Sign In

Communications of the ACM



The special section "Homeland Security" (Mar. 2004) detailed external attacks on various computer systems but did not mention that threats also originate inside those systems.

The 9/11 attackers, for instance, were trained to fly inside "the system" and allowed to board U.S. aircraft by that same system. Protecting U.S. computer systems requires Americans to assume those who would harm them might already be inside their development domains.

Two promising ways to examine U.S. software for security risks are path coverage analysis and concordance analysis. Programmers who discover unused paths should perform further tests or remove the suspect code. Moreover, they should generate a concordance for the code whereby high-risk words are highlighted and reviewed.

Mark Sadler
Harvard, IL

Back to Top

No Excuses for Microsoft

Michael Cusumano's "Technology Strategy and Management" column ("Who Is Liable for Bugs and Security Flaws in Software?") read as if it were commissioned by Microsoft Corp.

As both a user and a practitioner, I have found that Microsoft's products are ultimately debugged only by their users. The idea that such flaws are due to complexity or the size of the user base are not serious explanations.

I have been a Microsoft driver developer since Windows 3.11 and have found the products to be built on eggshells. My Unix desktops stay up for months, while Windows has to be rebooted daily. Can't blame the hardware, as many engineers run Linux on PC hardware and have extremely stable and more secure systems.

The security vulnerabilities affecting laptops running Windows are unsettling; entire industries have emerged just to deal with Microsoft viruses, worms, and email macros. Some argue that Windows is a target due to the volume of its installations, but the largest-volume targets are Java-based cell phones. When was the last time your phone was contaminated?

The reason Microsoft gets away with such products is its market power and the political cover afforded a company with billions in cash. It is apparently untouchable in court, even while it punishes other companies, and little venture capital is invested in products antagonistic to its products.

We may not be able to break this iron triangle, but please spare us a superficial analysis.

Name Withheld

Author Responds:
Whatever the reasons Microsoft and Windows continue to attract so many critics, and hackers, the fact remains that nearly every major operating system and software product, from commercial vendors, as well as from the open-source community, has had security flaws and bugs. Windows may well have more than its share, but with 95% of the desktop OS market, even its fair share would be an enormous problem for users and for Microsoft alike. The broader programmer community must work with Microsoft to solve problems of security in Windows, as well as in all software products in all devices. I agree that the buck stops with Microsoft, which must take more responsibility and devote many more resources—than any other company—to solving its security and quality problems. I am skeptical about how much progress it might make on its own, given its varying priorities, its many distractions, and the size, complexity, and delays already associated with the next Windows release (Longhorn). The market will eventually solve the problem. Either Microsoft will meet this challenge or its users will find alternatives.

Michael Cusumano
Cambridge, MA

Back to Top

How About a Manageable Password?

Blake Ives et al. are right: reusing passwords is dangerous ("The Domino Effect of Password Reuse," Apr. 2004). However, human nature being what it is, not reusing passwords is equally dangerous. As the authors pointed out, people log into many sites but have trouble remembering more than a few passwords. The more passwords they have to remember, the more memorable, and guessable, they become.

Ives et al. made several suggestions for improving this situation, including public key encryption, public key infrastructure, and biometrics. Unfortunately, each would require widespread adoption of a set of standards, along with hardware devices (such as smart cards and biometric sensors). Achieving global agreement on these standards is nontrivial.

Moreover, these approaches introduce complexity or additional risk. For example, if everyone used a standard biometric, the same electronic signal would have to be used everywhere, even though doing so would involve many of the same problems associated with shared passwords.

Some years ago I, too, was concerned about risks posed by using the same password. The existing solutions were inadequate. Some people kept a file on their machines, the smarter ones giving it an innocuous name. Others used a password wallet to encrypt their passwords. Since these solutions require access to the machines holding the passwords, people who move around a lot often kept lists in their wallets—a scheme less dangerous than it might appear. After all, few common pickpockets also hack computers.

Unhappy with these solutions, I developed a tool called Site Password, which combined a user password with an easy-to-remember name for Web sites that calculate site-specific passwords. Because it used a standard algorithm to compute a site password, users get the same answer wherever the calculation is done. The generated passwords are based on a cryptographically secure hash function, so guessing them is difficult.

Users have to remember only one password, but because it is subject to a dictionary attack by malicious site owners, it must be a good one. However, the burden of picking it is manageable because the user needs to remember only one, though the more paranoid among us might still prefer several. There's little need to change that password frequently, since it never leaves the machine doing the calculation. The main risk is a keyboard sniffer. The site names can be put in a public place (such as a Web page) because they provide no extra security. (The MS Windows version of Site Password is available at Alan_Karp/site_password/index.html.)

Alan Karp
Palo Alto, CA

Back to Top

When Is Copyright Infringement Legal?

In her "Legally Speaking" column ("What's at Stake in MGM v. Grokster?," Feb. 2004), Pamela Samuelson called for a "bright line" rule regarding contributory copyright infringement. But the U.S. Supreme Court's Sony rule, as she views it, achieves that goal only by eliminating almost every instance of contributory infringement.

At least one result of the trial court's Grokster decision, which turned the Sony rule into a shelter for companies encouraging copyright infringement, has been suits against individual users by the Recording Industry Association of America as a way to stop widespread copyright infringement. Far better would be to stop those encouraging infringement than to reign terror on a few users in order to scare everyone else.

Meanwhile, in the Seventh Circuit's Aimster decision, Judge Richard Posner wrote that those aiding and abetting copyright infringement should be liable even if there was also substantial noninfringing uses for their technology. The patent statutes call this "inducing infringement," and the Supreme Court's Sony decision included it in contributory infringement. It seems like a good way to distinguish legitimate users from copyright infringers.

Lee A. Hollaar
Salt Lake City, UT

Back to Top

Don't Miss the Lessons in Games

While I'm sure John G. Messerly is motivated by the best of intentions for his students, I was saddened by the scapegoating of computer and video games in his Viewpoint "How Computer Games Affect CS (and Other) Students' School Performance" (Mar. 2004). As a 10-year game industry veteran, as well as a graduate of the University of Texas at Austin's CS program, I would have hoped that Messerly understood that games are no different from any other distraction vying for students' attention.

Given that students have minimal budgets, it is not surprising that low-cost subscription-based massively multiplayer (MMP) games are popular. While true that some operant conditioning is embodied in the mechanics of the genre, there is nothing sinister about the games themselves. If some students play them to the point of social destruction, then perhaps it is a symptom of mental health issues (depression?) rather than a core problem.

I don't disagree that any form of entertainment should be taken in moderation, but Messerly is missing an opportunity provided by the popularity of the MMP medium. Why not leverage students' interests? MMP games make extensive use of real-time graphics, distributed algorithms, reliable and secure client/server networking, AI, and databases, while being the products of large-scale long-term projects requiring solid software engineering.

Chuck Walbourn
Seattle, WA

Back to Top

Inconsistent Statistics Unconvincing

In "Global Software Piracy Revisited" (Jan. 2004), Seung Kyoon Shin et al. provided unconvincing interpretations of their statistics.

The data in the table of piracy rates, GDP/capita, and "collectivism" index was apparently not the same as the data used for the calculations in the article itself, as the statistics were not identical. Though this difference should have been mentioned, the statistics are close, so the data is probably close as well.

Using the data in the table, the two independent variables—GDP/capita and collectivism—are correlated with an r**2 of 52%, so they are close to being a single variable. GDP is correlated with piracy at r**2 of 70%. A stepwise regression shows the remaining variance is 15%, which is explained by collectivism, so the collectivism index added little independent explanation.

When the data was split into countries with more or less than $6,000 GDP/capita, the regression coefficient on GDP was three times greater for low-income countries than for their high-income counterparts. A $1,000 difference in the under-$6,000 countries was associated with a much greater difference in piracy rates than a $1,000 difference in the over-$6,000 countries. It is hardly surprising that a variation of 1/6 of the total range of the independent variable in one case made a much greater difference than a variation of 1/40 in the other case.

Thomas W. Moran
Saratoga, CA

Authors Respond:
These points enlighten us with a new perspective on our article. Perhaps the use of the $1,000 difference might be improved. If the same rate of increase were applied, the difference between the GDP effects would be about four times as great for low-income countries as for high-income countries. In essence, a GDP divider illustrates the differential effects between the country groups.

Because the two variables were correlated, we conducted a variance-inflation-factor test and reported that the two indicators are independent (footnote 2 in the article). Considering that in 1999 the software industry lost $12.6 billion to piracy worldwide, the cultural factor provides additional insight into the piracy phenomenon. The supplementary cultural factor illustrates that collectivism, a durable cultural variable, requires new strategies for combating global software piracy.

We represented GDP in current U.S. dollars for data analysis and GDP in constant 1995 U.S. dollars in the table. As we pointed out, the implications from the two data sets are identical.

Seung Kyoon Shin,
Ram D. Gopal,
G. Lawrence Sanders,
and Andrew B. Whinston

Back to Top


Please address all Forum correspondence to the Editor, Communications, 1515 Broadway, New York, NY 10036; email:

©2004 ACM  0002-0782/04/0600  $5.00

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2004 ACM, Inc.


No entries found