Category: Angst

A response to Paul Boutin of Slate.com

July 30, 2004 /

Sumana sent me a great article called “Fight Virus With Virus,” where by “great” I mean “horrendously ill-advised.” Basically, Paul Boutin argues that instead of offering cash rewards for the capture of virus writers, the (ostensible) good guys should write viral programs that attack the malignant viruses with their own methods.

You may recall last fall, during the heyday of Blaster, when some idiot attempted to build a “good worm” that would fix the problem Blaster exploits. I’m sure it came as a shock, to people who weren’t paying attention, when it only made the problem worse. Boutin makes that worm (“Nachi”) a key point of his proposal. “Ingenious!” he says. “There was only one problem: Nachi overloaded networks with traffic, just like Blaster had.”

Casting it in those terms makes it seem like the traffic problem was a minor side effect, something that could have been fixed with a little careful programming. In fact, it’s a big glaring fundamental flaw. Boutin’s argument is equivalent to saying “there’s only one problem with water: it’s wet.”

The fact is that it no longer matters what, if any, payload a virus carries. The Denial-of-Service attacks that MyDoom and Blaster were supposed to create failed, because it was easy to figure out what they were doing and take countermeasures. It’s self-evident that it’s very easy to protect a single target when you know it will be attacked, and very difficult to defend millions of targets when the time of attack is unknown. The problem isn’t the end goal of a single instance of the virus, it’s their collective method of replication–which, in an increasing number of cases, is the end goal.

Boutin proposes that the hypothetical antivirus would “[spread] itself slowly and carefully to prevent traffic jams.” But programs that are allowed to grow unchecked are impossible to control, because they grow unchecked. Even writing a program that, say, replicates itself no more than once a week would mean only a minor delay on its growth pattern. Self-replicating programs grow exponentially, and restrictions would only divide that growth factor by a constant. People who know about complexity theory know that no matter how many fractions you put in front of an exponential variable, it’s still exponential; whether or not its curve stretches horizontally near the origin very quickly ceases to matter.

The heart of the virus / antivirus problem is an ethical one: it is wrong to alter any system without its owner’s informed consent, regardless of your intentions. It’s wrong to take over a system to use it for a DOS attack. It’s equally wrong to take over a system as part of a plan to stop that attack. This is a fundamental principle for the “white hats” to whom Boutin is trying to appeal.

(An aside: Microsoft will probably soon begin including the ability for Windows to patch itself automatically, which I’m gonna go ahead and say now will be exploited, and badly. I’m not really an outright MS-basher, but I don’t think the folks in Redmond have ever really been considered white hats, either.)

Boutin actually states the best available solution to the whole problem in his article, before going on to ignore it. “As the Washington Post reported yesterday, protecting yourself is easy,” he writes. “Install some anti-virus software and set it to automatically update itself (the default for most programs).” Actually, it’s not that easy, it’s not cheap, and many people can’t be bothered to do it. And yes, it sucks that their apathy screws up the entire Internet for the rest of us.

But as democracy is to government, so self-protection is to countervirus measures: the apathy of the many causes problems for all, yet it’s the least bad solution available. Increasingly complex tools are subject to increasing numbers of flaws, and will be so as long as they continue to increase in complexity (according to Moore’s Law, that’s forever). The right to repair those flaws rests solely with the owner of any particular instance of a tool; no matter how much one wants to, taking those rights for one’s own is wrong. Malignant programs can make computers into monsters, but as somebody who knew a little about computers once said, there is no silver bullet.

July 28, 2004 /

Yes, for the record, Elizabethtown has been filming about a hundred feet from my apartment for a couple days now. No, I haven’t seen anybody famous (although Ian has), and I’m finding it very difficult to care, except that traffic is worse because of all the blocked lanes. No concern for celebrity! I feel practically un-American.

July 26, 2004 /
  • Gave away what, 60 copies of HONOR? Something like that. Two of them I traded for other ashcans (Yeperynye and The Last Sane Cowgirl), which I totally count as sales. And every copy given away was to somebody whose work I (or Will or Stephen) really respect, which is a worthwhile transaction, in my opinion.
  • Left my hat at Preview Night. Never got it back.
  • Got to meet a lot of cool people from the online.
  • Cool people I met from the online all had a curious need to run off to important, distant engagements within seconds of meeting me. Either I smell bad or I’m Creepy Interweb Fan, or (probably) both.
  • Had a really good time with Monica, Will, Stephen and Maria. And Stephen’s lady Erin, at whose residence we crashed, is maybe the coolest person on the whole planet.
  • Ran out of plane-ticket money and was unable to visit Leonard and Sumana. That was a pretty stupid mistake, and I feel really bad about it. Hopefully, a post-student-loan trip is in the works.
  • Tycho and Gabe were the coolest, most professional people at the whole freaking Con.
  • Speaking of Tycho and Gabe, I had one of the world’s most random encounters: passing by their booth, I recognized Paul Mattingly, a great guy who was in Richmond Children’s Theatre with me a billion years ago and who now works as a Klingon and Second City understudy (!) in Vegas. I literally hadn’t seen him in over a decade. He even has a site, The Famous Paul, though I understand that’s mostly a placeholder for the moment.
  • Getting to California by train was interesting, right enough, and I’m glad we tried it. but the people who work for Amtrak seem unhappy and unhelpful and it’s very bumpy. I think I’ll pretty much be flying from here on out.
  • I thought about taking a whole bunch of stuff to get signed, but eventually decided against it. I had a better idea. Thanks to the unlined pocket Moleskine my family got me for my birthday, I now possess what can only be referred to as

    The Greatest

    SKETCHBOOK

    Ever In The History Of Time

    which basically means I win.

I managed to take a whole roll of film, which is good, considering I frequently manage to wish I had a camera while holding one. Probably more updates after I get that developed, but considering I still haven’t posted the pics from my San Francisco trip in February, one shouldn’t hold one’s breath.

From the pokéblog

July 14, 2004 /

We watched out the balcony window last night as a huge storm thrashed by, and today there are a lot of downed trees along my bus route. This is remarkable mostly because it’s not a particularly arboreal area–I just got on the bus, and I live downtown.

Update 0810 hrs: Actually, our bus has had to take a detour because of one road-blocking tree, after the world’s most laborious three-point turn. The tree didn’t look all that big, really. My GTA experience suggests that we totally could have taken it.

Update 0825 hrs: Almost had to detour twice more, for trees blocking like a lane and a half. Both of them had pulled down power lines; we just managed to squeeze around. The way it looks up here in the Highlands makes me grateful that our building didn’t blow down last night. There really is a lot of damage.

Short things are better than long things

July 11, 2004 /

Okay, saying “it’s one big movie! It’s just cut in half!” is stupid whether applied to Kill Bill or Matrix or, I don’t know, American Pie, whatever. It’s a bad idea to make a six-hour movie. Have you ever seen a six-hour movie? There’s a reason for that. It’s a worse idea to cut it in half. It’s bad enough mentally breaking out of the film long enough to take a five-minute bathroom break; I don’t see why a six-month bathroom break would be better.

If you want to make a long movie, make a three-hour movie and end it. If you want to make several movies, make them short. It’s not hard. Just don’t let any action sequence last longer than five minutes, and kill the freaking monologues.

June 30, 2004 /

Spider-Man 2 is out today! David Koepp didn’t write it, and Michael Chabon did! Life is considerably better than it was five minutes ago, before I learned that.

I loathe David Koepp, in case I haven’t made that sufficiently clear before. He’s written screenplays that adapted three of the icons of my childhood–The Shadow, Mission: Impossible, and the aforementioned Spider-Man–and all of them were pretentious, humorless, cliché-ridden claptrap. I haven’t read Michael Chabon yet, but he won a Pulitzer for writing about comic-book creators; I strongly believe this is a better qualification than, say, Snake Eyes.

June 2, 2004 /

The query still won’t run right. There are like five people on the database and I guess that’s just too much. I wish they’d leave. I’m going to have to come in on Saturday now.

June 1, 2004 /

I have a new cell phone. I’m not really happy about this.

On the one hand, my family and I have had a chronic problem with going over our minutes, partly because we were all sharing the same plan and Ian and I used a lot more than Mom and Caitlan. We only had 800 minutes between the four of us, which didn’t work out that well. So it’s nice that Ian and I have our own plan, so Ian can ruin my credit instead of Mom’s. Also we have twice as many minutes to use, and now that I have Cingular unlimited wireless-to-wireless, I should be using significantly fewer minutes anyway.

On the other hand:

  • I have to transfer all my contacts from Layla. Manually.
  • This new phone is not Layla; it seems flimsier and less shiny, and definitely can’t be used as a flashlight.
  • One nice thing is that it doesn’t have a broken extendable antenna. Then again, it doesn’t have an extendable antenna at all, so when I have bad reception there’s not a lot I can do.
  • Oh, and the new phone is not red.
  • Plus its keypad buttons are that annoying two-in-one rocker style, which makes it more difficult to use without looking.
  • And there aren’t as many of them, which means reduced functionality.
  • But I can google from my pocket! Which is something I’ve always wanted to do.
  • But that’s going to end up costing me a lot of money, at a cent per kilobyte.

I don’t know, maybe I’ll learn to like it. I did with Layla. I still have Layla, in fact, although she doesn’t connect to anything anymore. I’ll probably take her battery out once I’ve got all my contacts and stuff transferred, to use as a backup, since it’s the same kind as the new one.

In many ways I still hate having a cell phone, but I’d grudgingly accepted Layla. This newcomer is not so easy to handle. I feel like a friend has moved away, and a smaller, more annoying person has taken her place.

The new phone does J2ME apps, though. I better get cracking if I’m going to port rfk.

May 30, 2004 /

(This entry is posted as dated in my pocket notebook.)

I’ve passed the Waddy Peytona exit probably a hundred times. For the first time in my life, I’m actually in Waddy, at a somewhat sleazy Citgo truck stop, in a back room with no windows. Ian is asleep on one end of the beaten couch; I’m writing at the other. By all accounts, we’re within a few miles of a tornado.

There’s a scattered copy of The Trucker, a half-sheet format free newspaper, on the floor. It appears to be largely concerned with rising diesel prices. Maria called two minutes ago to say that the heart of the storm should be where we are in about three minutes. The rain just slacked off a bit; it sounds like there’s hail mixed with it now. There’s a thick skylight over our heads, which makes me nervous, but it beats the big window-walls out front.

There’s a large TV back here, which is turned off, and a smaller cycling-ads set which is on. It’s connected to some kind of truck load monitor with four large buttons. Every ten minutes or so it shows “local weather,” by which it means the highs, lows and actual temperatures in five parts of Kentucky. Amusingly, it shows nothing related to storm or tornado status.

Maria just called again. Apparently the funnel clouds have dissipated just before reaching Waddy. It should be safe to drive in ten minutes or so.

May 28, 2004 /

Given the cicada invasion on Bardstown Road as of late, plus the enormous and doomed Fourth Street Live revitalization project being advertised all over, well, Fourth Street, I’m pretty sure today’s Mac Hall takes place in Louisville.