Cryptosmith

Wolfgang Gruener took the trouble to graph data from either Net Analytics or Net Market Share.com (I'm guessing it's really the latter) to illustrate the popularity of recent Windows versions. The main story seems to have nothing to do with the graphs: 66% Of All Windows Users Still Use Windows XP.

While Windows XP was more secure than the systems it replaced, Vista and Windows 7 are much more secure than XP. Or, at least, it's easier to lock down a Win 7 desktop than an XP desktop and still have a usable system.

Mobsters on distant continents can break into business desktops and transfer funds to money mules. No doubt some of the victims are running the newest OS software, but I suspect the vast majority involve Windows XP, if not even older systems.

'Way, 'way back in the 1960s, computer designers tried out different techniques to limit how a computer executed its programs. Some should be pretty well known, like storage protection and the distinction between "kernel mode" for the operating system and "user mode" for applications. Another was data execution prevention (aka "DEP"), where the computer distinguishes between RAM that stores instructions and RAM that stores data. If the program tries to jump into instructions stored in data RAM, the CPU aborts the program.

Fast forward to 2010. Most microprocessors were supporting DEP in the mid 1990s; a few supported it before that. OS support came more slowly. Windows as been using one form or another of this since 2004 in XP Service Pack 2. However, it doesn't matter for most major applications, because they didn't fix their code to take advantage of it. So, if they suffer a buffer overflow, there's nothing to prevent the computer from trundling off to la-la land.

A reader pointed me to an apparently dull collection of NSA documents recently posted by that useful source, GovernmentAttic.org. One of the hidden gems is a "CMI Newsletter" containing a eight pages of crypto puzzles.

I've taken the liberty of posting the CMI Newsletter separately (PDF, click this link), but kudos go to GovernmentAttic for dredging up this diamond in the rough. If you work out answers, feel free to post them here, or at least provide a pingback so interested people can find them.

ARE THEY KIDDING ME? DON'T THEY HAVE ANY REMOTELY INTELLIGENT ADVISORS IN THE WHITE HOUSE THESE DAYS? I THOUGHT PRESIDENT OBAMA WAS TECH SAVVY!

Okay, I got that off my chest. [see later post]

For those who came late to the party, here's how to think of the "Internet Kill Switch." Substitute "Internet" for any of these:

• National highway system
• National airspace
• Nationwide broadcast system
• Starbucks

You can't have an "Internet Kill Switch" for the same reason you can't have a "Starbucks Kill Switch." The things being controlled are thoroughly distributed and they operate independently.

Yes, the President can always declare a "Starbucks Emergency" and demand shutdown of all Starbucks (and Caribou and Dunn Brothers and other caffiene chains, to be fair). But there's no real control over such things. Someone won't get the word, or they'll ignore it.

Back when I was teaching full-time, I constructed a CPU simulation in Excel. Originally I used it to teach non-majors about CPU instruction cycles, an obscure topic included in an obsolete list of the course's required topics.