Ozzard

Where do viruses come from?

As I say on my home page (see my profile if you want to get there - I *think* it's public)... there are two of the seven deadly sins that drive the 'Net as they drive everywhere else. They're greed and vanity. Virus writers aren't immune.

Vanity: There is a certain cachet to being the notorious hacker who wrote such-and-such a virus. Viruses of this type are signed (sometimes subtly) by the writer, usually with their handle. This was the original reason for most virus-writing: "look what I can do, folks".

Greed: Viruses, but more particularly worms and trojans, can drop other malware on a system. Malware that can key-log and screen-scrape, reading your credit card number and expiry date as you key it on a shopping page, or your social security number, or your bank username and password. There is increasing evidence that the sophisticated modern malware is written by organised crime groups - and occasionally national governments - to be used as a data extraction tool. The results can be pretty lucrative.

I'd also add: revenge and pure destruction. The Chernobyl virus (one of the very few to cause *hardware* damage as opposed to merely software damage) was in this category. Someone was pissed off with the world, and wanted the world to know it. They succeeded - two of my acquaintances needed new motherboards post-Chernobyl after their BIOSes got trashed and they realised the flash memory carrying the BIOS was flow-soldered to the board.

This is a primer. Happy to go deeper - and include topics like phishing, zero-day attacks, spear-phishing and the like - if folks want, but it's probably time to split the thread if we do.

- Peter

http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/

A good example of why one should choose one's sources carefully. That's dated 2004, and was inaccurate then.

Firstly, it ignores the only worm that took down the Internet - the Morris worm of 1988. Presumably the writer wasn't around at that time. I was, and well remember pulling the University of Manchester network off the 'net while we ran round patching the UNIX machines (SunOS, particularly) and VAXen against the hole in sendmail it was exploiting. The Sun monoculture at that time was a tempting target, and it was exploited in the same way that the Microsoft monoculture now is exploited. No virus or worm since that date has managed to do such damage to the infrastructure - although much of that is due to the larger size of the 'net now.

Secondly, increasing vulnerabilities have been found and are continuing to be found in Mozilla and Firefox. Have a look at the new releases "for security issues" on Firefox.

Thirdly, there are some stupidities even now - like the dead simple BSD telnet exploit that was fixed in 1993 and has just reappeared in Solaris 10 and 11. UNIX, once again. Poor regression testing isn't just a problem at Microsoft, it appears. These are not unusual, and they get exploited.

I agree entirely with the writer's point that running with elevated privilege is inherently insecure, and that Microsoft OSs (because of the past history of poorly-behaved applications) encourage that while UNIX systems discourage it. I agree with his point that the monoculture will be targeted. But he really should try to produce an article that gets the facts right - and, arguably, we should now be quoting from 2007 articles, not 2004 ones.

- Peter

I really would hate to see the alignment pack go to the crusher.

Look around for computer or technology museums and offer it to them. Seriously. I sold my Sun-2/50 to one a few years back, and my father donated several boards and notebooks plus photos of London Atlas to the Science Museum over here.

Yes, they *mostly* run large. I'm generally a UK 10/11, and I find an Evans 10 is often too large for me. That said, I got one pair last year (mail-order) that claimed to be an Evans 10 but were closer to a UK 9 (and, on reading the size label, that would have been a better translation). The moral of the story? Go to the shop and try 'em. The staff are fine with it (they were mildly amused at the banter last time I went with my wife and we traded opinions of the "suits you / no it doesn't" kind) and you'll get a better fit. Store staff have seen it all before.

I thought that was merely the world's first jet powered commercial aircraft. Nevertheless, I'm still having trouble getting my mind around a 110 lb. woman poking holes in an aircraft floor rated at 1 ton per square inch.

You're right, I mentally typed the word 'jet' but it didn't come out of my fingers! I apologise.

Not all flyers are 110lbs - and some of the weightier ones wear (and wore) heels. Think about someone (say) 180lbs walking, so all the weight's on one foot. Now think of them putting that foot down at a slight angle. It's apparently surprisingly easy to get a metal floor to tear at that point.

Funny story. My paternal grandfather was a metallurgist - worked on propeller strength during WW2, then went on working with aircraft. He was involved with the Comet, the world's first commercial (EDIT: jet) airliner. As with any other part of an aeroplane, flooring needs to be as light as possible - so the loading is considered. The Comet initially had a floor loading of 1 (English) ton per square inch. Worked fine until stiletto heels came in in the '60s, at which point you had women walking into the aircraft and punching a neat row of holes through the cabin floor into the (unpressurised) cargo hold! So they had to take the floor loading up to 3 tons per square inch, with the corresponding increase in weight... I wonder what the carbon footprint is of all the extra metal that's been flown round the world in the interests of stopping high-heel wearers punching holes?

you forgot "good teeth and sweet breath."

Some who know me might think that deliberate...

So then, what DOES a woman find sexy on a man?

Generally, from the women I've asked that question of: no paunch, tight enough clothing to see that, an upright and confident stance, and a smile! Then some indication of culture and a sense of humour when he opens his mouth.

Clothing is rarely a consideration.

Catharsis is helpful, and in many cases necessary. I hope I speak for everyone here when I encourage you to post whatever you're comfortable posting - and to withhold everything you're *not* comfortable posting! This is, after all, a public forum, and the text typed here will live on in internet archives essentially forever.

in regards to posting, I needed to watch out and protect my anonymity

Gave that up a while ago - Google for 'Ozzard' and you'll see what I mean! The key people in my life already know; I did that a while ago when involved in a reasonably large company deal, mainly to make sure it wasn't usable as blackmail material. Other people can take me as I come. Many of my friends already do, and few have batted an eyelid*. Clients already see a rather odd long-haired guy who comes to high-level meetings in jeans and a T-shirt; few would be surprised by anything they find out about me, I think, but I'll stay away from that simply to limit the cognitive dissonance they experience during meetings.

- Peter

* Although I've had a couple of superb 'takes' and some amused conversations - "You're wearing a skirt!" "Yeah, have done for years, I'm just getting more open about it." "Cool! (pause) You know I'm going to take the rip mercilessly?" "Go ahead - everyone else does." (He hasn't commented since)

I told her everything, and she was shocked at first, but through time, we worked things out and took each other as we were.

Absolutely essential. My relationship with my spouse is the closest relationship I'll ever have. If it's not based on mutual friendship, trust and respect, then all the love in the world isn't going to hold it together. And to get that trust, each needs to know who the other is - and be updated as people change, 'cos they do change over time.

- Peter

Oh yeah - a postscript. If my wife ever reads this... hi love, and thanks for taking the time to get to know me as I am!

But, when I or any other woman say "NO" to behavior forced on us, that man is out of options!!!!

Quite.

Does this also apply other ways round, i.e. in a gender-neutral way? When I or any other man say "NO" to behaviour forced on us (and it does happen), is that woman or man out of options? I'd say "Yes!" but I'm interested in your views.

I find Midas to be pricey enough without asking her to make bespoke garments.

Heh. I didn't say bespoke - I hope there are enough folks like me out there that something longer can be a part of their range. I can get (just about) long enough skirts from places like Long Tall Sally, but the shape around the hips is just *wrong*.

If you grew up in the punch card era, then 560-bit or 640-bit floppies should be well known to you!

Skirts - wearing one as I type this. I like long skirts - ankle-length or longer - so kilts aren't really an option for me. Jon - can you persuade Sissy to design some *long* skirts for men? I'd happily pay Midas' prices if they had any designs I actually *liked*! Maybe I should just drop in on them, given that we're all in the same town.

Heh. As long as you're both happy with that, all the best to you!

'Wasn't that the home of the "BRAINIAC"'

University of Pennsylvania for ENIAC (but that wasn't stored-program), Cambridge (UK) for EDSAC. Manchester had the much more prosaically-named Mark 1, and before that the Baby (http://en.wikipedia.org/wiki/Small-Scale_Experimental_Machine). http://www.computer50.org/ for more information if you're interested - there are some fun snippets in there for the technically-minded.

Aside: A 4th-generation Manchester machine - Atlas - was the first computer with virtual memory. I heard (but cannot vouch for the accuracy of) a story that University of Manchester held the patent on virtual memory for some time, before it was sold to IBM for far too small an amount of money because someone at UoM didn't know what they were selling.

Yes, oil-cooled. As one of his many maintenance jobs, my father wrote test code to exercise different parts of the system - and got rounded on by the hardware designers for writing code that continually flipped one word of memory to test the oil cooling. "It's not designed to take that - the cores will overheat!" I'll look at alt.folklore.computers - hadn't seen that. I went to University of Manchester, who lay claim to having the first digital electronic stored-program computer, and was taught by two of the PhDs (professors by the time I knew them) who worked on the Mk I. Dad also was maintaining mainframes in 1961. Having run a 1960s mainframe at school, it's left me with something of an interest. (Edit) 5 1/4" floppies?! New technology! (looks at the pile of 8" floppies in the corner on top of the PDP-11, just by the QIC-150 tape drive)

"Watercooling rocks"? Hmm. My present PC is watercooled. I love it. However, I'd refer folks who want to try it to http://theozzardofwiz.livejournal.com/11509.html for how to steam-clean a computer if they want to try it themselves - basically, make sure your plumbing skills are up to scratch. Mine weren't!

The total core capacity... yes. My father was involved in designing some of the early 1970s mainframes for ICL. The 2900 series had a maximum addressible memory of 4 Mwords (12 Mbytes, I *think* - will ask). Why? Because if you put the memory around the CPU on 50 foot cables, on 3 floors, with the best aircon you could install, that was as much as you could fit before the cooling gave up the ghost. Now a typical mobile phone has 32 Mbytes (10 Mwords at that word size) of RAM, with a massively faster cycle time. We couldn't take cores out of the mainframe I worked with - they were oil-cooled, for speed.

After recently being dinged by Ritchie for going off-topic, I suggest anyone who wants to carry on reminiscing (if I can spell!) about old machines uses the Cafe thread http://www.hhplace.org/discuss/hhplace_cafe_general_chit_chat/7141-ancient_history_heavy_metal.html - I've just added my comments to that.

(Transferred from an incidental discussion in http://www.hhplace.org/discuss/hellos_goodbyes_introductions/7060-hi_folks.html where a couple of folks were talking about old computer technology. This is about the technology. If you're not interested in folks sitting round doing The Four Yorkshiremen impressions with regard to computers, you probably don't want to read the rest of it :-) )

Despite being a relative youngster, I wrote my first program by punching chads out of punched cards. By hand - none of these typewriter-style punches! I've toggled the boot code into a mainframe via the front panel, have helped to tune the memory access speed of core store (we got 10% out of it before we started getting errors and had to back off - overclocking in the 1960s!) and have dragged several hundredweight of kit up the ramp into the machine room. In trainers - wouldn't fancy doing that in heels!

Ahhh, memories... :-)

Jumping in here... I've been out (carefully!) in 6" heels (but I'm a UK 11), and gone to Rocky Horror Show (twice) in 5" heels - probably the equivalent of a hair over 4" in your shoe size. As the other folks have said, key is to practise. Think of it like any other physical exercise or sport - you don't run a marathon immediately. If you're me, you don't even run a mile immediately! Instead, you start with something that you know is under your control; and you build up, stretching yourself a little each time you exercise and backing off if you get too tired. Wearing high heels is (at times very tiring) physical exercise. Start off with something lower and work up over an extended period - weeks to months - stretching yourself slowly. There are plenty of wedge- and blade-heeled boots around in the UK at the moment; they might be worth considering. They're fashionable, relatively cheap, and perfectly reasonable day wear. The advantage of a wider blade heel is that you're not both learning to walk in a higher heel and balance on a spike at the same time - to use a different analogy, it's a bit like stabilisers on a bike. Yes, you can learn to ride a bike without stabilisers, but it'll probably take longer and you'll end up with some scratches from falling off. I'd humbly suggest avoiding doing yourself damage - respect your body (it's the only one you'll get) and go cautiously. Best of luck working up the height and the confidence. You can do it! - Peter

Can I just suggest making sure you can cope emotionally as well as physically? Elsewhere you mention courts with locking straps, here you mention doing this "for" your husband. That combination could mean a number of things, from safe sane+consensual to anything but! Before starting down that road, are you *absolutely sure* you're a) happy with where it'll lead and/or happy you can get off it if it turns in a direction you're not comfortable with? If not, I'd be very cautious about starting down that road. Otherwise, I'm with Hoverfly: start low and build up, practising over time. You'll be more comfortable and far better able to walk in 'em! This means that the (probably) 4+" locking heels are almost certainly too high to start with if you're not already used to something quite close to that height. All the best, - Peter

I'd merely add: If you routinely stand with one foot in front of the other, make sure you alternate which foot it is, else you'll stretch the two legs slightly differently.

Here are the principles I operate to - an opening for discussion!

• I should not be able to force you to do what I want you to do.
• You should not be able to force me to do what you want me to do.
• We may discuss rationally; force (including emotional force / blackmail) is not allowed.
• If we are doing something that requires both of us (example: a night out), and we cannot agree on what that requires (example: I want to come along in glitter heels, a fluorescent tutu and a kipper tie; you want me to come along in a sober suit; we can't meet in the middle) then the something that requires both of us, ultimately, doesn't happen. This includes marriages, in the long term.