More Chrome

Amanda McPherson of the Linux Foundation has an interesting blog post in which she tries to discern Google’s objectives in introducing the Chrome OS.  As I did in my earlier post, “The Other Shoe Drops”, she points out    that Google has a fundamental interest in increasing Web usage:

Google’s main motivation in every single thing it does is to put more and more people online, all the time, to view their ads and to make use of their applications (thus seeing more of their ads).

And she makes the further point that Google’s interest is broader than just the desktop and laptop PCs in first-world countries:

Google wants to see multiple devices connected to the web in every household. A web device in your pocket, one on your wrist, in your car, on your boat and in every room of your house; not to mention computers in homes in the developing world.

Historically, Microsoft’s OEM license terms have provided very strong incentives for vendors to install Windows on every PC they shipped.  (For example, the machine on which I am writing this came with Windows pre-installed, and I am sure I paid something for the “privilege” — but this machine has never run Windows for actual useful work.)  The success of the new “netbook” computers, many originally configured with Linux, has forced Microsoft to make available an old, theoretically-discontinued version of Windows (XP) at a heavily discounted price.

Ms. McPherson also identifies the application development potential of Chrome as a key selling point:

I think Google’s Native Application Project will be a key part of this OS. What this means is that I can run certain native applications just as easily through my browser on Linux and x86 as I can on Windows or Mac and x86, and that I can make use of more of the computing power of the device than through the normal app/browser paradigms of today.

Finally, although Microsoft has recently made some serious efforts to get into the cloud-computing area, with Windows Live, running large data centers and Web services has not historically been their strong suit.  To the extent that the Chrome OS is successful, it will have the effect of forcing Microsoft to play Google’s game.

Cyber-Attacks

Over the past few days, there has been an ongoing series of denial-of-service attacks against Web sites in South Korea and the United States.  The attacks began over the July 4th weekend; some of the US sites originally targeted were whitehouse.gov, the New York Stock Exchange, the Washington Post, and the Federal trade Commission.  The technique employed is called a Distributed Denial-of-Service [DDoS] attack; it employs a large number of computers, typically individuals’ PCs that have been taken over by malicious software, to flood the target sites with mroe traffic than they can handle.  Brian Krebs of the Washington Post has a blog post about the attacks.

There have been some suggestions that North Korea has somehow orchestrated this attack.  Although the suggestion is to some extent plausible, I have not been able to find any actual evidence of that from public sources.   The attacks have been relatively modest in scale, and are not terribly sophisticated:

Officials and computer experts in the United States said Wednesday that the attacks, which began over the July 4 weekend, were unsophisticated and on a relatively small scale, and that their origins had not been determined.

It appears that something like 60,000 hijacked PCs are involved; again, this is not particularly large in comparison to some past attacks.

Although there is a tendency for some sections of the media to hyper-ventilate about any incident like this, I think there are a couple of things to keep in mind.  First, no essential functions of the government of either the United States or South Korea have been significantly degraded.  The attack is a nuisance and a problem, but not a catastrophe.   The economy of the US, troubled though it is at the moment, is not critically dependent on the operation of the White House Web site.  As John Bambenek at the SANS Institute puts it,

However, the key takeaway is that the governments of the US and S. Korea are still working and still operational. They do not rely on their public facing websites to work.

Second, this attack does not use any fancy new technique; it appears to be a variant of a computer worm affecting Windows PCs called “MyDoom”, which first appeared in 2004.  Users running Windows that exercise ordinary caution (don’t click on links in unsolicited E-mail, and don’t open unexpected attachments), and have reasonably up-to-date anti-virus software probably have little to worry about.