Vista Didn’t Fail Because of Security

Bruce Schneier points in his blog to an article in The Telegraph in which Steve Ballmer blames the failure of Vista on security. Every security person around should clear their throat loudly. Security is not what made Vista unpalatable.

Many people liked Vista. My tech reporter friends not only adored it, but flat couldn’t understand why people didn’t adore it. I have a number of other friends who adored it. In assessing Vista, this is important to keep in mind. Despite its bad rep, many people liked it. So why did many people not like it?

First, there were the gamers. Before Vista came out, Microsoft did a lot of marketing Vista to gamers. There were kiosks at gaming conventions and other places touting Vista as a gaming platform.

Unfortunately, it wasn’t. Reliable tests at the time said that Vista ran games about 20% slower than XP. Compounding this was that among the drivers that were dodgy when it first came out were video drivers. Many gamers felt that they had been sold a pig in the poke, and there was merit to this claim. Hardcore gamers are people who will spend money on bleeding-edge kit, and it was precisely this bleeding-edge kit that didn’t work well at first. And whatever it was that made games run slower (even if it was security features), that’s not the point. Microsoft’s statements to the gamers was that their gaming experience would be better on Vista, and it was worse. Once the 4chan crowd starts making memes about suckage, you’re behind the eight-ball.

Second, there were the cheapies. Many machines were marked as Vista-capable that either weren’t, or could only run the basics of Vista and not the fancy new stuff. There is an aphorism that Intel giveth and Microsoft taketh away. The problem is that most of the PC makers will try to sell you the cheapest possible computer, and these cheapest possible computers just didn’t have enough oomph to do Aero and the cool features in Vista. Microsoft took more than Intel gave and the customers felt they’d been sold a pig the poke. There were even lawsuits over this, and it added to Vista’s bad rep.

Third, there were the people on laptops. For whatever reasons, when Vista first came out, it was slow on laptops. One of my co-workers bought a ThinkPad to run Vista on for testing alongside her existing XP laptop, and it was much slower than the XP laptop running side-by-side.

I will add another personal anecdote. My brother-in-law bought my sister a brand-new Vista laptop. It ran slower than his older XP laptop. It was so bad that he would turn the screen of his XP laptop away so that she wouldn’t see him running XP and mentally compare it to her new laptop.

On the other hand, to repeat, the people who had high-end machines but not bleeding-edge machines adored Vista. If you had lots of memory, a not-quite-bleeding-edge video card, and a fast processor, Vista was great from the getgo.

However, this was not the buying trend of most PC makers. Their trend was to push people to ever-cheaper machines. Sadly, at the time Vista came out as well, all but the most expensive laptops were dodgy for Vista in all its glory.

This is a matter of zigging when you should have zagged, for the most part. But there were two other trends that caught Microsoft by surprise.

The first trend was virtualization. Vista was virtualization-surly. One of its cool features that’s great if you’re on a high-end computer is that it did a lot of pre-caching and pre-loading. Most people with lots of memory on a computer just don’t use that memory, and Vista had ways to use it to make the experience snappier. If you’re on a VM, this is precisely what you don’t want. In an ironically saving grace, though, Vista had a virtualization-surly license, as well. Only the most expensive Vista package was licensed for VMs, which was just as well given that it was optimized for big tower computers in a way that it was pessimized for VMs.

The second trend was netbooks. Intel gave not in the form of faster CPUs, but lighter, smaller, cheaper, less power-hungry CPUs in the Atom. The Atom, however, didn’t have the oomph for Vista, and this meant it had to run XP, which further tarnished Vista’s rep.

All of this together — bad performance among gamers, bad performance on cheap computers and laptops, combined with the trends towards virtualization and netbooks were what gave Vista a bad rep. The people who bought a computer that was a high-end desktop but not a gaming machine loved Vista (and love it to this day). Unfortunately, this demographic is precisely the demographic that also tends to buy Macs. Vista’s problems were all from zigging when you should have zagged.

Some of Vista’s problems can be laid at the feet of “security” (which I intentionally put in scare quotes. UAC was rightly ridiculed for excessive dialogs, but is that a security failure or a UI failure? Yes, kernel improvements delayed getting drivers out (which is one of the things that made the gaming experience suboptimal) and some other bumps. But those were compounded by marketing that went opposite of reality. If the Vista marketing had said, “Hey, it’s going to be a bit slow, and there will be some rough edges. But you’ll really like how we’re sticking it to virus writers” then there may have been a different perception. It is also not fair to blame counter-factual marketing on security.

The bottom line is this. Vista was great for some people. It was bad for others. But the marketing said it was going to be great for everyone. Good marketing that took Vista’s plusses and minuses as facts could have made things better. It was bad timing that Vista came out when the prevailing trend of every-faster computers everywhere started to change. Facing that could have made the difference.

None of that has anything to do with security.

Happy Emancipation Proclamation Day!

That on the first day of January in the year of our Lord, one thousand eight hundred and sixty-three, all persons held as slaves within any state, or designated part of a state, the people whereof thenceforward, and forever free; and the executive government of the United States [including the military and naval authority thereof] will, during the continuance in office of the present incumbents, recognize [and maintain the freedom of] such persons, as being free, and will do no act or acts to repress such persons, or any of them, in any efforts they may make for their actual freedom.

Unsurprisingly, Wikipedia has a good article on the Emancipation Proclamation.

[Quick update: Bryan Carter has a great photo he mentioned in the comments.]

Caster Semenya, Alan Turing and “ID Management” products

caster-semenya-cover-girl.jpgSouth African runner Caster Semenya won the womens 800-meter, and the attention raised questions about her gender. Most of us tend to think of gender as pretty simple. You’re male or you’re female, and that’s all there is to it. The issue is black and white, if you’ll excuse the irony.

There are reports that:

Two Australian newspapers reported Friday that gender tests show the world champion athlete has no ovaries or uterus and internal testes that produce large amounts of testosterone. … Semenya is hardly alone. Estimates vary, but about 1 percent of people are born with abnormal sex organs, experts say. These people may have the physical characteristics of both genders or a chromosomal disorder or simply ambiguous features. (“When someone is raised female and the genes say XY,” AP)

For more on the medical end of this, see for example the “Consensus statement on management of intersex disorders” in the Journal of the American Academy of Pediatrics.

The athletics associations rules don’t cover all of these situations well. The real world is far messier and more complex than most people have cause to address. There are a great many apparently simple things that are really complicated as you dig in.

What the sports associations and news media are doing to Semenya is reprehensible. (There are over 10,000 stories listed on Google News, versus 13,000 for Derek Jeter, who just broke a Yankees record.) She didn’t come into running knowing that she had no ovaries. Having to deal with the identity issues that her testing brings up under the harsh light of the entire world (including me) is simply unfair.

It’s unfair in almost the same way as the British government’s treatment of Alan Turing, the mathematician who Time named one of the 100 most important people of the 20th century for his fundamental work on computers and cryptanalysis. Turing was also a convicted homosexual who committed suicide because of his “treatment” with estrogen, which caused him to become impotent and to develop breasts.

This week, Gordon Brown issued an apology entitled “Treatment of Alan Turing was ‘appalling’:”

While Turing was dealt with under the law of the time and we can’t put the clock back, his treatment was of course utterly unfair and I am pleased to have the chance to say how deeply sorry I and we all are for what happened to him. Alan and the many thousands of other gay men who were convicted as he was convicted under homophobic laws were treated terribly. Over the years millions more lived in fear of conviction.

I am proud that those days are gone and that in the last 12 years this government has done so much to make life fairer and more equal for our LGBT community. This recognition of Alan’s status as one of Britain’s most famous victims of homophobia is another step towards equality and long overdue.

Sports officialdom and state governments are different. Sports are voluntary associations, although athletes have little influence on the choices of international sports functionaries. Either way, watching the chaotic world crash onto the inflexible bureaucracies is tremendously frustrating to me.

As more and more of the world is processed by Turing Machines, assumptions that seem obvious to the programmer are exposed harshly at the edges. A friend with a Juris Doctorate recently applied for a job online. The form had a field “year you graduated from high school” that had to be filled out before she went on. Trouble is, she never did quite finish high school. She had the really relevant qualification-a J.D. from a good school. But she had an emotionally wrenching choice of lying on the form or not applying for the job. She eventually chose to lie, and sent a note to the HR people saying she’d done so and explaining why. I doubt the fellow who wrote that code ever heard about it.

I have a challenge to anyone involved in creating an online identity management system: How well does your system handle Semenya?

The typical answer is either that “that’s configurable, although we don’t know if anyone’s done exactly that” or “she’s an edge case, and we deal with the 95% case really well.” If you have a better answer, I’d really like to know about it. And as a product guy, those are likely the decisions I’d make to ship.

I’ll close by echoing Brown’s words: We’re sorry, you deserve so much better.

Rebuilding the internet?

Once apon a time, I was uunet!harvard!bwnmr4!adam. Oh, harvard was probably enough, it was a pretty well known host in the uucp network which carried our email before snmp. I was also harvard!bwnmr4!postmaster which meant that at the end of an era, I moved the lab from copied hosts files to dns, when I became adam@bwnmr4.harvard…wow, there’s still cname for that host. But I digress.


Really, I wanted to talk about a report, passed on by Steven Johnson and Gunnar Peterson, that Vint Cerf said that if he were re-designing the internet, he’d add more authentication.

And really, while I respect Vint a tremendous amount, I’m forced to wonder: Whatchyou talkin’ about Vint?


I hate going off based on a report on Twitter, but I don’t know what the heck a guy that smart could have meant. I mean, he knows that back in the day, people like me could and did give internet accounts to (1) anyone our boss said to and (2) anyone else who wanted them some of this internet stuff and wouldn’t get us in too much trouble. (Hi S! Hi C!) So when he says “more authentication” does that mean inserting “uunet!harvard!bwnmr4!adam” in an IP header? Ensuring your fingerd was patched after Mr. Morris played his little stunt?


But more to the point, authentication is a cost. Setting up and managing authentication information isn’t easy, and even if it were, it certainly isn’t free. Even more expensive than managing the authentication information would be figuring out how to do it. The packet interconnect paper (“A Protocol for Packet Network Intercommunication,” Vint Cerf and Robert Kahn) was published in 1974, and says “These associations need not involve the transmission of data prior to their formation and indeed two associates need not be able to determine that they are associates until they attempt to communicate.” That was before DES (1975), before Diffie-Hellman (1976), Needham-Schroeder (1978) or RSA. I can’t see how to maintain that principle with the technology available at the time.

When setting up a new technology, low cost of entry was a competitive advantage. Doing authentication well is tremendously expensive. I might go so far as to argue that we don’t know how fantastically expensive it is, because we so rarely do it well.

Not getting hung up in easy problems like prioritization or hard ones like authentication, but simply moving packets was what made the internet work. Allowing new associations to be formed, ad-hoc, made for cheap interconnections.

So I remain confused by what he could have meant.

[Update: Vint was kind enough to respond in the comments that he meant the internet of today.]

Today’s Privacy Loss – English Soldiers’ Details Published

Demonstrating that no one’s data is safe, the names, pay records, and other personal information of 90,000 English soldiers was placed on the Internet. These soldiers, who served with king Henry V at Agincourt now have their information listed at www.medievalsoldier.org, exposing them to the chance of identity theft after nearly 500 years. They soldiers served from the years 1369-1453. There is no word as to whether they will get credit card protection yet.

Va Pbaterff Nffrzoyrq, Whyl 4 1776

My usual celebration of Independence day is to post, in its entirety, the Declaration of Independence. It’s very much worth reading, but this year, there’s a little twist, from a delightful story starring Lawren Smithline and Robert Patterson, with a cameo by Thomas Jefferson. Patterson sent Jefferson a letter which read, in part:

“I shall conclude this paper with a specimen of such writing,” he boasted, “which I may safely defy the united ingenuity of the whole human race to decypher to the end of time….”

patterson-enciphered-declaration.jpg

Well, perhaps it didn’t last until the end of time, but the cipher apparently lasted until now, which is pretty darn good.
There’s an article in
Harvard Magazine, and one in American Scientist, but it’s behind a paywall. Finally, the Wall St Journal has an article, which mentions, both without linking to either.

I think what I really like about this story is how a mathematician bothered to send his new ciphertext to the author of Virginia’s statue on religious liberty (as our third President preferred to be remembered). Having just finished Steven Johnson’s very enjoyable “The Invention of Air,” I’m struck by how broadly engaged with science and the useful arts the founders were. I think that sending an encrypted letter to President Obama would get you … well, I don’t really want to think about it, having just read the Declaration.

Citizens, Juries and other Balances

the farewell kiss you dog.jpgFollowing on my post on Parliaments, Dukes and Queens, I’d like to talk about other checks on the power of government, besides throwing tea into the harbor.

In Britian, “a jury has failed to clear police in the death of Jean Charles de Menezes.” The jury is the first group who, frankly, has not whitewashed the death. Investigations by Scotland Yard, The Independent Police Complaints Commission and the Crown Prosecution Service all failed to find any form of punishable fault by the armed police or their leadership.


In New York, a police officer who wrongfully arrested a bike rider and lied about what happened has been indicted, “Officer Is Indicted in Toppling of Cyclist.” Charges have not yet been revealed, but I’m hoping for perjury and assault. The interesting thing about this case, which I’ve followed a little, is what changed everything was video of the incident.

Meanwhile, one of the illegal wiretap (2005 variant) whistleblowers, Thomas Tamm, has come forward. In “The Fed Who Blew the Whistle,” Michael Isikoff writes:

At one point, Tamm says, he approached Lisa Farabee, a senior counsel in OIPR who reviewed his work, and asked her directly, “Do you know what the program is?” According to Tamm, she replied: “Don’t even go there,” and then added, “I assume what they are doing is illegal.” Tamm says his immediate thought was, “I’m a law-enforcement officer and I’m participating in something that is illegal?” A few weeks later Tamm bumped into Mark Bradley, the deputy OIPR counsel, who told him the office had run into trouble with Colleen Kollar-Kotelly, the chief judge on the FISA court. Bradley seemed nervous, Tamm says. Kollar-Kotelly had raised objections to the special program wiretaps, and “the A.G.-only cases are being shut down,” Bradley told Tamm. He then added, “This may be [a time] the attorney general gets indicted,” according to Tamm. (Told of Tamm’s account, Justice spokesman Boyd said that Farabee and Bradley “have no comment for your story.”)

By now its obvious that individuals, empowered by technology are increasingly able to act as a counter-balance to some of the power of the state. This is relatively new and still nascent. The ability of random passers-by to video events is only a few decades old. The ability to get stories out there and draw attention to them has increased tremendously with the rise of Usenet, blogs, Facebook, etc. Of course, people have always stood up to the state, but I think the addition of video and networking make it easier and a more interesting balance than it has been.

This, of course, requires citizens to be active, engaged, and united. All the outrage over illegal wiretapping was effectively countered with propaganda alleging that illegal was the only way to wiretap, or that the law was outdated. It also requires the citizenry to be jealous guardians of their precious liberties.

I’ve been going back and forth on this post, in part because Muntazer al-Zaidi was beaten by jailers, and is facing a 7-15 year jail sentence for ‘offending the head of a foreign state.’

In unrelated news, the Obama transition team has done an internal review, which, shockingly, “Finds No ‘Inappropriate’ Contacts With Blagojevich

Of Parliaments, Dukes and Queens

map.jpgFour interesting stories recently, all having to do with the ancient relationship between a sovereign and a parliament, or the relationship of hereditary rulership to democracy. I secretly admire the emergent forms of government which have proven stable despite their chaotic origins. I’m fascinated by these imperfectly republican nations like Canada and the United Kingdom, where the assent of the Queen to legislation is still required. And for our Canadian and UK readers who think that isn’t really relevant…well, take note of what happened in Luxembourg.

The Grand Duke of Luxembourg had the termity to not rubber-stamp a bill (on euthenasia). Radio Netherlands is reporting that a mere parliamentary committee has written him out of the process entirely. It’s not clear to me who the Prime Minister of Luxembourg is now prime minister to, but that’s the problem of the Luxembourgers.

Meanwhile, on December 4th, the Canadian “Governor General agrees to suspend Parliament until January.” Formally, prorouging them. I sort of like the idea that someone in a position of authority has declared all of Canada’s parliament to be rouges, but the G.G. is usually understood to be a ceremonial role. It turns out that that’s not entirely the case, although her action was unprecedented. (The Wikipedia article on Governor General is unsurprisingly good – enjoy the section on controverseys — the one on the “2008 Canadian parliamentary dispute,” is not yet well organized.) Still, the G.G. took decisive action to prevent the government from falling.

I’m a little disappointed that Stéphan Dion didn’t call for a meeting of Parliament regardless of the prorougement, and vote Harper out. That would have been quite the republican act and given Americans some fine, and highly confusing chaos to observe. (I’m using republican in the sense of republicans versus monarchists, of course.)

At just about the same time, on Sark, the Chief Pleas have been pleased to replace membership by land ownership with democracy, which promptly elected them back into office.

Finally, in Britian, the Crown has arrested a member of Parliament to nary a whisper. As the Economist mentions, such acts once led to civil war in England. (“England had a civil war?“)

Despite my dislike of monarchies, I don’t want to forget that historically, legislatures wrested power from those monarchs. There’s a value and risk to such a balance, which is that (as Madison wrote):

In a government where numerous and extensive prerogatives are placed in the hands of an hereditary monarch, the executive department is very justly regarded as the source of danger, and watched with all the jealousy which a zeal for liberty ought to inspire. In a democracy, where a multitude of people exercise in person the legislative functions, and are continually exposed, by their incapacity for regular deliberation and concerted measures, to the ambitious intrigues of their executive magistrates, tyranny may well be apprehended, on some favorable emergency, to start up in the same quarter. But in a representative republic, where the executive magistracy is carefully limited; both in the extent and the duration of its power; and where the legislative power is exercised by an assembly, which is inspired, by a supposed influence over the people, with an intrepid confidence in its own strength; which is sufficiently numerous to feel all the passions which actuate a multitude, yet not so numerous as to be incapable of pursuing the objects of its passions, by means which reason prescribes; it is against the enterprising ambition of this department that the people ought to indulge all their jealousy and exhaust all their precautions.

I’ll have a little more to say about the indulgence of that jealousy shortly.

In the map, Sark is marked by the pin. Canada is not shown.

As easy as dialing a phone

People often make the claim that something is “as intuitive as dialing the phone.”

As I was listening to “Dave Birch interviewing Ben Laurie,” I was reminded of this 1927 silent film:

how to dial the telephone.jpg

Ben commented on people having difficulty with the CardSpace user interface, and it not being as intuitive as having your email address being a login identifier.

Anyway, fascinating interview. Worth a listen, even if takes twice as long as learning what a dial tone is.

Ephemeral Anniversary

Yesterday, Nov 17, was the sesquicentenary of the zero-date of the American Ephemeris. I meant to write, but got distracted. Astronomical ephemeris counts forward from this date.

That particular date was picked because it was (approximately) Julian Day 1,000,000, but given calendar shifts and all, one could argue for other zero dates as well. The important thing is to pick one.

There are some who think that this would be a better date to use as a zero-time computer timekeeping than what most of us use presently. It has the advantages that almost all of the Julian/Gregorian calendar skew comes after this (Russia being the major exception) and far enough back that nearly all time-and-date calculations you need to do with quick math can therefore be just adding and subtracting. And it has a nice scientific tie-in.

Other common zero-dates are 1 Jan 1904 (picked because if you pick this date, you can calculate all the way to 2100 assuming that leap years are every four years), and 1 Jan 1970 (picked because this was the last day that The Beatles recorded music in Abbey Road studios — actually, their last date was Jan 4, but close enough).

The Twain Meeting

The twain meeting

Some time ago, was on an extended stay in Tokyo for work. When one is living there, there are things one must do, like make an effort to live up to being a henna gaijin.

I must disagree with those who translate that as “strange foreigner.” The proper translation is “crazy foreigner.” I’d never heard henna softened to strange before visiting Maiyim-Baron-sama’s web site.

One of my co-workers there was an American chap who spent at least part of his childhood on Okinawa, married a Japanese woman, and was living permanently there. He helped greatly in my craziness.

The term isn’t precisely an insult, and it isn’t precisely a compliment. If you came to lunch and two Japanese on extended stay were discussing Marlowe, Sheridan, and The Great Vowel Shift in their comic stereotypically bad accents, you’d see a bit of what henna gaijin means. Being a henna gaijin is a bit like being a dancing bear. The people watching you throw yourself into their culture are amused, a bit admiring, a bit repulsed, and a bit piteous that you might think enough you could succeed at any degree of assimilation.

It’s harder for a Brit to be a henna gaijin than an American because part of the craziness is the things you get wrong. Brits won’t get into the wrong side of the car or look the wrong way when crossing a street. Having to do a right-left shift along with everything else adds to the dancing-bear-ness of being a henna gaijin. Having to re-learn to read and write is also a lot of it.

However, I knew my place and threw myself into the craziness aspects. Since it’s impossible to blend in, I dressed to stand out. It was winter, so I wore a long black coat and a white silk aviator’s scarf. I came in to work in the morning with a breakfast of sushi rolls and heated cans of oolong tea (which I used as hand-warmers in my coat pockets, having left my gloves back in New England). I’d go do traditional things natives never did, such as go to the Kabuki theatre. I’d sign my name in a mix of kanji and (shock horror) hiragana.

Most importantly, I’d point out other things that were crazy. I would playfully suggest that actually “gaijin” means “barbarian.” No, no, no, no, they’d insist. I’d be amused, because it isn’t true, but the disdain gaijin get makes it closer to barbarian than a culture that has no irony is comfortable with. Brits will find themselves asking forgiveness for ever suggesting Yanks don’t do irony. Japan is an irony-free zone and when you forget this you must follow through or cause your hosts to lose face. Do not say anything like, “Oh, that sounds the the perfect way to spend a Sunday” because you will be spending your Sunday in precisely that way. If you mix irony and natto, you will get a side-spitting tale you can use for the rest of your life.

My fellow henna gaijin and I would refer to each other as firstname-kun and our colleagues as lastname-san, partially for effect (the ostentatious use of -kun) but also because gaijin call each other by their given names rather than surnames. How henna.

I also insisted that *I* was the Easterner, and they were the Westerners. My proof was simple. What direction did I go in when I came to Tokyo? East. And what direction did they go in when they went to Boston? West. Therefore, while Japan may be the land of the rising sun, that’s because it’s in the far west rather than the far east. If it weren’t in the west, the sun couldn’t rise in the east. If it were in the far east, the sun would rise overhead. QED. (And yes, the sun does rise overhead in Boston. If you don’t believe me, come find out for yourself.)

Henna gaijin.

Actually, Randall, We Tried That

Crypto + 2nd Amendment

And the reason it doesn’t work is that just because you’re allowed to own something doesn’t mean you’re allowed to export it. The use, ownership, production, etc. of crypto was never restricted, only its export. In an Intenet-enabled world, export control brings lots of hair with it, which is why it was important to fight export restrictions. I could go on, but I’ve already ruined an otherwise amusing strip.