Letters Excuse us, but what colour is the sky out there? Is this Earth? Have we stepped through some kind of Stargate-esque parallel universe mirror? The reason we are so confused, is that so many of you have written in in support of Microsoft. Yeah. Really. Mindboggling stuff.

And what did the Beast of Redmond have to do to earn cuddly points from the usually hostile Reg readership? Add security to its operating system:

Erm excuse me, I don't _want_ software integrated with my OS at kernel level. There's plenty of ways to implement a firewall solution without having to resort to doing things at such a low level in the operating system.

Personally I feel all warm and cozy knowing that someone somewhere is doing something to make my choice of OS more secure and less susceptible to malicious activities. I actually welcome the idea that developers should be forced into implementing their solutions using OS-legal methods, maybe we'll see a noticeably reduced bug/problem count in the long run across all software titles.

Craig

Hi John, at the risk of sounding like I agree with M$ on something this seems like it would be the least they could do to make their product safer let the after-market security people do what they have to, their products are nearly always a week late and poorly engineered steaming piles of dung anyway. I have never used an anti-virus that didn't cause more problems than it solved ditto the old anti malware leaving big holes in the registry and killing already (usually) marginal machines requiring a real reinstall almost every time. Normally I am sympathetic to developers of any kind of software but these guys just seem like parasites. --Alan

I would rather not have J-Random AV software installing itself all over my system and hooking into the kernel. It's a major cause of system instability and I uninstalled the ZoneAlarm "security suite" for that reason. I don't like software that keeps running even when I explicitly quit it (ZA has to be uninstalled to really stop working!). I find the fact that all AV companies seem to be really scared of Vista a very good sign.

Nikolaus

Well, maybe not everyone was pro MS:

"rely on Microsoft and only Microsoft for Windows security"

In that case, it's time to change the slogan for Vista from "a breakthrough computing experience" to "a breakthrough hacking experience". Every time I read the words "Microsoft" and "security" without the notion of poor or lacking, I imagine black hats everywhere laughing their heads off. This is going to have them gasping for air for days on end.

Pascal.

I think what they wrote just proves a lot of ignorance on side of the developers at Agnitum. Agnitum is already using undocumented interfaces, undocumented structures - in short: hacker methods. Why are they so resilient to using it in future? Is it because they know they should have gone for the clean solution but did not because of tight deadlines and now realize they are "behind the schedule"?

BTW: Joanna Rutkowska has already announced to present a method to circumvent KPP without rebooting.

Oliver

Is the bell tolling for the big computer shows? Or was that just the sound of a death knell we heard? Either way, seems you lot hate walking around Comdex almost as much as we do:

What you say about IT shows applies to many other exhibitions too. The London Marathon Expo is absolutely enormous. It is miles from any car parking, which is of course quite extortionate at about £3 per hour. (I parked in Geneva for two hours a few weeks ago and it only cost a Euro!).

Anyone fool enough to turn up to it the day before the Marathon and walk around all afternoon buying up some very good offers will suffer the next day. I only went myself as I was requested to help out (next year, the answer will be no). I'd done the sensible thing and registered earlier in the week.

If you look at the size of the Excel centre it's evident that large exhibitions are big business.

Douglas Adams was nearly right. It wasn't shoe shops, it was exhibition centres.

John

That was so good that my legs ached in remembrance of the last few Comdex shows. :-}

The ultimate killer of the shows is really the Internet - that's what added speed to the decline of the major shows. While it isn't quite as 'real' as physically being there, the costs and time involved are orders of magnitude apart, the information is current all year, and access does not require an airplane ticket and travel time.

While I miss the shows in some minor ways, such as outside entertainment, the overall situation is better for everyone except the show outfits. Frankly, I don't feel sorry for their loss as they caused it by milking everything for large profits. Ultimately, greed and technology did them under.

Bill

I hear you. I can't remember the last time I managed to walk around an entire "big" show. Now if I could just find a way to to be seen to exhibit without actually going I'd be delighted! Ah well, back to preparing for IBC, the yearly huge broadcasting show in Amsterdam in September, just as the rain re-starts in earnest.

Cheers, Paul

Diebold and its voting machines make an appearance this week after a long absence. This is because they seem to have pioneered one button hackability. A useful feature, we are sure.

I can see it now: no matter how close the U.S. elections are (or are not) this fall, there will be someone - an "R" or a "D" - contesting the results. While it is the case that even a paper trail can be rigged or tampered with, it remains inexcusable that any voting system implementor would ever even consider designing and deploying a system that cannot bear up to manual scrutiny.

And think of the trees! If we weren't chopping them down to make rolls of receipt tapes and reams of printer/copier paper, they'd be subject to over-crowding, falling over onto each other, and rampant forest fires. Wood is good; the ultimate renewable resource.

-Del from the Pine Tree State, where we still use paper ballots

The process of voting is far too important to automate it. It is not open to public scrutiny, it involves hardware and software that can [and will] be tampered with in any number of ways.

The old-fashioned way is still the best: a piece of paper and a pencil. Just count the ballots with eyeballs attached to juries from all parties. Add them up and make sure you count all the votes. The US was unable to count all the votes, a disgrace if it would happen in a democratic country.

Compulsory voting by all citizens on paper ballots counted by real humans. It costs a bit of time and money but maybe, just maybe, it will prevent the country from going to war, an enterprise not altogether devoid of economic consequences in its own right. The vote is for the people. The sad thing is that they don't seem to understand how incredibly important it is that they actually take the time to go and do it.

Jorge

"...exploiting this shortcoming would require physically opening up the machine and a certain amount of hardware and programming skills, but that's hardly an insurmountable barrier to a sufficiently motivated hacker."

Would you use the same reasoning to suggest that bank vaults are insecure? After all, getting in would require physically opening up the door and a certain amount of hardware and ruthlessness in dealing with the guards, but that's hardly an insurmountable barrier to a sufficiently-motivated robber.

Michael

Another day, another eBay scam:

In light of this news, eBay should have ‘value’ ratings for buying and selling, along with the feedback. It shouldn’t show the amount, but a score based on the value of the goods purchased or sold. It would go some way in giving an indicator of the type of eBayer. This way, scammers would have to buy/sell much more expensive items, leading to higher fees, making it pointless.

Cheers John

One simple way to remove the 1c feedback issue is to weight feedback based on the amount of money exchanged - feedback for a good £1000 purchase is generally worth more (but maybe not linearly more - that's another scam waiting to happen) than a £1 one.

Peter

Counting the true cost of nuclear waste:

"The cost to the taxpayer of storing the waste, both short and long-term, is likely to be around £70bn over the next 40 years."

I wonder if they have factored in the cost of instituting and running a monitoring system for the next 100,000 years or so that it will take the radioactive waste to become safe. We wouldn't want it leaking into groundwater after 10,000 years because the gradual depredations of water corroded the containers and no-one noticed.

Tricky to cost though, I suppose. To get a sense of the time spans we're talking about, consider that 100,000 years ago Britain was buried beneath an ice sheet during (if memory serves) the last but one glacial period and modern human beings hadn't evolved yet.

Devising a storage facility that will be safe for that time period poses one or two technical challenges. Have we considered the geological changes that will be wrought by the next ice age and the implications for any post-glacial civilisation that will colonise Britain. Can we make warning signs that will last that long, or that will be intelligible to whatever intelligent species is around then?

Richard

A reader objects to Dr Juan's assertion that leaving a baby to cry is tantamount to child abuse:

Here are the references that Dr Juan alluded to without giving:

De Bellis MD, Keshavan MS, Clark DB, Casey BJ, Giedd JN, Boring AM, Frustaci K, Ryan ND, "Developmental traumatology Part II: Brain development." BIOLOGICAL PSYCHIATRY 45 (10): 1271-1284, 1999 (not 2004 as stated)

Teicher MH, Dumont NL, Ito Y, Vaituzis C, Giedd JN, Andersen SL, "Childhood neglect is associated with reduced corpus callosum area." BIOLOGICAL PSYCHIATRY 56 (2): 80-85, 2004

Now, the DeBellis study examined the brain development of maltreated children diagnosed with Post Traumatic Stress Disorder compared to a control group and found differences to be present. But the definition of maltreatment used was typical of real abuse, not of being left to cry it out after all other possible causes of distress have been eliminated.

The Teicher study included a group that had suffered neglect and concluded that neglect alone could affect brain development. But here, again, neglect was not defined as leaving the child to cry it out after all other etc. To quote from the methods section of their paper "Neglect was the chronic failure of a parent or caretaker to provide a minor with basic needs, such as food, clothing, shelter, medical care, educational opportunities, protection, and supervision.".

Of course I'm not saying that crying out is undeniably without side-effects, but the studies referred to by Dr Juan simply don't support the conclusion that he tells us Professor Sunderland has drawn and for which he has appointed himself such an enthusiastic cheerleader. Of course his way leads to a dramatic headline and the chance to self-righteously denounce a new kind of 'child abuse'. But it may also have led parents of babies who won't stop crying (they do exist) to feel unnecessary guilt, shame and alarm on top of the distress they already feel. A scientist such as Dr Juan has a responsibility to do better than this.

Matthew Wright University of Southampton UK

And the heatwave causes James Bond to spontaneously combust. Oh, all right. It wasn't James Bond, and he didn't spontaneously combust. And it probably wasn't caused by the heatwave either. But still, stuff burned down:

>The cause of the blaze remains unclear.

It's simple. Someone in the disassembly crew leaned on the big red self-destruct button, causing the nuclear reactor hidden in the volcano to go critical. We're lucky that whole end of London weren't destroyed.

Jim

"Hideous spectre" indeed! A white cat was seen strolling away from the scene... (just kidding)

Alex

Enjoy le weekend. ®