DEBRIS.COMgood for a laugh, or possibly an aneurysm

Interesting question — if everyone with a laser pointer shined it at the moon at the same time, would we see the red glow from Earth? http://www.paintthemoon.org/

The first attempt is in a few weeks, 2001-10-27. If you’re afraid you’ll forget, send yourself a reminder via email. (The Site Foundry’s email reminder service will not spam you.) Here’s a reminder for the second attempt.

Yes, I’ve seen all the explanations for why this won’t, couldn’t possibly work. I still think this is a great idea.

As reported throughout the web, the Gartner Group has recommended that some enterprises “immediately investigate alternatives to [Microsoft’s commercial webserver application] IIS, including moving Web applications to Web server software from other vendors.” The report’s title is telling: Nimda Worm Shows You Can’t Always Patch Fast Enough.

Think that through… one of the largest, most-quoted technical analytical groups on the planet is recommending that companies not use Microsoft software. More strikingly, they’re recommending that corporate users abandon Microsoft software. A reasonable person might have to conclude that the Microsoft software in question is dangerous.

But if that’s the case, how could IIS have gained 26% market share? How could systems administrators be so blind, to install such bad software? Especially in light of the fact that the market leader, Apache, (58% market share) is free and has a dramatically better security history?

To be sure, updating server software, and watching for new vulnerabilities, is required for all admins. But I contend that Microsoft still fares worse than any other vendor. Here’s the evidence: Microsoft has released 11 “critical security updates” in 2001 alone.

Gartner goes on to say that IIS will continue to be a victim to worms and viruses until Microsoft releases a new, “completely rewritten, thoroughly and publicly tested” version of the program. Consider the implications of that statement: IIS is so bad it can only be fixed by discarding the entire mess and starting from scratch.

Joel Spolsky has written a well-reasoned essay about why rewriting software from scratch is a huge strategic mistake. Why? Because there is no guarantee that the rewrite will be any better than the original. I agree.

But his comment that “IIS has been publically tested, for about six years now, on millions of web servers and with thousands of hackers trying to find bugs,” ignores the reality that IIS is clearly not robust enough for enterprise use, no matter how well tested it has been.

It’s worse than Code Red — the NIMDA virus infects both Microsoft’s Outlook as well as Microsoft’s IIS webserver. My server has registered between 3500 and 10000 infection attempts per site today.

If you run an Apache site and have PHP available, you can use my Webserver Virus Warning Generator to send warning emails to owners of infected sites. I’ve updated the script to handle NIMDA as well as Code Red.

It’s little wonder that insurance companies have begun charging higher rates for users of NT and IIS… crappy products beget higher maintenance costs.

The surreality of yesterday’s tragedy continues. Life goes on — of course — and yet any communication that doesn’t acknowledge the disaster seems tainted, out of touch, as if only within the context of yesterday’s events can we move forward with our lives.

Today’s Chron ran an unprecedented full-page cover photo of the south tower of the WTC collapsing. Most of the newspaper’s content is devoted to coverage of the attack — news, analysis, opinion, images. Nearly every page shows a somber black banner across the top: America Under Attack.

But there was no such banner on the Food section. The headline reads Exotic Wraps and the subtitle announces that “banana leaves and other ingredients add panache to special dinners.” I can see that it’s perfectly reasonable for the newspaper to include this section today, but its glib headline and apparent ignorance of the day’s context is jarring.

The Business section showed a remarkably powerful photo of a man walking out of a dust cloud, in a well-tailored suit and tie, shoulders back, briefcase in hand, looking every bit the part of the world-beating investment banker — except for the look on his face, of pain and terrible grief. This image reminds me of Nick Ut’s 1972 photograph of children fleeing a napalm attack on a village outside Saigon.

Jon Carroll’s column is interesting: Welcome to the 21st Century

I think the best thing I’ve read about yesterday’s events so far is the account of the Jeremy Glick from Flight 93, as recounted on Jerry Pournelle’s website.

Here are good explanations of why the towers collapsed: BBC and David Perlman

I’ve begun using PNG images rather than JPEGs and GIFs on this site. For large, full-color continuous-tone images (such as photographs), PNGs are larger than JPEGs, but have a number of advantages over JPEG, including the fact that image quality is superior (not that any of my images are that great to begin with).

I found a great tool for compressing PNGs. It runs under a variety of OSes and provides an easy way to make PNGs smaller. Because it is a command-line utility, you can quickly process entire directories at once — without all the tedious opening and saving as with a GUI.

On my images it provided a savings of about 8% on large images, and nearly 20% on small images, as compared to PNGs created by Photoshop 6.

The utility is called pngcrush.