% OF THE FREE SOFTWARE 'MARKET'. alt.microsoft.internetexplorer.die.die.die

I can't believe this was newsworthy, yet I found 20+ similar articles on uber-geek news sites.. It's like reporting clubs having noticed less people taking Durex brand condoms from the freebie basket.

Rick

It's well known that gathering accurate browser statistics is impossible - this page gives a fairly good summary and links to further reading.

That document mainly covers counting hits - when one gets into user-agent string spoofing, the false assumption that more hits from a browser necessarily means more users for that browser, the false assumption that sites 'optimised' for IE won't get a disproportionate amount of IE views, etc. it gets incredibly difficult to make any valid guesses about *browser* *usage*.

And then there's the problem that the web-bug/javascript based statistics collectors (which places like WebSideStory use) pass over browsers like lynx, w3m (which I'm using to read the Reg just now) and links (and for that matter people on dialup with image loading disabled and JS off, people with privacy-enhancing proxies, etc) completely.

Add all this up and the inaccuracy in browser usage statistics is huge. Anyone claiming *two decimal place* accuracy on their browser usage statistics is, at best, completely unaware of the inherent problems with web statistics, and at worst 'exaggerating' their product's capabilities in order to sell to the gullible.

This site gives another set of browser statistics; note that their combined IE5/IE6 figure has been falling consistently since the start of the year, and that their IE5/IE6 combined figure is in the 80-85% range rather than the 95% range. This gives some idea about the accuracy of these statistics.

I don't particularly trust either source to give accurate statistics (even so far as that's possible) but when their inaccurate statistics are about 15% different on IE, 10% on Netscape/Mozilla, and so on, it does give an idea of just how unreliable they really are.

A 1% change in a figure that's got a 20% margin of error is just statistical noise - please don't legitimise the snake-oil of "accurate browser statistics" by reporting them as if you believe them.

SMS Spam is a growing problem, and one particularly close to our intrepid John Leyden's heart. This week, in a splendid multi-platform spamming effort, a spammer mass-mailed an advertisement offering his expertise as an SMS broadcaster.

re your post on SMS spam.

I have worked in the UK SMS space for over 3 years and just moved to the US. The scary thing is if you know what you are doing, a copy of the Lerg database ($39 a month - contains the mI have worked in the UK SMS space for over 3 years and just moved to the US. The scary thing is if you know what you are doing, a copy of the Lerg database ($39 a month - contains the mobile numbers) some clever code and a few trips to a cybercafe would do it! - SMTP > SMS will be turned off soon - I hope it happens as it will open up the US to some real SMS applications and stop the spam that the operators have open themselves up to.mobile numbers) some clever code and a few trips to a cybercafe would do it! - SMTP > SMS will be turned off soon –

To be honest I hope it happens as it will be the only way SMTP paths get turned off and real SMS applications which we have in Europe can happen. Spam hurts our industry and the consumer! – so finding ways to stop it are needed and in the US its not going to be much longer before they have some huge issues.

Paul

A BBC techie writes to correct the impression that people are unhappy about being sold to Siemens:

I just wanted to point out that in relation to the bbc strike story. It's not really representative to say that BBC Technology staff are unhappy. I work for BBC Technology (and am not a member of the union) and have so far not met anyone who is unhappy about the fact that Siemens have been appointed. Mostly people are relieved that it wasn't Accenture.

We get a lot of negative press from BECTU regarding the sale and I think it should be noted that 25% of BBCT staff are members and only 83% of those voted in favour of industrial action.

Speaking for myself and most of the people I know we are relatively happy.

Name supplied

Accessibility was back on the agenda this week, courtesy of PDF files:

I just read your article about tagging PDF files so that blind people can access them. The article was very relevant to me because we (Ecru) recently rebuilt the Crown Prosecution Service website, and part of the project was to republish a vast number of PDF files in accessible HTML format. In our 12 week project we republished over 1 million words, and in the process made the content of the website accessible by an estimated 5 million more people in the UK. The original PDF docs were a nightmare because the content was often not saved linearly. This means that when a screen reader goes through the document it reads it in the wrong order, which is, to say the least, confusing. I wonder whether this online system will resolve this issue... it seems unlikely as it's probably a case of junk in, junk out.

Best regards,

Matt

Writing about bugs in software in front of Reg readers is akin to waving an annoying bit of cloth in front a boy cow:

Sigh. It is ironic that the financial and management control types, who will insist that their sphere of influence (financial and contractual) is controlled rigidly with procedures, plans and approvals, are the first to demand the short-circuiting of any sane development process in the field they don't understand - software engineering.

The way that most development teams are forced to deliver software is akin to administering the purchasing or expense systems by having a large bucket labelled "money - please take some".

Hayden

You write:

> The first bug was a small insect caught in an early 1940s computer.

Sigh. No it wasn't.

Look here.

Hello,

In your article you ask why such rate of defects in software is tolerated, while in other industries it would be intolerabe, I think I'll throw in my two cents:

From MS Win2k EULA:

"LIMITED WARRANTY. Manufacturer warrants that (a) the SOFTWARE will perform substantially in accordance with the accompanying written materials for a period of ninety (90) days from the date of receipt..."

The key here is "substantially", which in my understanding means "I can have as many bugs I can get away with", or that the advertised functions may be there, but they're not obliged to tell that these functions work only under a very strict set of circunstances.

Also from W2K EULA: NO LIABILITY FOR CONSEQUENTIAL DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL MANUFACTURER OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING WITHOUT LIMITATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR INDIRECT DAMAGES FOR PERSONAL INJURY, LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OF OR INABILITY TO USE THIS PRODUCT, EVEN IF MANUFACTURER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, MANUFACTURER'S AND ITS SUPPLIERS' ENTIRE LIABILITY UNDER ANY PROVISION OF THIS AGREEMENT SHALL BE LIMITED TO THE AMOUNT ACTUALLY PAID BY YOU FOR THE SOFTWARE AND/OR MICROSOFT HARDWARE. BECAUSE SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU.

Meaning that if you want to be indemnified, you better be prepared to go to court with MS. Not a pretty picture, even if you're, say, the U.S. Department of Justice.

And virtually all SOHO and small business softwares have clauses like that.

Sorry for the long quotes.

Thanks for your time,

Ricardo Costa

I found the 'Building Bugs...' article to be very gratifying to read. In my 20 years in IT I have spent most of my time as a system administrator. In the beginning I was also a database developer. Somewhere in the middle I spent a short stint in SQA for a huge computer company that no longer exists. I found the SQA work to be the most frustrating. I'd find bugs and the program manager would tell me to close the report without addressing the issue. The SQA department did a study that showed that code review during the development process would both reduce mistakes and speed development. The code review process was never implemented. Working in SQA made me sick. The SQA function was just a paper tiger so that anyone looking at the project organisation chart would see that there were about twelve SQA people working on the project. However our SQA manager was weak and the VP of the business unit only cared about the ship date of the product.

Kevin

Patents and Open Source are just as provocative:

"Microsoft, for example, has patented the double-click. Is there any prior art? Who knows?"

Actually it was for different actions based on the length of time the button is held down for. Prior art is the ATX standard that has a single-press for reset and an extended press for power off on pretty much every PC made in the last five years.

In terms of 'double-click', you'd really have to go back to the history of the mouse. Plenty of prior art there, most notably in terms of Apple's single button rodents.

I think it's quite interesting that the USPTO is completely failing to find prior art. Do they have a department that actually looks?

James

Hi, I only have to say one thing. Analyze the claims on a patent instead of just reading the tittle. The scope of a patent is given by its claims and not by its title or specification. I can have a patent titled "A method of transfer information between two parties", but actually my main claims teaches "A method for comunication between at least two persons comprising at least one empty can on one end of a string and at least another empty can on the other end of the string, being said string made of wool" . Think about it ;)

Ladislao

You state that software threats are a threat to open source development. While this is correct, you are only telling part of the story. Software patents are a threat to all software development and threaten to stifle innovation because of legal fears based on patents that a too general and an understaffed patent office that does not have the resources to review the patent for originality and against cases of prior art. Although large commercial developers are better able to defend against such baseless lawsuits, this does not fix the problem of a broken patent system.

William

Thanks for writing the article today on submarine patents. I have to say that, having just started a search engine which I'm hoping to build up in popularity and which I eventually hope to make some income from, my greatest fear is that I'm going to get a letter one day from a (big) company (or another search engine) telling me that I've infringed some spurious patent of theirs and they're going to sue me to the edge of hell if I don't either pay up or take the site offline... then it would just be years of good ideas and hard work down the drain in one fell swoop - there wouldn't be any way I could afford to fight it.

The same thing's happening all across Europe. People on their own or in small companies are becoming afraid to innovate because any good idea they have will just be bulldozered by a big company and there's no way they will be able to stand up to it.

What can we do about it? I've seen various sites about it, but when I read things like the FFII's patent horror gallery I'm not sure anyone can stand in the way of these guys...

Thanks again for writing the article.

Best wishes,

Sam Critchley

An architect writes:

Dear Sir, I read with interest your article entitled "Strategy Boutiques invade Japan" (9th July 2004).

Being an architect by profession, I use colours almost every day in my work. Thus it has occured to me that I might have a Digital Rights Management issue with Eudyna's new logo. They have probably taken a trademark on their "Eudyna Red"; a quick check showed that Eudyna Red is RGB 241,0,0 (HTML #F10000).

Should I now advise my clients not to use this colour as they or I may be liable for copyright violation? What are the 'fair use' terms for this colour? To whom do I pay royalites, if any? How are Eudyna, or their lawyers, going to enforce DRM on this colour?

Perhaps Eudyna could develop some sort of DRM-infected glasses that people can wear, so that only those people who have paid their licence fees can see Eudyna Red.

Hmm, I think I might have just found a nice little earner there... I am just going to run down to the Trademark Office and take out a trademark on what I shall call 'My Luxury Sports Car Red' - RGB 255,255,255 (HTML#FFFFFF). </p?

Don't worry, I'll give The Reg a split of the profit! Keep up the good work!

regards, Adrian Esdaile

Readers pour scorn on the efforts of the insurance email bomber:

5 million emails over 3 days... hardly a tsunami of email for a large corporate. If their website went down because of this 'flood' of email I'd be asking serious questions as to the competency of their sysadmins & architects myself...

Heck, if it caused their email system to do more than have an increase in transit time because of something as small as this, I'd be up at their office demanding an explanation if it was my money funding them...

Hamish

We even had letters about the content of last Friday's letters bag:

Firstly, the remarks made by a radar specialist about the RAF Tornado downed by a Patriot missile drew comment:

Although discussion forums such as this should be open to contributions from all points of view, this does not eliminate all editorial responsibility on the behalf of El Reg when reproducing such material. In particular, the contribution from "anon" concerning the Patriot blue-on-blue should not have been baldly reproduced without comment.

The MoD report (linked in the original article) states that the IFF had been tested before take off, and that subsequent examination of the wreckage shows that it had been turned on at the time the Tornada was shot down. The two possibilities are that the IFF had failed during the flight without the crew being aware, or that the Patriot system had not interrogated (or responded to) the IFF correctly.

To accuse those who died of suicidal stupidity is intellectually lazy, arrogant, and a grave insult to bereaved. Having made such a superb effort to piss off the entire population of the Arab world, I guess that you (anon) are seeking to extend this to the Brits. (BTW, criticising Patriot is not unpatriotic)

Mark

And a few proof readers had advice for one correspondent:

You expressed difficulty in parsing the following excerpt from a letter from Tony:

"The website indicates the current employees are barely literate, the grammar and spelling is awful. I hate the idea of outsourcing, but when people who work in an IT department can't use a spell checker I don't blame Swansea for getting rid."

My theory is that Tony simply failed to properly capitalize the final word in the quote and that he was actually referring to the following fine product:

http://www.ridlice.com/

Perhaps the good people of Swansea, seeking an alternative to manual nitpicking, have escalated to chemical warfare in their efforts to dispatch the nits from the IT staff's website.

Regards, Ed

"Tony" wrote:

>The website indicates the current employees are barely literate, the grammar and spelling is awful.

That should be "are awful" due to the compound subject.

Pete

And that, dear readers, seems as good a point as any to sign off for today. Keep 'em coming. ®