Dr. Jerry Pournelle

Email Me


Why not subscribe now?

Chaos Manor Subscribe Now



Useful Link(s)...

JerryPournelle.com


Hosting by
  Bluehost


Powered by Apache

Computing At Chaos Manor: August 7, 2006

The User's Column, August, 2006
Column 313, part 1
Jerry Pournelle jerryp@jerrypournelle.com
www.jerrypournelle.com
Copyright 2006 Jerry E. Pournelle, Ph.D.

The biggest story this week will be the Apple Worldwide Developers Conference. Unfortunately, that won't start until well after I have to file this. There will be announcements about the Apple operating system, and running Windows XP and Vista on various flavors of the Intel Mac, all interesting stuff. In addition, we can count on Steve Jobs to announce some bold new additions to the Apple line. Speculation runs rampant: new iPods, an Intel replacement for the G5, possibly a new PowerBook using the newest Intel Core 2 Duo chip line. There may be software changes. Everyone is speculating about what will happen, but Apple is pretty good at controlling leaks. We'll just have to wait.

Meanwhile, DEFCON 14 is happening in Las Vegas. DEFCON is billed as the largest "hacker's convention", and is a great place to learn about security threats and remedies. Chaos Manor Associate Dan Spisak is there now. Of course the conference doesn't end before my deadline for this column, so we won't have stories from there, either.

My columns have never been up-to-the-minute topical. In the glory days of the Sears Catalog-sized McGraw Hill BYTE, I would turn in a column on the 7th of the month for a cover date three months later: that is, I'd turn in the April Column by January 7, which pretty well meant I'd never have a traditional April Fool column. It also meant that I had to find topics that would still be interesting three months after I wrote about them.

I managed to do that for more than twenty years before my situation changed and the lag between filing the column and seeing it published grew much shorter. I still try to pick topics of lasting interest, but there's always the temptation to react to topical news. I'll try to resist that. All these stories that are breaking at deadline time will still be interesting next week and probably next month.

The good news is that rather than rush into print after DEFCON and the Apple Worldwide Developers Conference, I'll have some time to digest what happened. I make no doubt there will be items of more than topical interest. Stay tuned.

The Apple (and Windows) WiFi Vulnerability

The announcements in the Washington Post, Business Week OnLine, and elsewhere came with great fanfare: Warning! Your WiFi is Vulnerable to Attack!" At Black Hat, a computer security conference held just before DEFCON, a pair of hackers showed that a Mac PowerBook could be taken over by hackers. The exploit was quite dramatic, and was doubly frightening since Macs have usually been immune to this sort of thing.

The story isn't done yet. We'll have more when Dan Spisak gets back from DEFCON. Meanwhile, we do know that the actual situation isn't quite as dramatic as Business Week's headline made it. One shouldn't ignore the potential danger, but the threat is not as urgent as that headline implies.

As near as I can tell, the situation is this: First, the exploit is independent of the operating system. WiFi cards using certain chip sets are definitely subject to this attack, but it's the WiFi hardware itself that provides the hacker entry into the system. It should work as well on Windows and Linux as on Apple systems. Second, it's not so clear whether systems with built-in WiFi are vulnerable; that will depend on precisely which chips were used in the internal WiFi design. Some computers with built-in WiFi may be vulnerable, and again, that will be independent of which operating system is being run on the machine.

Note that neither WEP nor WPA nor any other security measure will provide any protection whatever against this hack. I quickly add that you had better have WPA in place if you value your system security. If you don't have WPA, WEP may be better than nothing, but it's not much better; WEP remains vulnerable to automated attacks, the exploit is widely known, and many experts consider WEP dangerous because it gives a false sense of security. You are far more likely to have your security penetrated by a WEP exploit than by the new WiFi exploit. The moral here is to use WPA or WPA2 and stand by for a fix to the WiFi exploit.

I note that the more familiar with net security one is, the more contempt one has for WEP. Brian Bilbrey notes that

If you don't have WPA or WPA2 capable gear, go get some. WEP attacks are fully automated and scripted, so that anyone driving by can own your network, your machines, and anything (like banking credentials) that you store or type on them.

As of the evening of Saturday, August 5, there doesn't appear to be a reliable fix for the WiFi exploit. One reason we don't know whether there's a fix or not is because the exact nature of the exploit has not been published, and won't be until that publication can be accompanied with a reliable fix. Apple, Microsoft, and a score of independent developers are working on remedies to the exploit, and it shouldn't take all that long to develop one.

It's important to note that no instances of this exploit have been seen in the wild: for the moment the hack is known only to its discoverers. On the other hand, now that its existence is known, it's only a question of time before some bad guys find out how to do it. Given the popularity of WiFi in airports and coffee shops and Internet Cafes we can assume a high incentive for the bad guys to do their stuff before the good guys can plug the hole.

So: what should you do until an official fix is announced?

First, as noted above, make sure your system is secure against other and more widely circulated exploits. Implement WPA or WPA2 and do that now.

Second, if you are really and truly paranoid - Dan Spisak says "tinfoil hat paranoid" - you should turn off your WiFi entirely. Remove the WiFi card from your system, or turn off the built-in WiFi. Nothing less will protect you, because the exploit works if the wireless is turned on, whether you are logged into a wireless net or not.

Finally, see the next item: Intel has a remedy out against at least one WiFi exploit. You must install it yourself, and there's no guarantee that it will fix everything. If you're really paranoid, turn off your wireless until the All Clear.

More on the Vulnerability

Rick Hellewell is a security expert, and I rely on his advice. Thursday, August 3, I received this email from him:

Subject: Centrino/wireless Severe Vuln (laptops)

Dr. Pournelle:

Word is out that there is a major vulnerability in systems (usually laptops) using the Intel Centrino chip. Links to the vuln:

http://www.siliconvalleysleuth.com/2006/08/security_hole_s.html

Intel notice here:

http://support.intel.com/support/wireless/wlan/sb/CS-023068.htm

F-Secure blog link here: http://www.f-secure.com/weblog/archives/archive-082006.html#00000938. The vuln is not public yet, but can be done to any laptop that is near the attacker's system. A successful attack will allow the bad guy to run any program on your computer, including installing rootkits.

A list of vulnerable wireless adapters (internal/external) is here on Intel's page: http://support.intel.com/support/wireless/wlan/sb/cs-005905.htm

There's a link on that page to an Intel program that you can download/run to test your system.

Notice that the F-Secure link recommends that you ensure updated drivers before you do the BIOS patch. On IBM/Lenovo systems, there is a program that you can run that will update all drivers/BIOS on the laptop ("Software Installer", on Start, Programs, Thinkvantage).

The update process will require you to be at the laptop to do the update; it's not a MS update, so we can't push down the update. You will also need to have the laptop connected to AC power, with a fully charged battery, to do the BIOS update.

The vuln may be related to an attack shown at DefCon. (That attack was done to a Mac laptop, but it was through the Mac's wireless card; the attack can be done against any laptop with wireless.) The Washington Post "Security Fix" column (link) has a video that shows the attack.

Bottom line: any notebook with Centrino chip set and wireless will need to get the updates to fix this vuln. Strongly recommended.

Regards, Rick Hellewell

If this leaves you confused as to whether the problem is Centrino, an interface card, or perhaps two different exploits, apparently so is everyone else. We should know a lot more after Dan gets back from DEFCON.

Microsoft Windows OneCare Live

My main machines at Chaos Manor are protected by hardware firewalls, and by Microsoft Windows OneCare. Both Windows OneCare and Microsoft Windows XP itself are set for automatic updates. Because we do a lot of silly things so you don't have to, these are the only regular protection systems I use. Norton Anti-Virus and Norton Protection System are installed on my main machines, but they are normally disabled.

I do check security at reasonable intervals. To test the firewalls and router stealth I go to Gibson Research, www.grc.com and follow the directions to "TEST MY SHIELDS." I always get a perfect score, which is reassuring. I also periodically enable Norton anti-virus and have it scan my systems, with the same result: no problems. Finally, I run Spybot Search and Destroy and Ad-Aware on whim. Neither has ever found anything alarming, although both pay more attention to cookies than I do; those who are really paranoid about cookies being data-miner programs would probably want to use Spybot in addition to Microsoft OneCare.

This experiment of relying on Microsoft OneCare and my D-Link Gaming Router and nothing else has been going on since before the first of the year, and so far I have no reason to regret doing this. I do note that Microsoft OneCare wouldn't do a thing to plug the Wireless security hole discussed above.

I have seen a number of reviews condemning Microsoft OneCare as useless since it won't remove spyware once found, and often asks you about net connections that you think are well established, such as Internet connections to on-line games where the game server addresses change fairly often. I don't find the latter much of a problem - I do sometimes have to restart a game after telling OneCare to let the connection happen. As to removal of spyware, anything sophisticated enough to get past any frequently updated spyware detection and blocking program is very likely to require some special procedures to remove; and some of those infections are so serious that you're better simply to reformat the hard drive and Norton Ghost or Norton Save and Restore to restore from a point previous to the infection. As spyware and key loggers get more sophisticated they get much harder to remove.

My experiences with OneCare have been fairly positive. It often asks if I want something to connect to the Internet, and when it automatically gives a program access it tells me it has done so.

Windows Update Madness

I have no strong reason to regret relying on a router plus OneCare, but there are annoyances. It's not so much OneCare's fault as Windows in general, but OneCare contributed.

A couple of weeks ago - I'm sorry I can't date it closer than that - I noted that when I shut down Alexis, the main communications machine, the shutdown menu offered as first choice "Install Updates and Shut Down." This didn't seem unreasonable, so I let the system do that, but sometimes on startup I'd get an error message that some program was unable to start and had to close. I'd send that off to Microsoft and I'd be taken to a web page that told me this was not really a problem and it would fix itself. It was a fairly minor annoyance, and I don't often shut down that machine anyway, so I paid little attention.

Then I began to get notices that an update was ready to install. This would usually happen when I was busy, and I'd start the update installation and forget it. There may or may not have been some message associated with that. If so, I didn't notice.

This morning, though, it all came to a head. Windows OneCare told me my computer was at risk. Windows Update told me there were updates ready to install. Hoping that the update would take care of the risk, I told the update to go ahead. It trundled for a while, then informed me that at least one critical security update didn't install properly. I opened Windows update, to discover that the critical update was for Macromedia Flash Player, and the vulnerability hazard of not installing it was quite severe.

Attempting to install that update manually got the information that my version of Macromedia Flash Player didn't match the update version, and installation wasn't attempted. No other information was given.

I figured I hadn't updated Flash Player in a while, so it was time to go do that. I opened Mozilla Firefox, went to the Macromedia Flash Player site, got the latest version (9.0.16.0), downloaded and installed it. Then I tried to run the critical security patch, with the same result as before. Versions didn't match. Now it was time for some serious research into this vulnerability, but the results were confusing. Microsoft's Knowledge Base - at least the items I could find - were all dated in mid May, 2006. Adobe articles on the subject implied that this had been fixed by a new version of Flash Player. Eventually I found that the vulnerability fix was for a considerably earlier version of Flash Player than I had installed.

Now what? First I needed to be sure that I had indeed installed Version 9.0.16.0. Finding the installed version number turned out to be more difficult than I thought, but eventually I stumbled on the way: Go to this link and it will automatically tell you if you have Flash, test the installation, and give you the version number. Then I found out something interesting: the version number for Flash installed on Mozilla Firefox was 9.0.16.0, but the version number for Flash if I visited that web site with Internet Explorer was 7.0.19.0. Since Flash binds itself into the web browser it's quite logical that updating Flash Player in one browser does nothing at all about updating it in the other, but I hadn't realized that.

I used Internet Explorer to go to the Adobe Flash Download Center and installed it again, this time in Explorer. Now I was able to test the versions in both Mozilla Firefox and Internet Explorer, and found they were the same. Time to try installing the security patch once more. Of course it didn't work. Incompatible version numbers. And of course if I tried to shut down the system, it wanted to "Install updates and shut down." Only that update wouldn't install.

If there's a Microsoft Knowledge Base item on how to remove a needless update from the update queue, I couldn't find it in half an hour using both Google and MSN search. It's probably out there, but I was unable to guess the proper key words to find it. I figured I had wasted enough time searching for the elegant answer: time to use brute force.

The update had a title, and the code KB91433. I did a search on that number, and found three instances, two links and the program file itself. I deleted them all. Then I went to the shut down menu. The "Install updates and shut down" item still led the list, which was discouraging, but I bypassed it for shut down and be done with it.

When I turned Alexis back on, the Windows XP splash screen stayed up for a long time. By long, I mean several minutes; time enough to get coffee, wash my hands, leaf through the paper mail, and generally get nervous about the situation. Eventually, though, I got the "Windows is starting up" message followed by the logon screen, and all was well. Clicking the Microsoft Update icon in the tray get the cheery message that there were no updates. Opening the shut down menu revealed that the "Install updates and shut down" option was no longer available. To be certain all was well, I shut down the system once more and brought it up; this time it came up promptly, no agonizing wait at the splash screen.

I am not sure what the moral of this story is. Bob Thompson would tell me that it's obvious: abandon Windows for Linux, preferably Xandros, but any version of Linux would be better than Windows. Roland would tell me that it's obvious: abandon Windows for a Mac, and learn to run Windows on the Mac if I absolutely have to run Windows programs including games. I will admit that after spending two hours trying to deal with a Windows Update message, I can see their point.

Of course it would all have been simpler if, when I tried "remove Windows update from queue" and variations on that theme in the MSN search toolbar, I was taken to a Knowledge Base article telling me just how to do that, but I expect that getting Microsoft to hire some competent indexing staff is too much to hope for. I might also hope that Microsoft would come up with a better system for delivering intelligible error messages when updates fail to install, but that, too, is probably a forlorn hope.

Captain Ron Morse notes that such matters tie in

"to the discussion in mail about "what should computers do that they don't do now." Using all the accumulated horsepower to prevent things like this would be a good start. The machine ought to be able to decipher its own error messages and, short of actual hardware failure, deal with them without user intervention. "

Or Microsoft could at least stop trying to save disk space on indexes and use a lot more redundancy in the help files.

Backup Your Backup?

Microsoft OneCare has an incremental backup capability that works fairly well. You can set it to do automatic backups on schedule, but you don't have to. If you don't let it do automatic backups, OneCare will become increasingly annoyed until eventually it will tell you that your system is at risk.

At that point you can either cancel backups altogether, after which OneCare won't care any more, or you can do the backup. In my case I had set OneCare to back up Alexis, my main communications machine, to a Seagate external drive. These come in many sizes. I have several of the 360GB drives; there are larger ones available for about what mine sold for when I got them. These will use either USB 2.0 or FireWire to connect to your computer. Most computers now have FireWire connectors, and that's certainly preferable to USB 2.0 for large file transfers. FireWire is faster, and in my experience more reliable.

After I set up OneCare to back up to my Seagate drive, I found there wasn't really room to keep that drive next to the computer. No problem, I removed it and put the drive in the storage cabinet. Now, though, I had to connect it back up so that OneCare could find it and write to it.

That's simple enough, but if you have more than one Seagate External Drive - I have three, all identical - it helps to pick the right one. Alas, I connected up the wrong one. When I looked at its directory I realized that, disconnected it, and connected the proper external drive. That may or may not have caused my problem.

When USB 2.0 fails, I can never tell whether it's hardware or software. One of Pournelle's Laws is that 90% of computer problems are related to cables. I formed that hypothesis way back in the days of the S-100 Bus, and it remained true for a long time. Even today it's true although the percentage may be a bit lower because there's so much more than can go wrong. I suspect that the problem with USB 2.0 is cable connectors, but I can't be sure. What I do know is that if you do very large file transfers to an external drive, about once in fifty times you'll get the message "Delayed Write Failed", and you're in for trouble. I've never had this happen when I use FireWire to connect my external drive, but it sure happened today.

Power and Power Quality

My initial account of the Delayed Write Failure sparked an exchange of views that I found interesting. Before he knew what kind of UPS I use on this system, Bob Thompson said:

This never happens to me (under Linux or Windows), so I'm not sure what's going on. I routinely (daily or more often) copy huge files (2 GB to 5 GB) to and from external USB 2.0 hard drives, and have never had an error.

One of my readers speculated that the problem might be power-related.

The power brick on a USB hard drive has no "inertia", so even a very short drop in power can cause a write error. An off-line backup power supply like the APCs you use doesn't kick in fast enough to protect against those very short drops. It does keep the computer running, so you may not even notice the drop occurred. My external USB hard drives connect to true (on-line) UPSs, so they never see any power glitches...

"Nearly instantaneous" may not be good enough for an external hard drive.

A typical power supply has a hold-up time of 20ms. That is, the PC keeps running for 20ms after the mains power fails. That 20ms is more than enough to cover about 99% of all power failures, nearly all of which are fractional-cycle failures.

The problem is that the external drive has no such intertia. Even a 1 ms power failure is enough to cause a problem. An off-line UPS takes some finite amount of time to switch over to battery. That time depends on the quality of the circuitry, the state of charge of the unit, the waveform of the power anomaly, and other factors.

Peter Glaskowsky replied

This is generally not the case.

Every AC-to-DC power supply must be designed to maintain its output across a power dropout of at least 8ms-- simply because that's the interval between power peaks on the AC line (that is, one 120 hz cycle including one positive peak plus one negative peak).

What carries the output across these gaps is the transformer output capacitor. Every AC-to-DC supply has such a capacitor, and therefore they all have "inertia." These caps are usually fairly small, but even so, it's common for the capacitor to be large enough to carry across one full cycle. It doesn't take much of a capacitor to do that.

The task is made a little easier by the fact that these switching power supplies can remain in regulation in spite of minor problems with the line voltage. This is especially true of the universal supplies, which truly don't care whether they're getting 100V or 240V.

If you're really seeing the power supply cut out when plugged directly into the wall outlet, but it doesn't cut out when it's connected to a UPS, there's probably some other problem, like spikes on the line caused by some other appliance on the same circuit.

Lots of people have that problem without knowing it. Refrigerators are common culprits, especially when people have a computer in or near the kitchen, or on a common wall. When a fridge turns on, it might drop the line voltage on a nearby outlet to just 90V for a tenth of a second. This is probably about what it takes to start causing trouble for a cheap power supply, so occasionally a glitch might get through to the disk drive.

Now-- all that being said, I totally don't believe that the problem Jerry described had anything whatsoever to do with power quality. Jerry suggested two other possible causes-- the cable connections and something related to switching drives while the system was running. USB is designed to be fairly robust against problems with the cables, and Windows ought not to care about a proper hot swap of USB drives-- but these are both much more likely explanations than power problems even if Jerry wasn't using a UPS.

But he is, and any kind of modern UPS will absolutely take care of any condition that might cause a problem for a power supply. If there are any exceptions, I haven't heard any reasonable explanation of what they might be, and I've certainly never seen an exception in real life.

Power quality is a mighty mystery to me nowadays. I certainly had a lot of problems with power spikes when we designed and built the Altitude/Temperature test chambers for cooking astronauts back in the 1950's. Our lab space was in the Boeing shop area, with heavy duty power equipment coming on and off line at random intervals. Filtering that power so that we could measure human heart rates and temperatures was a nightmare. As I recall, we needed a huge rack of Boeing Integrating Analog Computers (a lot of computing was analog back in the Dark Ages) with negative feedback to condition the signal data.

I haven't thought about these things for years. Peter Glaskowsky specifies power requirements for new chip designs, and is clearly much closer to the subject than the rest of us. I'm just grateful that modern UPS and power isolation equipment works well and generally without my paying attention to it.

You Need an UPS

Whatever the cause of the Delayed Write Failure, it was not the UPS. For my primary systems I use Falcon Electric true on-line (dual conversion) UPS. I can be pretty sure this wasn't a power glitch, but those who use off-line switch-in UPS systems (such as APC Smart-UPS) might have a problem on a day when power fluctuates and cuts in and out rapidly (as on a very hot day). This all happened well after the heat wave was over and it was quite balmy in Southern California the day it happened.

On that subject: standard off-line UPS such as the APC Smart-UPS systems do not kick in for very short power failures, but I've never lost any data due to that. I use APC UPS on systems whose main activity is writing or games. For communications systems, the "box of drives", servers, and my Ethernet switches I use the more expensive but faster-acting and generally more robust Falcon Electric true on-line UPS. The Falcon units cost more, but their batteries last much longer than any other UPS systems I have tested. Having said all that, I also have an in-line recording power monitor installed in the cable room, and except for the very hot days when older power transformers were literally exploding I seldom see glitches in power quality from Los Angeles Department of Water and Power.

I suspect in this case it was cables, but then I always suspect cables and cable connections.

Whatever the cause, this happened fast. OneCare stopped trying to do the backup. Windows popped up the message about Delayed Write failed. When I tried to look at the Seagate External Drive directory, it said there were no files at all. The disk was blank, or at least Windows thought it was. Removing the USB 2.0 connector and reconnecting didn't help. Connecting the drive and resetting the system didn't help.

Finally, in desperation, I disconnected the external drive and shut down the machine. Not restart. Shut down. Then I brought the machine up, waited until Windows was stable, and connected the Seagate External Drive. This time everything worked just right. I got the message that my new hardware was detected, then after a minute or so, was installed. Opening the drive directory revealed that all the files were back as if there had never been a problem. Apparently, when Windows gets confused by that "Delayed Write Failed", it stays confused until reset.

Once I was sure my files hadn't been lost, I made sure the cables were firmly in place and once more told OneCare to do an incremental backup. It took 26 minutes, and when it was done all was well. OneCare no longer warned me that it urgently needed attention, and I could see and open the files on the Seagate External Drive.

Then, just for good measure, I used Norton Save and Restore (read Norton Ghost on steroids) to save a restoration point onto that Seagate External Drive; and when that was done, I copied the restoration point to my networked Box Of Drives that serves as one component of the Chaos Manor Multiply Redundant backup system.

The moral of this story is that if you're going to use an external disk for backup of more than one machine, you might think about backing up your backup. Use Nero and a good Plextor drive to burn a DVD of the critical files. That way, if you get the "Delayed Write Failed" message and see a blank directory, you won't get that sinking feeling.

The second moral of this story is one I've repeated many times: if you value your work, get an UPS. Falcon Electric UPS are about the best I know of, but any decent UPS is better than none. I have a number of machines on APC UPS systems, and while I don't expect an APC to survive the kinds of stress my Falcon UPS experienced in The Great Power Spike of 1989, they've done well for me. The important thing is, get an UPS and get one now.

Mozilla Firefox Update Annoyance

I have been using Mozilla Firefox in preference to Microsoft Internet Explorer for some time now. I like the "Tabbed Browsing" which allows me to keep a whole bunch of Internet pages instantly available. When someone sends me a link I can go there, decide I want to read it but don't have time just now, and leave it there in Mozilla Firefox until I get to it. When I find precisely the right instructions on how to do something in World of Warcraft, I can leave that page in Mozilla Firefox and turn to it when I am playing the game on another machine.

And that, alas, is where the problems come in.

One of the best features of Mozilla Firefox is the extensions. There are hundreds of them, some excellent, some frivolous, and, I suppose, some that don't work very well, although I haven't encountered any of those yet. They're all free. Two of the best are Crash Recovery and Session Manager. Between them they will restore all of your Mozilla Firefox windows in case of a system crash, Mozilla Firefox Crash - they do happen if you have too many open tabs, or at least it has happened to me - or if you shut down Mozilla Firefox. When Crash Recovery and Session Manager are working they work very well, and it's very handy to have them.

Alas, Mozilla Firefox has sent out a flood of updates. They come in automatically, and bug you until you install them. When you install the update, you must close Mozilla Firefox and reopen it. And when you do that, unless you have explicitly saved the current session, the next thing you see will be the new version home page, and chances are pretty good that all your saved windows will be gone, and Session Manager won't be able to find them for you.

That has caused me to copy URL's I particularly want to keep into a NOTETAB PRO file. If you're not familiar with Notetab Pro, you might want to look into it. It's one of the handiest tools you can get. I use it all the time to collect information by cutting and pasting into Notetab files, and I recommend NoteTab Pro.

I continue to recommend Mozilla Firefox, and I use it most of the time, but there have been some annoyances. I expect the last spate of updates took care of many of them; I haven't had a crash from too many windows open in several weeks now.

Microsoft has updates to Internet Explorer, and the new versions have tabbed browsing. If the new versions had come out before I got accustomed to Mozilla Firefox, I might well have thought Internet Explorer good enough and never have tried Firefox.

I'll keep trying updates to Internet Explorer, but as of now Mozilla Firefox remains my browser of choice. Ain't competition wonderful?

Winding Down

The book of the week is Karl T. Pflock, Roswell: Inconvenient Facts and the Will to Believe, with a Foreword by Dr. Jerry Pournelle (Prometheus Books, 2001). Karl Pflock was a True Believer: he was certain that UFO's were real, and probably of alien origin. He was also a skilled investigator, former intelligence officer, former Congressional staffer, and a man known for his honesty and integrity. When the UFO investigators decided to take a serious look at what happened at Rosswell, Karl was a natural choice to do the investigation and write the book.

He set out to show that something very strange and wonderful had happened at Roswell. He ended with an entirely different opinion. Far from aliens, Karl found "Inconvenient Facts and the Will to Believe," and he said so. He ran down all the leads, looked into all the discrepancies, interviewed all the surviving witnesses, and wrote a careful book that certainly wasn't what those who had put up the grant money had wanted.

I recently got a notice that Karl died last Spring. Then, recently, I got a number of serious inquiries about what happened at Roswell, and the credibility of some of the more famous people involved. That caused me to take down Karl's book and read it again, and once again I am impressed at just how thorough a job he did. If you want to know the truth about Roswell, read this book. Of course most people don't want to know the truth. There's too much money in the legend. When the truth interferes with the legend, print the legend.

The computer book this week is Python in a Nutshell, by Alex Martelli, (O'Reilly). If you don't know much about Python, this isn't the book to start with; but once you get familiar with Python, this is the book to have for reference. It's also for those who have been familiar with Python or similar languages, and need directions on how to get started again.

For those who don't know, Python is a structured full featured language. I've had a copy on nearly every computer I own. Python is free, and doesn't take up much disk space. It's incredibly handy for quick and dirty programs. For example, I wanted to convert the output files of an accounting program I wrote in 1982 into comma separated values. It took about two hours to write a Python program that opens the accounting files, reads in all the data, and put them out in record form as comma separated values. Most modern programs can read in CSV files, so it will now be possible to convert from my aging accounting programs written in C-Basic to one of the modern commercial book keeping programs.

If you ever wondered what it might be like to write computer programs, Python is a pretty good place to start. You'll also want another O'Reilly book, Learning Python by Mark Lutz and David Ascher. When you master that, get Python in a Nutshell.

Next week we'll know what happened at both DEFCON and the Apple Worldwide Developers Conference.