jp.jpg (13389 bytes)

CHAOS MANOR MAIL

A SELECTION

Mail 270 August 11 - 17, 2003

 

HOME

VIEW

MAIL

Columns

BOOK Reviews

read book now

emailblimp.gif (23130 bytes)mailto:jerryp@jerrypournelle.com

CLICK ON THE BLIMP TO SEND MAIL TO ME. Mail sent to me may be published.

 

Mon Tue Wed Thu Fri Sat Sun

Highlights this week:

LAST WEEK                 Current Mail                  NEXT WEEK

  The current page will always have the name currentmail.html and may be bookmarked. For previous weeks, go to the MAIL HOME PAGE.

FOR THE CURRENT VIEW PAGE CLICK HERE

If you are not paying for this place, click here...

IF YOU SEND MAIL it may be published; if you want it private SAY SO AT THE TOP of the mail. I try to respect confidences, but there is only me, and this is Chaos Manor. If you want a mail address other than the one from which you sent the mail to appear, PUT THAT AT THE END OF THE LETTER as a signature. In general, put the name you want at the end of the letter: if you put no address there none will be posted, but I do want some kind of name, or explicitly to say (name withheld).

Note that if you don't put a name in the bottom of the letter I have to get one from the header. This takes time I don't have, and may end up with a name and address you didn't want on the letter. Do us both a favor: sign your letters to me with the name and address (or no address) as you want them posted. Also, repeat the subject as the first line of the mail. That also saves me time.

I try to answer mail, but mostly I can't get to all of it. I read it all, although not always the instant it comes in. I do have books to write too...  I am reminded of H. P. Lovecraft who slowly starved to death while answering fan mail. 

Day-by-day...
Monday -- Tuesday -- Wednesday -- Thursday -- Friday -- Saturday -- Sunday

 Search engine:

 

or the freefind search

 
   Search this site or the web        powered by FreeFind
 
  Site search Web search

read book now

Boiler Plate:

If you want to PAY FOR THIS PLACE I keep the latest information HERE.  MY THANKS to all of you who sent money.  Some of you went to a lot of trouble to send money from overseas. Thank you! There are also some new payment methods. I am preparing a special (electronic) mailing to all those who paid: there will be a couple of these. I have thought about a subscriber section of the page. LET ME KNOW your thoughts.
.

If you subscribed:

atom.gif (1053 bytes) CLICK HERE for a Special Request.

If you didn't and haven't, why not?

If this seems a lot about paying think of it as the Subscription Drive Nag. You'll see more.

Search: type in string and press return.

 

line6.gif (917 bytes)

read book now If you contemplate sending me mail, see the INSTRUCTIONS here and here.

Warning!

 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Monday  August 11, 2003

I will be hard at work finishing a novel all week, so this is short shrift. As usual there was interesting mail over the weekend.

Subject: FW: Neat Astronomy Demo! 

Jerry,

Lunation demo Boy that would have been very impressive to see in High School or College! http://antwrp.gsfc.nasa.gov/apod/ap030810.html 

regards,

Charles Adams

Yeah!

On Careers in IT, and IT jobs moving offshore

Dear Dr. Pournelle:

On Saturday, 8/9, Andrew Duffin had some observations about the career paths IT individuals should follow in Mail. He started out with:

"I have no doubt at all that all application development and support will move offshore (translation: to sweatshop labour) in the very near future."

In investigating offshore outsourcing to India, my company took tours of several outsourcing firms in different parts of India and the facilities are far from the "sweatshops" you'd expect. This doesn't mean such places do not exist, but US firms looking for reliable, quality work won't be using the two-untouchables-and-a-server kinds of places most of us envision.

The facilities were more modern than the building in which I work. The individual accommodations resemble the small telemarketer cubes rather than the 8x8 cube farms in the US, but personal-space in India is culturally-skewed to smaller workspaces. Workers are picked up and dropped off via company-owned and operated vans. All of the IT workers are college graduates, many in engineering fields, and all have at least a basic command of English and sometimes much better.

The facilities we visited were air-conditioned and ran on their own electricity-generation equipment since public power could be fitful. Although making from 20 - 40% of their US analogs, the IT people were comfortably middle-class in India. The IT equipment they used was comparable to ours, and in some cases, of later generations than what we used in the US. Most of the companies backed-up their off-shore land-line connections with direct satellite links.

The drawbacks we found were mostly cultural: for the most part they spoke very quickly and softly, with a significant accent, but their employers were actually sponsoring classes in providing Standard English pronunciation; something from which some of our own employees could benefit. Another "drawback" was that their employees were also almost too quick to please, sometimes sidestepping our procedures to accomplish their [and our] goals.

This is far from hiring kids for pennies a day to build name-brand sport shoes. Firms like this are significant threats to the future of IT on US shores. Just as high-quality manufacturing left the US for foreign shores [remember when "Made in Japan" meant junk and now sets the standard for autos and electronics?], the same is going to happen for our service industry economy with the high-cost jobs leaving first.

As for going into Six Sigma as a career move, I can't comment in depth about that except to say that management fads vaporize quickly. I remember living through quality circles, cheese-moving, fish-market philosophies.

[Name withheld]

O, I never thought those would be sweat shops. What they aren't is American, and what they don't do is pay for our social welfare programs. Now perhaps the lesson is we can't afford those programs. Schumpeter thought capitalism was doomed, for political rather than economic reasons. 

Is there any great evidence that he was wrong?

 

TOP

CURRENT VIEW 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Tuesday,  August 12, 2003

We begin by continuing with an old discussion

Dear Jerry,

We thought the migration of "blue-collar" jobs off-shore was bad. Last week in Chaos Manor Mail there was a discussion on IT jobs moving off-shore.

Today I read this:

http://www.cnn.com/2003/TECH/
biztech/08/11/training.replacements.ap/index.html
 

 titled "U.S. tech workers training their replacements". Talk about adding insult to injury:, gesh! And we're doing it to ourselves with "L-1" visas. I'd heard of a visa program to get medical doctors for rural areas, never anything like this. This is insanity!

Maybe we need a tariff on exported work. Like 90% of American wage for a particular job minus the wage actually paid to the worker outside the U.S. We'll need the money for welfare for former blue-collar workers when they get replaced at McDonald's by M.S. and PhD. holders.

This ties in with the educational system woes. Why teach anything to anybody when there's not going to be anything to do anyway?

Dale Yarker "The only thing worse than being paranoid is having your fears come true."

Indeed. I started an answer to you and ended with an essay. See view.

Lest we forget:

Dr. Pournelle,

http://www.techcentralstation.com/1051/defensewrapper.jsp
?PID=1051-350&CID=1051-081203A
 

Sincerely,

Bruce Jones

=================

As evidence of more and more that is done "for the people":

Dear Dr Pournelle, I came across the following which you may find of interest.

http://www.unknownnews.net/0626-2.html 

I've been following news of the recent implementations of the Patriot Act with dismay, though this really appears to take things to extremes. What (if any) benefits does this give to the US taxpayer ?.

Further details at

http://www.kansascity.com/mld/
kansascity/business/6161002.htm
 

 http://www.bxa.doc.gov/Antiboycott
Compliance/OACRequirements.html
 

Kind Regards, David Peters.

Indeed. Are you astonished? Free Trade is Good For You.

On Kelly Freas and other matters:

Thanks for the warning. I logged about 200 attempts to access my 135/TCP port overnight. Whoops, there's another one!

We visited Kelly Freas in hospital yesterday, and he seems to be doing fairly well under the circumstances. Most of his complaints seem to come from having to endure hospital conditions, rather than the broken hip, per se. They moved him from the post surgical recovery floor to the physical therapy floor (room 667, bed 1) while we were there. They have him up and walking already, albeit in very small doses.

He doesn't have his hearing aids, and one of his biggest problems is understanding his nurses, who are generally small women with high pitched voices... in a frequency range that he just can't hear. Plus, their plethora of Asian and Latin accents make them somewhat hard to understand even if you can hear them. I tried to translate. He does seem to be enjoying visitors, though he is not very mentally focused (his medications, I assume).

He's really ticked off that this will keep him from enjoying his GoH perks at WorldCon. He's actually hoping that he'll recover enough in time to go, but that seems extremely unlikely. Glen Glaser (on the Con Committee) brought a stack of e-mails from well-wishing fans and read them to him.

Thought you might appreciate a report from the scene.

Greg Hemsath

Post Script: This message to you just bounced, with the error message: "The mail server responded: sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) Please check the message recipients and try again." Somebody's spam filter is working overtime. I'll try again using another account.

We missed Kelly at the Writers of the Future dinner also.

===============

Apparently now a "racist" is anyone who wants to get away from multicuralism. How long will it be before not loving your dispossession will be a crime?

xxx

 

http://icwales.icnetwork.co.uk/0100news/0200wales
/content_objectid=13275212_method=full_s
iteid=50082_headline=--Racists-making-a-home-in-Wales--name_page.html

 News 

'Racists making a home in Wales'

Aug 10 2003

Greg Lewis, Wales on Sunday

DAFYDD Iwan's claims that English racists are moving to Wales to get away from Pakistanis and Indians have been backed up by a leading travel writer.

Mike Parker, editor of the Rough Guide to Wales, has criticised his fellow countrymen for using rural Wales as a place to "get away from multi-cultural society".

Parker, who moved to Wales from Birmingham several years ago, was scathing about the numbers of people from Liverpool, Manchester, the Midlands and London who had moved into rural Wales.

"The common defining feature is that their principal reason for leaving the English cities was to get away from multi-cultural society, from black and Asian people in particular, and they see rural Wales, with its largely white population, as a safe haven," he said.

"To some extent, rural Wales has become the British equivalent of the American mountains inhabited by a sprinkling of paranoid conspiracy theorists, gun-toting final solution crackpots and anti-government obsessives."

Mr Parker, who lives near Aberystwyth, made his observations while editing the best selling Rough Guide to Wales two years ago.

"I have lost count of the number of times when people from England who have spoken to me in pubs and shops have made racist remarks like, 'Isn't it nice here without the Pakis?'.

"They notice I have a Midlands accent and immediately assume I am going to share their prejudice."

===================

Hi Jerry,

http://www.governor.ca.gov/state/govsite/gov_
htmldisplay.jsp?BV_SessionID=@@@@1547029341.1060740140
@@@@&BV_EngineID=cadcicfiglhlbemgcfkmchchi.0&sCatTitle=
Press+Release&sFilePath=/govsite/press_release/2003_08/20030811
_L03068_AB1250_tolerancetraining.html&sTit

 

- Paul

PS: Sorry for the horrible url,

And the bad news. Thanks.

==============

What we have to do is double the college tuition for liberal arts and make it free for engineering and science.

Walter E. Wallis, P.E.

Actually, I have said something like that for a long time. Why should we subsidize education in sociology and other useless "social science" disciplines? If people want to study such things why should they not pay what they cost?

But of course modern universities charge what the traffic will bear and their costs have little to do with the actual cost of delivering the products.

==========

Thought you might find this interesting.

http://www.townhall.com/columnists/
}brucebartlett/bb20030812.shtml
 

===== Tiomoid M. of Angle JD MBA ----------------------------------------------------------- 'Cynics say that every man has his price, but it is amazing how low some people's price is.' -- Thomas Sowell

Don't back into an Empire. Indeed.

======================

Subject: Bush Administraiton & States Rights

California and other states that want to make marijuana available to sick or dying patients are flouting federal drug laws in much the same way that Southern states defied national civil rights laws, a senior Bush administration lawyer said. http://story.news.yahoo.com/news?tmpl=story&
cid=513&ncid=703&e=9&u=/ap/
20030810/ap_on_go_ot/lawyers_marijuana
 

Rich

Indeed. At one time it was known as "State's Rights." But that was in another country and besides the wench is dead.

Saw this on Slashdot. Apparently there isn't a lot of love (or more importantly respect) for SCO in Utah.

http://www.sltrib.com/2003/Aug/08122003/business/83192.asp 

Regards,

John

-- John Harlow, President BravePoint jharlow@BravePoint.com Voice: (770)449-9696 Fax: (770) 449-9003 www.BravePoint.com Progress,Web and Java Specialists

A mind is like a parachute; it works best when fully opened....

I am shocked... And see below

Dr. Pournelle,

First off, I'd like to wish you a belated Happy Birthday; "May you live as long as you wish, and love as long as you live."

Second, I thought you might find this article interesting. I had not heard about charter schools, but I'd like to think this is one positive attempt to address the education problem:

http://www.techcentralstation.com/1051/techwrapper.jsp?
PID=1051-250&CID=1051-080703C
 

And I'm sure you know about this already, but I'm glad to hear the test went as planned:

http://www.scaled.com/projects/tierone/New_Index
/flight_data/flt_data.htm#combined
 

Sincerely,

Bruce Jones

Scaled will win the X prize some time this year. That's important. It isn't orbit, alas.

From Joanne Dow:

Subject: Forget WMD he financed terrorists.

It is well known he financed the Palestinian terrorists in Israel. Peace in the area is one of the key elements of the US agenda for decades now. With Saddam abetting the terrorists the nonsense was destined to go on forever.

It is hard not to notice the (apparent) progress with regards to the recognition of a Palestinian state and relative peace in the area. This in itself is a worth reason for eliminating Saddam.

Aw gee, didn't Bush mention that a couple times? Damn, someday I might come up with something like this first....

{^_-}

===============

Subject: The War According to David Hackworth

*The War According to David Hackworth

The Retired Colonel calls Donald Rumsfeld an "Asshole" Whose Bad Planning Mired U.S. troops in an Ugly Guerrilla Conflict in Iraq. His Sources? Defiant Soldiers Sending Dispatches from the Front.

*http://www.commondreams.org/views03/0805-09.htm 

swb

No comment. 

 

 

 

TOP

CURRENT VIEW 

 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Wednesday, August 13, 2003

I put up a lot of mail last night: scroll up if you have not seen it. And now an exciting prospect?

subject: a hot diamond cpu

Dear Dr. Pournelle:

Please check http://www.wired.com/wired/archive/11.09/diamond.html . The article discusses two methods of making diamonds. The Gemesis process uses heat and pressure to imitate nature and the Apollo process uses vapor deposition, which I remember from semiconductor manufacture. Both companies are selling jewel quality diamonds to finance research into diamond semiconductors.

Sale of manufactured jewel diamonds upsets De Beers. I know from a previous article they can always spot Gemesis manufactured diamonds with a 150 power microscope. The flaws look like tiny staples at that magnification..The Apollo diamonds are harder to spot, but are more pure than any known mined diamond. De Beers is in trouble, and knows it. When is the last time Mrs. Pournelle stuffed a 150-power microscope into her purse when you offered to take her diamond shopping? More important, if you laid out a one carat ring and a two carat ring side by side, knowing they were the same price, which would she choose?

But Chaos Manor is about computers. Picture a cpu made from diamond semiconductor. It will be stable and usable at two hundred degrees Fahrenheit, Hot enough to destroy any silicon chip. It will also be faster than present semiconductors, giving Moore's law of speed doubling a few more years of life. They can make doped diamond semiconductors now. The process can and will be perfected. Doped diamonds in your laptop, what a prospect!

regards,

William L. Jones wljones@dallas.net

A long time ago I bought some investment grade diamonds, in the mistaken belief they were a good investment that could be worn until liquidated. They were a good investment in the sense that for a number of years after that I could have sold them for more than I paid, but I had not reckoned on "You want to sell my diamonds?" 

Man made diamonds threatens the entire diamond market structure, which is already artificial and came close to collapse when the Russian collections got into the market.

Diamonds are very useful, and diamond films may have a lot to do with heat dissipation. Their investment future is uncertain. And see below.

From Ed Hume:

Unholy Matrimony: Spam and Virus

From http://businessweek.com/technology/content/
aug2003/tc20030812_7863_tc047.htm
 

Excerpt: Over the past few months, e-mail security companies have seen mounting evidence that spammers are using virus-writing techniques to assure that their sales pitches get through. At the same time, intrepid virus writers have latched onto spammers' trusty mass-mailing techniques in an effort to wreak widespread digital mayhem. . . .

Is it time to panic?

Also from Ed Hume:

In a time when manufacturing, IT and other white collar jobs are leaving the country, there is one place a healthy young person with a brain can find employment:

PEACETIME OPERATIONS: Recession Recruiting Rocks

From http://www.strategypage.com/fyeo/howtomakewar/
default.asp?target=htpeace.htm
 

August 12, 2003: What's bad for the economy is good for the military. With an all volunteer force, the military has to compete in the job market for new recruits. That effort was taking a beating in the late 1990s, and probably will again as the economy recovers from the millennium Internet bubble. Not only are more men and women applying now, but more first term troops are deciding to stay in. This means that not as many new recruits are needed each year. Six months ago, the Navy thought it would need 48,000 new recruits this year. That goal has been scaled back to 39,971, and will probably go a little lower before the year ends. Nearly a hundred thousand sailors are returning from the Middle East and have been told that new deployment plans will keep them at home more often then in the past. So morale is high, and the civilian job prospects do look very bright. Thus sailors are staying in uniform. And there's also the 911 factor. The nation is technically at war, and people in the armed services are more aware of it than civilians. Everyone is standing a bit taller, and less eager about getting out of the service.

Overall, the quality of the troops is going up. It was pretty high to begin with in the late 1990s, but the recruiters can afford to be more picky now, and they are. Troop commanders know they won't take a lot of heat from up the line if they toss a troublesome troop out, and the troops know it too. America has probably never had such a high quality and combat experienced military before (when there wasn't a major war going on). Even World War II depended on a lot of guys who wouldn't be allowed to enlist today. The weapons and equipment are more capable than ever before, and require brighter troops to make them work.

===============

 reader, "P" responded to "Affirmative Action: The Robin Hood Effect" http://www.lagriffedulion.f2s.com/robinhood.htm 

Jerry, please pass my comments back to him.

P: Amateur analysis of La Griffe du Lion essay (not a statistician, no background in demographics or economics)

Griffe: Apologies are unnecessary.

P: Interesting idea, very poor methodology. I suspect that significant deviations from a meritocracy exist in current income distributions, however, I believe "racial Robin Hood" effect is less pronounced than La Griffe calculates and that (female subsidizing male) gender Robin Hood effect is probably more pronounced despite affirmative action in opposite direction. There are many, many significant factors in current personal income distribution besides racial affirmative action and intelligence. There are significant other factors besides NLSY tested intelligence which would be paid for in a meritocracy some of which (whether racial characteristics or not) I contend track strongly with race in today's population.

Griffe: "Believe," "suspect, and "contend" are not part of the Griffian lexicon. That said, P makes some addressable points.

P: Potential problems with La Griffe methodology: 1) Very limited in adjusting for recognized factors other than IQ and affirmative action in present actual income distribution; while it raises some pertinent questions about other factors it dispenses with most of these by asserting that divvying folk up into quintiles will remove these factors from significance.

Griffe: Of all variables, IQ is the strongest correlate of income. There is no longer any doubt that income stratifies by IQ. (See, for example, TBC or Gottfredson: "Why g Matters", Intelligence 24(1) 1997.) Dividing the workforce into quintiles reduces the effect of other factors; it does not remove them. There is bleeding across quintile boundaries, but keep in mind, P, this is a model, not an exact representation of economic reality.

P: Factors recognized and dispensed with this way are: Variation in individual ambition/drive, unmaterialistic personal preference in job type, opportunity (market imperfection, not every job is available to every person), Geography (West Virginia/New York pay scale), relevant personal qualities beyond intelligence (personality, work habits, ethical/moral values).

This assumes that NLSY tested intelligence is the dominant factor (excepting affirmative action) in current income distribution and that the factors above produce only minor deviations in income level. Anecdotally I would have to say that this is untrue, I think most of us know plenty of stupid white men who make more than they should in a meritocracy.

Griffe: "Stupid white men"? Could P's political orientation be peeking out here. The fact that IQ is the single strongest correlate of income, unpleasant as that may be, cannot be dismissed. Introduction of other variables does not change this fact. Geography, is not a human quality. Sure, income stratifies by geography, but within any region IQ remains the dominant income determining factor.

P: I also know people who score 110% (heh!) on any written test but wouldn't know what to do with a tool if it bit them and vice versa (good craftsmen don't necessarily test well or know English, although very good ones will usually do both in the US).

Griffe: Please don't go there. In a country of nearly 300 million you can find as many anecdotes as you like to illustrate any point on any side of any issue. This stuff is OK for The NY Times, but please keep it out of this discussion.

P: I assert that the geographic deviation is not small (the Median household income in AK is $55K and in WV is $30K and obviously minority representation is very different in different locales);

Griffe: If inclined, P might group states according to per capita income and perform a Griffian calculation for each cluster of states. The algorithm is laid out in the appendix. You will, however, find that within each region IQ is the most important variable.

P: ... and that relevant factors other than intelligence are of huge significance in compensation (criminal background, for instance, which works to widen LaGriffe's gap, training and education, but also certain physical traits and cultural traits which are positive and track strongly to minority groups).

Griffe: Sorry, but criminal background and education also strongly correlate with IQ. What positive physical and cultural traits that track to minority groups have you in mind?

P: 2) Also limited in not even recognizing many other factors in income distribution. Some of these which spring to mind are:

A)That people making less than $10K a year are not working full time and that this is often not due to unemployability, (federal minimum wage in '97 was $4.75*(1500hrs)+ $5.15*(500hrs) = $9700). My 99th percentile IQ (Nordic) sister works part-time (4-7's) to allow time for volunteer work (2nd lowest quintile income), my 99th percentile IQ mother works part-time (~15hrs/wk) for my father's company (a lifestyle choice which probably relates to her 7-99th percentile IQ children) and pays herself a salary in the bottom quintile (minimum to qualify for Social Security--since all the household income including the company profit goes into the same account anyway). La Griffe does chop off those under 25 and over 64 to eliminate some of this. Why doesn't he use the readily available statistics for full time year-round workers of all ages (This puts the top of the bottom quintile between $17.5K and $20K per person and the bottom of the top quintile somewhere between $47.5K and $50K and dramatically affects his calcs)?

Griffe: Sister? Mother? Gimme a break. I chopped off the over 65 group because many of them don't work and consequently are neither direct victims nor beneficiaries of AA. I omitted those under 25 to eliminate students who will later enter the work force, but do not yet fall victim to or benefit from AA. The calculation applies to the slice of the workforce most affected by AA.

P: Pushing 52% of blacks and 41% of Hispanics into a quintile which is almost wholly composed of those employed part-time or for less than the full year is not a logical conclusion from the IQ distribution (this is also true to a lesser extent of the second quintile from bottom in La Griffe's divisions).

Griffe: I'm afraid, P, you do not understand the significance and consequences of a 1 SD gap. It is huge. In a meritocracy, most blacks and many Hispanics would indeed be pushed into the part-time and less than full-year employment sectors.

P: Losing/changing jobs happens thruout the IQ distribution (company fails, down-sizes, moves, family moves because spouse changes jobs, need to care for parents, health problems, etc.). Certainly someone of marginal utility is more likely to lose a job or have trouble finding one quickly, but not to the extent the "meritocracy" distribution would imply.

Griffe: How can P know the extent of anything without a measurement? Divine inspiration? More assertions -- easy to make, hard to back up.

P: B) Assumes income distribution would be unchanged from present both in Utopia and in meritocracy Not all income is wages and salaries, nor is all income reported -- I would expect the top and bottom quintiles to contain large numbers of investors and tax cheats(cash economy). The top 5% also contains (I assert) large sums of over-compensation (capital gains for largely passive investors) which bear no relation to personal merit or productivity (emphasis on passive). Which is a completely different issue of reverse Robin Hood (I make multi-million dollar decisions regularly on a 5 figure salary which accrue primarily to those whose chief contribution to society was being born to rich parents or getting lucky once). This is, of course, like most stereotypes, not true of all top 5% earners.

Griffe: There are bumps like tax cheating and unreported income that my model does not account for.

P: C)Labor unions are a significant factor in boosting incomes (26% difference in median for full-time wage and salary workers in 2002) and blacks are over-represented in unions (32% more likely than whites in 2002). This over-representation is due only in part to affirmative action in the public sector where jobs were 4 times more likely to be union than in private industry. Minority populations of cities which are heavily unionized like Detroit, LA, NY probably plays a bigger role.

Griffe: Unions are indeed a factor, but P's rhetorical manipulation is worthy of a congressman. Instead of "32% more likely than whites in 2002," P might have presented the data from which 32% is calculated, ie, unionized: 16.9% blacks, 12.8% whites, 10.5% Hispanics. Thus viewed, we gauge the effect on income transfer as small.

D)Income rises with age and minorities are disproportionately young (this works to widen LaGriffe's gap)

Griffe: Point well taken.

E)Gender differences (31% difference in median for full-time wage and salary workers) -- % women in workforce and for part-time or full time differs by race

Griffe: There are part-time/full-time differences by race, eg, in 2003 81% of white workers were full-time, compared to 85% of blacks. I cannot separate out the causes, which may or may not be AA related. As for the gender gap, check out P. Hausman: "I Am Woman, Hear Me Whine", National review online April 3, 2001, still available at: http://www.nationalreview.com/comment/
comment-hausmanprint040301.html
 

P: F) Training, Education, and Experience

Griffe: Trainability is very strongly correlated to IQ. Ditto education. Experience? No ability --> no experience.

P: G) Unemployment and Prison population What effect do higher unemployment and higher prison population have on minority earnings--one could argue that this winnows the field of workers and increases competitiveness of remaining minorities since stupid people are more likely to get caught or be unemployable.

Griffe: Sorry P, but criminality is also strongly linked to IQ. (See TBC.) Based on incarceration rates I estimate the male gap in "criminality" as 0.81 SD for African Americans, and 0.43 SD for Hispanics, both with respect to non-Hispanic male whites. http://www.lagriffedulion.f2s.com/fuzzy.htm  Unemployed are covererd by my model. They have income; it's just zero.

P: 3)Zero Sum game -- The assumption that there is a certain amount of income to go around and that giving one person more takes away from others. This is not a 1-1 trade-off. The size of the economy depends on production. Providing resources to people which allow increased production increase the size of the pie. Affirmative action in employment may be a zero sum game or even a negative sum game ... but affirmative action in education, training, capital access, etc. may well be a positive sum game by raising the productivity of those with lower potential more than it impairs the productivity of those with higher potential. There is definitely not a fixed amount of education to go around. I do not assert a positive effect, I merely suggest an effect should have been accounted for.

Griffe: AA in education, capital access etc. may influence income distribution, but the robin hood effect, being an "integral" rather than a "differential" approach to income transfer, considers the _sum_ of AA influences rather than individual factors.

P: If you get thru all of this I'd be amazed but I wanted to get this off my chest.

Griffe: Thanks for the careful reading.

P: Best, Ben A. Pedersen, P.E.

===== La Griffe du Lion http://www.lagriffedulion.f2s.com 

=For the moment let's you and him fight

Subject: A lawyer advises wait-and-see on SCO

This is a nice, clear article written by an attorney. If you know someone who is actually worried about SCO, you should show this article to them.

http://techupdate.zdnet.com/techupdate/stories
/main/0,14179,2914464,00.html
 

-- Steve R. Hastings "Vita est" steve@hastings.org http://www.blarg.net/~steveha

Lawyers always advise you to hire an attorney, pay him, and then wait and see; but this is in fact a good article and I can second the advice to read it.

==============

Harry Erwin on Creative Destruction

On Creative Destruction

I call myself a liberal democrat (with the emphasis on the 'liberal') although it is no longer clear to me how I really differ from my mother's 'Chase' brand of conservative republicanism. I think I have become more pragmatic than anything else. Having lived in the USA for more than fifty years and then in the north of England for almost three, I have relevant experience from both countries.

It is clear that capitalism is thriving at the local level in both. Central planning simply does not serve the needs of the local market, and that simple fact is accepted by most Americans and English. It's at the next level up that we begin to see problems.

It is characteristic of ruling elites in both countries that their reach exceeds their grasp. By this I mean that their solutions to problems are almost always simple, coherent, and wrong. Policy making in both countries tends to be captured by entrenched interests, even when a large majority of the population is ill-served. An example that stays out of politics--the actively church-going population in England (1.7%) seems to have shrunk to be smaller than the actively gay population (~2%). For most people here, the established church is tainted by its historic links to the UK government, and alternative churches are not mainstream enough to attract much membership. Yet, church governance remains centralized and unresponsive to the needs of most people. The church I go to has about 80 mostly elderly parishioners at each service, and five priests on staff.

So I agree with the need for creative destruction, although many English do not. I think Peter Drucker once pointed out that closing the company should always remain an option for a board of directors, and I think that should be the case for any institution that is no longer useful. On the other hand, 'useful' is not just a short-term economic term. The UK government seems to be laboring under the illusion that the only people who benefit from publicly financed university education and research are the people who take the degrees, but one consequence of this perspective is that almost all engineering programs are closing in England--they're expensive to teach and unpopular with students. What kind of modern country can import all its engineers? Similarly, the UK PhD program has been gutted to the extent that US universities no longer consider the degree equivalent to a US PhD. What kind of modern country can import all its real PhDs?

That, I think, is the real issue. Creative destruction is necessary, but the criteria should look beyond short-term economics. -- "I would like to be able to love my country, and justice too." (Albert Camus)

Harry Erwin

Apparently not everyone understands what I have been trying to say:

Unrestricted Free Trade Capitalism (19th Century Liberalism) is probably the best engine for economic growth and the creation of wealth.

Unfortunately, people are not equal. Fully half of them are below average. The distribution of wealth does not coincide with the distribution of votes. The problem of political democracy has been, since ancient times, the problem of wealth and debt relief and property. You can't have capitalism without capitalists and the capitalists have to be allowed to accumulate capital.

But democracies don't vote for such measures except in certain circumstances and those change. 

The trick is to provide enough political and economic freedom to allow growth to continue, while overcoming the tendency of politicians to accumulate votes through divisionary politics, and through the politics of envy. In the present situation it's worse because the public service unions have become what amount to a first charge against the tax base, never decreasing in numbers or pay or pensions, and always organized to pay politicians to keep it that way.

The Libertarian Party may be devoted to smaller government, but it insists on purity of candidates. Smart political operators know better. They try to outbid the opposition on narrow grounds. They know the politician won't stay bought. The result is that outfits that care a lot on narrow issues generally get their way.

My arguments on tariff boil down to this: there are a lot of displaced people in this country and they were formerly part of the middle class and voted for middle class measures, which by and large are pro-capitalist and pro-free trade, and as we said in the Old South when I was a youth, "Tariff for revenue only" (i.e. not for protection). 

But the balance of power is always delicate, as Schumpeter saw. I never believed he was right when he thought socialism was inevitable if you kept democracy; but the tendency is toward more and more government benefits (which also implies more and more government employees) and the creation of more and more entitlements which will be defended by their recipients, who will organize politically to defend those entitlements. See Teachers Unions, Prison Guard Unions, Public Service Unions, Social Security as the Third Rail, Medicare, etc. etc. for examples.

Preserving both liberty -- economic freedom is one of the essences of liberty -- and democracy is very difficult, and there are no hard and fast rules and theories that work through all times and places.

The people must have confidence that the government really is trying to do its best for them; and that restraint in what they grab  is a good idea. California has gone about as far as you can go in the other direction. No one has any confidence in the state government now, but no one has the foggiest notion of what to do about the entrenched interests which have their iron triangles of organized fund raising to sell legislation to the highest bidder.

It will not be all that long before it happens on a national scale if we continue to export manufacturing jobs.

Half the people are below average in intellect. You cannot force them to compete with the above average in other countries if you don't give them satisfying non-intellectual work they can do.

I am waiting for someone to show me why that analysis is wrong.

On the new Frankenworms:

As expected, the "Blaster" (aka "MSBlast" and "LoveSAN") worm has new variants that are a bit more efficient, and have different names for the executable program that is installed on the computer. These new variants are not damaging to files on your computer, but the potential is there. It would be quite easy for a Blaster clone to contain a simple command to format your hard drive or delete files, etc.

So it is quite important for your readers to ensure that they have protection against this worm. They need to apply the Microsoft patches to be protected. Note that the worm doesn't arrive in an email message, so anti-virus protection, or not opening attachments, doesn't protect your computer.

A firewall of some sort will help (there are reports that the XP Firewall can help), as long as the user doesn't inadvertently allow access to the worm.

The 'mantra' will help: "update patches, update virus definitions, don't open attachments"; repeat three times....

Rick Hellewell Information Security Dweeb digitalchoke@digitalchoke.com

 

=Thanks. No one has sent me an account of infection through any means other than mail, so I can't describe how that happens.

 

 

TOP

CURRENT VIEW 

 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Thursday, August 14, 2003

I am not sure what to make of this:

Dear Jerry:

I've just returned from vacation. I went to my High School class 40th reunion. It was, to say the least, interesting. There were surprises. Despite the Marin County location, many of the guys served in Vietnam during the war, Some took the really hard road and were Seals or Green Berets or Riverine. Others were, like I was, NSA soldiers. Some are still pretty liberal and others have become very conservative...and not one of them things this war in Iraq was a good idea. They range from construction workers and movers to doctors, lawyers and college professors. One, a Republican, asked me very seriously if I thought that the Neocons had a secret plan to bankrupt the nation so that social services would then be impossible to provide and that the anarchy that would result would allow them to assume absolute dictatorial power over us all. Well, conspiracy theories give me gas, but that concept might be made into a pretty good political thriller

I heard a lot of complaints about lousy support service. Everyone seemed to have a horror story of trying to explain some technical computer glitch to some clown in India who does not understand English as it is spoken here. Most abandoned the attempt in the process and sought help elsewhere. Some are changing their ISP over this issue. Most of the tech support people in India seem to be working from a script and , if you have something that isn't in the script, then they just repeat the question. (One told me the guy keep asking "What is your problem?" over and over, to which he replied at last, "My problem is you!" and hung up the phone.

On the way back I stopped to see another old friend who has a design firm. One of his clients threatened to take their work to India if he didn't reduce his rates to them. In business negotiation this technique is known as "the nibble". He did indeed cut his prices twenty percent to keep the business. But that just because he's trying to stay afloat and survive the current downturn. He will be looking for other, less stupid clients who care about the quality of the work and when he finds them he will drop these people like a hot rock. He is justifiably insulted that his talent and the close working relationship he provides seems to count for nothing with them now.

He said "I wish I had a product of my own...but I'd probably have to have it made in India or China, which means I too, could join the rush to the bottom." Having spent years selling security guard service and dealing with people who were only interested in the lowest possible price, I understood what he meant. If all you want is the lowest cost then you deserve what you get.

Quality is important and, in the long run, it pays better. Things last longer, problems are solved quicker, and customers decide that they will pay a little bit more to avoid all the problems that come with cheapness. The short-term MBA mentality that looks only at the bottom line has come close to ruining this country economically. Hopefully the pendulum is going to swing the other way RSN.

I think we need to look for innovative ways to correct these problems. Your historical analogies are useful up to a point, but as Suzie Orman said, you don't drive a car by looking only in the rear view mirror...you have to spend most of your time looking at what's in the road ahead. Honor the past, but embrace the future.

Sincerely, Francis Hamit

If you will loan me your crystal ball so that I can examine the future without having to bother with the past, I'll be pleased to use it. Until then, what, precisely, is one to use other than the past as a guide to the future? I'd like to know that.

Little homilies like "honor the past but embrace the future" probably make for good copy, but I don't know what they mean. As to driving cars, no, I don't do that by looking at the rearview mirror, but I do learn something from the manual. Please provide me with the manual for the future that you seem to have and you are sure I lack.

Subject: Why aren't you running for governor?

Serious question. Why aren't you on the ballot for governor? I know you think the recall is a mistake, but someone is going to be governor, and I'm surprised you didn't take your shot at it. I think you'd be a better governor than anyone else I've heard mentioned. Your name recognition isn't up there with Arnold's, certainly, but neither are you an unknown.

And, yes, I know you're 70 years old and being governor is a tough job, but I'd have thought you might have tried for it anyway as a person to whom civic responsibility is important. I kept expecting you to announce your candidacy, figuring that your web site readers would take care of the $3,500 fee and the 65 required signatures within an hour after you posted your announcement.

I'm not flattering you to say that you or someone very like you is what California appears to need right now. I see that all the news outlets are complaining about the lack of substantive discussion of issues by the various frontrunning candidates. No one could accuse you of avoiding the issues. You'd need only point them to your View page.

So why didn't you do it? I suspect a lot of your readers are wondering the same thing.

-- Robert Bruce Thompson thompson@ttgnet.com http://www.ttgnet.com/thisweek.html http://forums.ttgnet.com/ikonboard.cgi

Well, let's see. First, I long ago decided I wasn't electable to public office. That was revealed to me when I managed campaigns, and had to keep telling candidates, "Don't react to that," "We'll ignore that one," "Don't open that can of worms," and "You are not here to win arguments or inform the voters. You are here to rally your own troops without infuriating the other guy's voters."

In other words, my temperament is to teach, not to be a candidate, and just because I know intellectually how to win election campaigns doesn't mean I have the temperament or self control to follow my own advice.

Second, the chance that I could raise $10 million in a couple of weeks is nil, and it would take at least that much to buy the media space that would get media coverage. The media go where the stories are, but they are sent where the advertising bucks come from. Some colorful candidates can get serious coverage without buying it, but most can't.

Third, I'm not going to subject my family to the kind of thing the Clinton Attack Machine will turn on anyone they see as a real threat, and it looks like they are going to rent the machine to Davis. I see this morning there is an article in the LA Times about Arnold's father's military service in Austria. Most of the details were provided by the Wiesenthal Center -- which had them because Arnold once requested they look into it, and who had given them considerable money. It turns out that his father joined the Party and the S.A. in 1938 after the Anschluss, and served in the Military Police. It says "There is no record of his being accused of war crimes." And this was all generated on short notice. You may look for worse shortly.

If this election were going to be conducted among people who pay attention to arguments and issues, I probably still wouldn't run, because I don't want to be governor of California.

I am at an age when most retire. I am not about to do that, but I have books to finish (some not yet started) and I am aware that I have only a limited time to do all that even with all the pills I take and my twice daily walks. I am still of an age that if someone gave me $20 billion to build a Moon Colony I'd undertake the job, but it's not likely (I could have done it for $10 billion a few years ago, and for about $5 billion back in DC/X days). 

Thanks for the kind words, and I am arrogant enough to think that if I had the office I could probably do something useful since I certainly wouldn't care if I got elected again, but it takes a special kind of personality to both win a public office and be able to perform it properly. Few have that personality, and I fear I am not among that group.

Subject: jargon

Dear Dr. Pournelle,

I read my letter posted in your 13Aug03 mail, and was horrified. The meaning was clear for the two of us, but probably left many of your readers confused.

Carbon(C), like silicon(Si), germanium(Ge), and gallium arsenide(GaAs), can be used as a semiconductor. They are all clumped together in the chemist's periodic table, printed in the Merriam Webster Collegiate Dictionary and many other places, and this is no accident. The substances must be very pure and in crystalline form to work as semiconductors.

So far, so good, but if someone gave you a piece of any of these substances in pure crystal form, it would be a worthless lump for electronics purposes. Notice that most of these substances are in the IVA column of the periodic table, and even gallium arsenide is a mix of IIIA and VA. To be useful as semiconductors, these substances must have very slight amounts, measured in very few parts per million, of compounds from IIIA (positive dopants) and VA (negative dopants). This very small addition is critical, and too much dopant, or any non-dopant contamination of the crystal, can ruin the semiconductor. Proper combinations of positive doped, intrinsic (undoped), and negative doped substances, carefully combined under rigidly controlled conditions, give semiconductor diodes, transistors, and integrated circuits, which can be as complex as the cpu in a computer.

Crystalline carbon works as a semiconductor when properly doped. It is a superb heat conductor and has a high melting point. In its natural form, it is a diamond, and very expensive, as well as not particularly pure. Now that diamonds can be manufactured, they can be held to the desired purity and doped to suit. This use does not compete with jewelry diamonds. The sale of manufactured diamonds as jewelry in order to finance research does compete with the De Beers diamond cartel, and they are not amused.

There is much more to solid state physics and semiconductor manufacture than can be covered here. Interested parties are encouraged to study more. All parties should now understand the term "doped diamond".

regards,

William L. Jones wljones@dallas.net

=================

And some good news

Dr Pournelle, I hope the Lantica people have you on their press release list already, if this is old news to you, sorry.

I just put in my order with the people at Lantica http://www.lantica.com/ 

They claim they are shipping October 15, 2003.

how to get a Q&A database ready to be "translated" to the new Lantica format: http://www.lantica.com/translate.htm 

other questions: http://www.lantica.com/faqs.htm 

Yours,

Mark Hartwell Lake Diabetes Supply, Inc. (~1.5 million / year in sales all entered, shipped, billed and collected in a few Q&A databases.)

And I will try to make contact with them. Q&A was wonderful and I wish they'd kept it up to date. We have pretty well converted all our old Q&A data bases but I sure liked it.

========================================

HOW THE WORM WORKS

A number of readers have sent accounts. I include several. Incidentally, I misspoke: I do and did know more or less how the thing worked, but I didn't have any first hand accounts. Anyway, here is how the worm works:

You said "I still don't know how this thing infects machines, and I am waiting for a good account on how it works without opening mail attachments. I am sure it does that, but I don't know how it does it. That is, I have read accounts of the dcom vulnerability, but I haven't seen any description from direct observation. "

The short version is that the worm infects via the ports that are used for Windows browsing. When you click on Network Neighborhood/My Network Places, you are viewing a list of devices which have announced their presence on the local network -- not over TCP/IP -- and advertised their shared devices, folders, etc. Sharing may be secured (it is not required) by user names (9x or NT kernel) or by shares (NT kernel, with NTFS, IIRC).

NetBIOS is the system of protocols used for this data exchange. It uses TCP ports 135, 137-139, 445. If you look at your firewall logs you may see a lot of attempts using those ports over the last weekend. The worm propagates by sending a probe to those ports -- which every Windows box on a network listens to unless you disable it. It enters through those ports and then exploits the vulnerabilities for which it is coded.

There is much more information available at the Internet Storm Center --

http://isc.sans.org 

FWIW, a huge debate has raged on NANOG, the North American Network Operators mailing list, over when network operators are justified in filtering that NetBIOS traffic -- which most think has *no* business ever being sent outside of the local network. Yet they are loath to dictate to people what they can and cannot do, understanding that to be in violation of how the Internet is supposed to work. It's been interesting.

HTH

Annlee

=

Dr. P,

You've probably gotten lots of feedback on this, but here is how the Blaster worm infects without using e-mail:

Certain versions of Windows (NT, 2K, 2.3K, and XP) have a process running by default that listens on ports 135 and 445 for an incoming signal fo a particular sort. If your computer is directly connected to a network (Internet or in house) and that signal arrives, the computer will try to process it. The Blaster signal has a buffer overflow in it that tricks the operating system into allowing certain commands to run superuser privileges. The commands hack your box, gather software, and then start to scan for other victims on your network.

Blocking those ports via hardware or software firewalls protects you from a direct network attack. But not from opening an e-mail attachment.

-- Don McArthur www.mcarthurweb.com/ gpg fingerprint: A5CC 3225 C944 7C81 2C5D 6701 F44D F4E6 A69B 1530

==

Dr. Pournelle,

It does indeed appear that this new worm/virus does not rely on email for transmission, but rather exploits a known vulnerability in the RPC (Remote Procedure Call) capabilities of Windows. Most articles I've seen today indicate that Win2K and WinXP are the vulnerable OSs, not Win9x. The original Microsoft fix indicated that NT4 was also vulnerable, but due to its architecture could not be patched.

In the following explanation, I am paraphrasing and excerpting from an article at EWeek ( http://www.eweek.com/article2/0,3959,1216823,00.asp ) .

An infected machine spreads the virus/worm (I can never keep the two definitions straight!) by scanning IP addresses, starting at 192.168.0.1, looking for an open TCP Port 135. When the infected machine finds an open Port 135, it uses the RPC exploit to activate a shell on TCP Port 4444 to download the worm to the targeted machine via TFTP.

[I had never heard of TFTP before... the T means Trivial, because it has no security features. More complete definition here. Apparently, TFTP is a part of Windows... perhaps it's part of what makes Windows Update work.]

The file TFTP'd to the target machine is self-extracting, so presumably the RPC script then extracts it, and executes it, and voila, msblast.exe is executing on the target, itself scanning TCP ports for another machine to infect (all the while doing its 60 second countdown to reboot). And so it goes...

I find two things interesting about this virus:

1) The MS patch has been available for about a month, yet probably millions of machines remain vulnerable. Fixing vulnerabilities by relying on users and sys-admins to apply every patch immediately is probably not the long term solution. I know that I see the "New Windows Updates are Available" notification and, as often as not, put it off till a rainy Saturday, or when I get a bit scared about things like LovSan.

2) Nothing I've seen so far indicates that XP-Home is any less vulnerable than XP-Pro. The fix if a machine is infected is non-trivial (PC Magazine). The 192.168.0.x range is commonly used by home networks, and if one of the home machines connects directly to the Internet (without a firewall or NAT router), it could immediately spread the infection to all other machines on that home network. Imagine the workload if only 10% of AOL's subscriber base became infected!

Regards,

Dave KQ3T

===

Dear Dr. Pournelle,

Here is a brief synopsis of how this worm (W32.Blaster.Worm., also named W32/Lovsan.worm.a [McAfee], Lovsan [F-Secure], and some others) works, in case you haven't already received this information.

From an infected machine, the worm scans a random IP range looking for vulnerable systems on TCP port 135. (Win2K and XP machines with the DCOM RPC vulnerability not patched by MS03-026: http://go.microsoft.com/?linkid=220771 

WinNT and Win 2003 Server machines are vulnerable if not patched, but the worm apparently isn't coded to replicate to those systems.

When the worm finds a vunerable system, it sends some code to it, which downloads and executes MSBLAST.EXE from a remote system via TFTP. This writes a registry key:

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run "windows auto update" = msblast.exe I just want to say LOVE YOU SAN!! bill

The infected system may have no symptoms, or may reboot every few minutes. It will start scanning for other venerable systems, and will launch a Denial of Service (DoS) on the Microsoft Windows Update Web server (windowsupdate.com), apparently on a schedule going into 2004. It has no mail capabilities.

Apparently, there are now some variants going around which also carry various Trojans as additional payload.

I logged 431 Port 135 scans yesterday, while connected to the net for < 1.5 hrs.

I look forward to _Burning Tower_.

Best wishes,

-- Earl Everett

And this should be enough.

=============================

 
Particularly:
"And in New York state, Assemblyman Felix Ortiz (D) has proposed six anti-obesity bills, including one that would tax not only fatty foods, but also modern icons of sedentary living -- movie tickets, video games and DVD rentals -- and use the resulting $50 million for nutrition and exercise programs."
I saw this and my head exploded.  We are considered by (some of) our elected representatives/would-be rulers to be insufficiently competent to watch what we eat, and must be coerced by force of law.  Will we now see campains from "concerned parental groups" endorsing waiting periods on a pint of ice cream, because you might eat it in one sitting?  (Do it for the children.)  Next will it be registration of all tableware, as spoons clearly are an attributing factor of criminal obesiety?
 
 
KC Deines

Ah but do not forget the true purpose of government.

 

 

 

TOP

 

CURRENT VIEW 

 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Friday, August 15, 2003

Subject: Couple of news items

Dr P:

Sedimentation rings in old crater on Mars, from APOD http://antwrp.gsfc.nasa.gov/apod/  (Looks like tree rings, doesn't it?)

India to send unmanned probe to Moon before 2008 (Yahoo news) http://story.news.yahoo.com/news?tmpl=story&cid=570&ncid
=753&e=2&u=/nm/20030815/sc_nm/india_moon_dc
 

Regards,

Steven

"There is no law of nature that says the language of space exploration will be English." Robert Heinlein

Jerry,

Beg pardon, I don't mean to pepper you with email, but I wonder:

I've been relying on Gibson Research, www.grc.com , for evaluation of my computer security concerns. I'd like very much to know what you think of the site.

This is the last, for a decent interval at least.

Bill

Steve can sometimes start at shadows (not to say panic), but he's careful and his site is a resource worth visiting often.

As I have said before and I believe am saying in an upcoming installment of the column, there is no perfect safety, but installing a router between you and a high speed Internet connection will take care of most attacks. You can also use a Linux box. 

Turning on the XP firewall helps, as do third party firewall programs; but no software can fully protect the machine it is running on. There are ways to tunnel beneath the firewall and down into the operating system. Having a router upstream from all this prevents most of those attacks from ever getting to the machine in the first place.

There is no perfect safety. There are no perfect routers. Every little bit helps. And don't open unexpected mail attachments.

Turning off my software firewall, Windows has these ports on my

system open and listening for anyone who wants to connect:

Starting nmap V. 3.00 ( www.insecure.org/nmap  )

Insufficient responses for TCP sequencing (3), OS detection may

be less accurate

Interesting ports on <name deleted> (<ip address deleted>):

(The 1597 ports scanned but not shown below are in state: closed)

Port State Service

135/tcp open loc-srv

139/tcp open netbios-ssn

445/tcp open microsoft-ds

1025/tcp open NFS-or-IIS

Remote operating system guess: Windows Millennium Edition (Me),

Win 2000, or WinXP

Nmap run completed -- 1 IP address (1 host up) scanned in 15 seconds

NMap is a very useful little program, with a nice GUI. If you're

a command-line junkie, this command will generate that same

report, if you have installed NMapWin::

CMD: nmap -sS -PT -PI -O -T 3 <ip address>

Annlee

Thanks! Gibson's site now will do a port scan and report also.

Trivial File Transfer Protocol or TFTP is an old protocol. It lacks the overhead of the more well known FTP protocol and most of its features. It is designed to transfer data using a fairly primitive protocol. The most common use of the protocol is to allow a simple device to pull data across the network. An example of this is a number of devices will use TFTP to pull a disk or ROM image across the network to supply a boot image. Since the protocol is so simple it does not take much firmware code to implement a network boot system using this protocol. A few older ISDN (Ascend) used TFTP to apply firmware upgrades. I believe it was originally used to boot diskless Unix workstations. I know of no native use for it in the Windows world.

For Windows update, you should at least have it set to download the patches and notify you. While some people were infected by not applying the patch, at least it was there on the local hard drive and ready. At least one friend of mine was fixed by just clicking the icon and telling it to install. Many of my machines are set to download and apply the patches Sunday at around 3:00am. I have had no problems with that schedule to date. I try to run a full set of updates after I do a full system backup. A USB 2.0 hard drive is a great backup target. It can move from machine to machine and if I want to I can move its data to DVD.

------------ Al Lipscomb MCSE AA4YU "We are running out of TLAs, we will need to start migrating to FLAs"

=======================

More details on the Blaster Worm

Jerry,

I know that you mentioned 'that should be enough' regarding the worm, however some of the e-mail posted had incorrect or misleading information. For a detailed analysis, including commented disassembly of the worm code, your subscribers can look here: http://www.eeye.com/html/Research/Advisories/AL20030811.html . Rather than repeat their excellent analysis, I'll just add a couple of notes related to the e-mail:

- This particular worm has no link with Windows File Sharing.

- Port 135 (the DCOM RPC Port) is not blocked by default in any of the major software firewall packages; it takes a bit of advanced configuration to add a firewall rule to block the port completely. The worm also uses additional ports that should be blocked (see the article for more details). Users should be careful about disabling DCOM (the process, not the port) completely, as the windows task scheduler requires it to be active. Unfortunately, Norton Antivirus uses the WTS to schedule virus scans, so it would be A Bad Thing (tm) to disable it completely. Other side affects may also occur.

- Steve Gibson ( www.grc.com ) has a specific Port 135 scanner available (although it's heavily loaded at the moment) for folks to test and see if they are protected. However, there are numerous reports that the FCC has ordered major ISP's to filter Port 135 (and others used by the worm), so a 'protected' response from GRC may or may not indicate true protection. Steve's new scanner is pretty good at detecting the ISP's transparent filters and proxies though, so it's still worth the effort to check. Please also note, that the patch doesn't close Port 135, so you can be protected from this worm, and still have an open port.

- Microsoft has alternative patch download paths that they are going to make available. Users can go to www.microsoft.com for more details if the DoS attack succeeds on Saturday. For the specific attack schedule, again see the article above.

- Finally, removal is actually fairly trivial for the original species. From the link above:

Removal: Delete the following registry key: "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" Value: "windows auto update" String: "msblast.exe" Look for "msblast.exe" running in the task manager. If it is running, kill the process. Delete the file "%systemroot%\system32\msblast.exe" And then, of course, patch the system. Rather than confusing my friends and colleagues about specific operating systems that are vulnerable, I'm just telling them all to go to the update site and apply all critical patches. There's another vulnerability with IE that allows a malformed midi file to take control of your machine (which would tunnel right past all the firewalls, port closures, and most web content filters) that also has a patch available. It's a Good Idea (tm) to do that once a month.

Best wishes, and congratulations on completing the book.

Cheers,

Doug

Doug Lhotka doug@lhotka.com www.lhotka.com/doug

PGP Sig: C2F9 EB96 127A D4DD 02C7 ABE0 13A0 4C30 9C93 9D6F

"Liberalism is a philosophy of consolation for Western Civilization as it commits suicide." ~ Jim Burnham

"I swear, by my Life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine." ~ John Galt, Ayn Rand, Atlas Shrugged

 

 

On another subject, from Ed Hume:

Biowar fights Chemwar

From http://www.strategypage.com/fyeo/howtomakewar/
default.asp?target=HTCHEM.HTM
 

August 14, 2003: American scientists have bred a bacterial enzyme that destroys the ability of nerve gas to injure or kill. The enzyme has been tested on Soman, one of the more common nerve gases. The enzyme is being modified to operate more quickly, and it's expected the enzyme could be used in gas mask filters, and to clean up areas that have been contaminated by nerve gas.

My guess is the latter use will be first by a good bit, but that's important too.

And on yet another subject:

Solar Metallicity and the Fermi Paradox 

I've been monitoring the results on extra-solar planetary systems. Apparently there's evidence that star metallicity is key to the presence of planets. Stars with a metaliicity <0.33 times the solar value don't seem to have planets, while stars with a metallicity two or three times the solar value have planets, but they're hot Jupiters. Stars with solar metallicity seem to have about an 8% chance of having planets.

The implications are interesting--both as an explanation of the Fermi paradox and as guidance for where we should look for civilizations.

--- Harry Erwin, PhD, Senior Lecturer of Computing, University of Sunderland. Computational neuroscientist modeling bat bioacoustics and behavior. <http://osiris.sunderland.ac.uk/~cs0her/index.html>

Thanks.

And we have:

Interesting implementations for the future of flight:

< http://www.popsci.com/popsci/aviation/article
/0,12543,473272-1,00.html
>

Pete

It's an ugly sucker...

 

 

 

 

 

TOP

CURRENT VIEW 

 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Saturday, August 16, 2003

Subject: WolfPack.

http://www.defenselink.mil/news/
Aug2003/n08142003_200308147.html

Roland Dobbins

And that certainly goes in High Tech Wars...

Dear Jerry—

Well, the ‘Great Power Outage’ wasn’t so bad, at least in my area (southeast Michigan). We had no power for about 24 hours, and never lost our water or phone.

Haven’t yet heard the cause of the cascade blackout; human error, faulty old equipment, terrorism, combination of factors. But the situation put me in mind of a Piper story, ‘Day of the Moron’. In it, some disgruntled atomic power plant workers going out on strike haphazardly repack a breeder reactor. Hours later this causes critical mass and an explosion, resulting in a massive power outage.

Assuming it was human error, Beam’s description would be applicable today, 52 years after the publication of his cautionary tale.

Why, the whole plant’s gone! There aren’t enough other generators in this area to handle a hundredth of the demand.’ (Worlds of H. Beam Piper, pg. 229)

‘The people to think about were the millions in Greater New York, and up the Hudson Valley to Albany, and as far south as Trenton, caught without light in the darkness, without heat in the dead of winter, without power in subways and skyscrapers and on railroads and interurban lines.’ (ibid, pg. 230)

‘He’d need both, the gun as much as the light—New York had more than its share of vicious criminals, to whom this power-failure would be a perfect devil-send…Together, they left the room and went down the hallway to the stairs and the long walk to the darkened street below, into a city that had suddenly been cut off from its very life-energy. A city that had put all its eggs in one basket, and left the basket in the path of any blundering foot.’ (ibid, pg. 231)

I notice that ‘human error’ would also include your ‘efficiency versus reliability’ argument—possible bad decision-making by the decision-makers. (A moron at the top echelon rather than bottom as in Piper’s story.)

--John A. Anderson

Beam was one of the sharpest knives in the drawer no question about it.

Jerry:

Thanks for the information on the Frankenworm. I got my wife's computer patched up and running which is making her much happier. Unfortunately, I don't have any computer savy friends that I could get a copy of the patch on disc from, so I took it in to Best Buy and paid them a not unreasonable fee to download it into the machine. I'll have to check to see if they closed off the vulnerable data ports. Now that computers are being used far more for communication rather than computation, I expect that they'll become the almost exclusive province of women.

Your comments about the efficiency of the power grid making it less reliable and more vulnerable to attack are interesting. The one comment that I might add is that just about a decade ago utility execs would use natural gas fired power plants only to meet peak loads and would rely on coal, nuclear and wherever available, hydro to meet base loads. The political turmoil caused by the environmental movement has made the construction of base load plants unfeasible, so new construction has been almost exclusively gas fired. The impressive increases in thermodynamic efficiency made possible by combined cycle plants has made this approach less illogical then it might have been. However, the efficiency of these plants combined with the fact that they use the atmosphere rather than cooling ponds as a heat sink also makes them vulnerable to large decreases in efficiency and more importantly, peak capacity whenever ambient temperatures rise. As the generating capacity of local, gas fired plants dropped during the heat wave, utilities were obliged to transfer more power from base load plants which of course put more stress on the transmission grid.

The comments by the energy secretary were grossly disappointing. He should have taken advantage of the opportunity to get people to think rationally about energy policy. This would concentrate on Ocean Thermal and nuclear in the near term, perhaps with a revival of coal, then make the investments to develop space launch technology so that we can build powersats. Unfortunately, he started beating the drum for alternative energy sources like wind, solar and fuel cells. While they have succeeded in making wind power marginally cost effective in certain locations, the available resource is simply to limited to make much of a difference and the prime locations are always environmentally sensitive and scenic. Fuel cells are a seductive idea to those who presume there are hydrogen wells. (The fact that the econazi's aren't filing injuctions to impede the drilling of hydrogen wells should make it obvious that they are fictitious.) Roof top solar collectors seem reasonable, especially to meet air conditioning loads during a heat wave, but people forget that you need tens of square kilometers of collectors per gigawatt even in full sun light. Such a technology makes sense if and only if the population were dispersed across the county side rather than concentrated in cities. I tend to think that such dispersal would be a good thing because it would make us less vulnerable to nuclear war and terrorism as well as promote conservative values. (Go look at the famous Bush vs Gore voting map. A similar map showing population densities would be almost identical.) However, environmentalists are determined to drive the people off the land and into the concentration camps that are commonly known as cities. (I really shouldn't complain too much about these policies because I've managed to exploit Oregon's land use planning laws and Urban Growth Boundary to make a lot of money, but it is still a stupid policy. If my latest real estate venture succeds, I'll be able to move my family to a place somewhat akin to the Jellison Ranch in "Lucifer's Hammer." Who knows, perhaps my daughter will become an accomplished equestrian?)

James Crawford

====

Dr. Pournelle,

Here's a possibility no-one seems to have covered yet:

A lot of electricity control systems use a system called SCADA. SCADA uses Windows, and its main form of communication uses RPC. The MS Worm of the month exploits RPC on Windows.

Regards, -- Harry Payne "We have to get away from the ethos that knowledge is good, knowledge should be publicly available, that information will liberate us. Information will kill us in the techno-terrorist age, and I think it's nuts to put that stuff on Web sites." - University of Pennsylvania bioethicist Arthur Caplan.

Aaargh!

 

 

TOP

 

CURRENT VIEW 

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

read book now

TOP

Sunday, August 17, 2003

Flash: Golbal Warming isn't man made...

Hello,

take a look at this:

http://www.spacedaily.com/news/climate-03s.html 

Andreas Reichl

The evidence piles up, but of course the media and the enviro lobbies including "scientists" have far too much at stake to pay attention to mere evidence.

We still need to find out more before we start spending big bucks on remedies.

Dear Dr Pournelle, "In theory an astute enough political organization devoted to creative destruction of state mechanisms could be devised."

That was the function of Frank Herbert's Bureau of Sabotage ("The Whipping Star", et al.); it arose by quite different mechanisms. Specifically, illegal ones.

Since Empire is such a popular topic these days, let's examine how one empire did that job. For Hong Kong the rubbing surface between the law and the needs of the people was lubricated by bribery, the Tongs (representing BuSab), and ancient custom. British magistrates were not so silly as to impose their standards of legality or morality where it could be avoided.

For example, in disputes over who owned a chicken, or who got water turned on, the administration gave litigants a choice: Chinese customary law - which was quite well documented - or British Common Law. Strangely enough, both litigants would pick Chinese customary law every time, according to one of the magistrates involved. Presumably because they had to live with their neighbours afterwards.

None of this meant the Tongs could tick off the Governor-General with impunity. It simply meant that the colonial administration was able to apply the spirit of the law in dealing with miscreants. The last thing the Brits wanted was a situation like that which applied in the Spanish empire - "La ley se cumple pero no se obedece". The Tongs were tolerated because they made a measure of public order possible.

It would not surprise me in the slightest if the American mob and whatever supplants it comes to fulfil the same functions as BuSab. There is a sort of conservation principle operating here - if we the people vote for politicians who promise programs we find desirable, then fail to fund them, what will give? The politicians will find a way to deliver us to the Tongs and the mob.

As it happens I don't think that is a necessary outcome. But that is because I don't believe America, or its cousins, is evolving into anything like what is popularly thought of as an Empire.

Regards, TC

-- Terry Cole SA, OU Maths & Stats (tcole@maths.otago.ac.nz) PO Box 56, Dunedin, New Zealand. Tel:64 3 4797739

Of course Frank was writing science fiction. And was it Kornbluth who wrote a story [The Syndic???] about how the mob had taken over America and pushed the government into the sea. But then all those mobsters were nice guys...

Subject: What the world thinks of America

What the world thinks of America: http://www.cbc.ca/news/america/index.html 

Seems they don't like us. 48% of Koreans think we're a greater threat to world peace than North Korea, for example. This dovetails quite nicely with the let's-bring-our-boys-home sentiments I've been reading. It also finds support in VD Hanson's latest piece:

http://www.nationalreview.com/hanson/hanson081403.asp 

Gosh, it would be a lot cheaper to let the world stew in its own juices.

Ed Hume

Well, my view is we have enough problems at home. But we seem to be headed toward an empire anyway.

Also from Ed Hume:

SCO-Nigerian connection

http://arstechnica.com/wankerdesk/03q2/nigerian-sco.html 

I am shocked, shocked I say..

 

 

 

  TOP

CURRENT VIEW

Entire Site Copyright, 1998, 1999, 2000, 2001, 2002, 2003 by Jerry E. Pournelle. All rights reserved.

birdline.gif (1428 bytes)