5th November 2008 ::

Dear America,

Thank you for the smashing new President. He is just what we always wanted. He looks so shiny and nice in the packaging, not like the old one which is broken on the top and Jonny Cornea next door did scratched his name on it and the checks and balances doesn't work right any more. Mum said we have to wait until January to open him so he doesn't get damaged by a harsh-reality, but we can't wait!

I tolded mum that America hates it when we send it the letters ‘from the rest of the world’ and it is a patronising and it makes you annoyed, and then you just get the bad president man deliberately just to spite us. But Mum says we still have to send you a thank-you letter because it is polite and you have to be polite don't you.

(I am not sure if you do have to be polite because that one time the Mister Cheney did say a “Go F...” — oh, Mum says I must not say that word in this house young man — and they still let him be a Vice President and he didn't even have to go the bed without ice-cream or lucrative executive contracts after supper.)

So thank you much we are very glad and I hope you have a lovely Christmas or the thing with the thanking that you have instead of the Christmas.


The rest of the world, age 11

PS. I have drawed you a picture of nice President man on the America Throne. You can put it on your flag if you liked it.

15th April 2008 ::

Here's a new thing for you to play with: the pan-European keyboard layout, something I hacked together with MSKLC after forgetting the character code for ß and having to drag out the damn Character Map once too often. Yeah, Alt+keypad-0223, I know, but you can't expect me to remember all them unicodes.

The pan-European layout uses dead-keys to fit the accented letters of almost all the Latin-alphabet languages onto the keyboard, along with simple Greek, IPA phonetics and assorted dingbats. I've also added quick combinations for typographical features such as smart quotes, dashes and bullets, because I'm fed up of not being able to type them in applications other than Word. And even Word's autoreplaced smart quotes are unwanted or wrong half the time. And I hate using Word anyway. A quick keypress for entering them manually across all Windows apps is a much better plan. Try it out.

Vector graphics gubbins ::

Hooray! One of the few remaining commercial applications I still use and like, Xara Xtreme (being a vector graphics editor and the only one I can bear to use without stabbing myself in the eyes with frustration), has a nice new update out. Headline updates include:

  • 3D extrusions (cribbed from Xara 3D)
  • Panorama photo stiching (cribbed from PanoramaStudio)
  • Web page export
  • Text areas with flow-repelling objects

Unfortunately the headline features aren't actually the good ones. X3D and Panorama are sort of toys really, they're harmless enough and were obviously an easy steal from code Xara already had to hand, but they don't really integrate much with Xtreme's core vector graphics feature set. The photo levels/cropping stuff being built in, instead of farmed out to a weak external bitmap editor is very welcome though.

The web page export function is reasonable enough for producing some static graphics in an HTML format, but it's a long way from producing usable web pages. The code produced is messy to a level where it's barely editable at all and there are severe accessibility problems. Of course this isn't entirely Xara's fault*: Xtreme is a static vector graphics editor, so it has to try to position each line of text to a pixel-perfect absolute position. This approach is never going to be able to hack it for producing ‘proper’ web pages, but it's fine for rapid prototyping and pages that only carry graphical content. It's just unfortunate that people are apparently using it to create entire web sites.

The text area and on-the-fly reflow-around-objects stuff is good though — another fast and smooth innovation in the traditional Xara style. Nice to see this available in the standard version of the software as well as ‘Pro’ now, too; the same goes for PDF and RAW import and multi-page. Meanwhile the ‘Pro’ version gets multi-CPU redraw support; this seems a bit like a core feature* to me rather than something that should be limited to Pro, but I guess with the other features migrating they have to find something to put in to justify the expensive version. (Personally I don't care, since Xtreme is already very fast at rendering with a single core.)

But really, the best bits in Xtreme 4.0 are the fixups they haven't trumpeted quite as loudly:

  • ‘Combine shapes’ boolean path operations are now completely accurate, instead of the nasty approximations it used to do before. Great to see this complaint attended to — I was halfway through going through the old Linux port code to work out how to fix this myself, out of frustration.
  • New ‘VHQ’ rendering mode with more anti-aliasing levels and, finally, proper bicubic filtering when bitmaps are reduced below their original size. This makes doing web graphics completely in Xara much easier: not so much need to export greater-than-actualsize and resample in a bitmap editor.
  • Lots more ‘unlocked’ live effect filters, so you can run the usual range of bitmap filtering stuff on fully-editable vector objects. Again, much less exporting to and from bitmap editors needed now.
  • A text tool that doesn't fall on its arse when you try to use Unicode and dead-keys with it (see above) and with a WYSIWYG font menu (which makes the nasty old font gallery thing redundant).

So what next for Xara? I'd like to hope for a few more vector tools before any further fripperies like the 3D extrude and panorama tools. A vector flood-fill should be nice and easy now that shape combining is accurate, and a 2D vector-extrude is essential, if only to justify the existence of the 3D bitmap-based one! Better snapping/inference would be nice (using highlighting similar to Vegas or Sketchup), but most of all the quirks of the path tool should be fixed.

It may sound like I'm being harsh on Xara, but I have to say the path tool is still ten times less annoying than Illustrator's. It would just be near-perfect with just a few little fixes to rid us of the nodes that can't decide whether they're smooth or cusps, and sticky bezier control points, in particular.

However my number one gripe is a tediously familiar one: the web site. The thing you always want to see on an application's website, as a potential customer, is a bunch of at least near-full-size screenshots, to get a good idea of what using it is going to be like to use.

Dear software industry, why do you always fail at this? It's pretty simple. We don't want to see a load of marketing bumph on the front page, we want screenshots. Sort it out!

Bitmap graphics gubbins ::

Welcome ladies, gentlemen and cheesy gameshow hosts to Who Wants to Resize an Image?, the great new site log entry where we test regular bitmap editing applications to see if they have what it takes... to resize an image!

[Cue unbearably pompous theme music]

What's that? “Of course they can resize an image, it's the single most commonly-used basic bitmap-handling function”? Well, you'd think, wouldn't you. But it's trickier than it looks when you're up on stage with all the lights and pressure, and some bitmap editors have been known to bottle it. So without further ado, here's today's challenge image!

Who Wants to Resize an Image?: 32x32

Ooh! It's a lovely 64x64 black and white checkerboard pattern. And our output size today is... let's spin the wheel of dimensions... oho! 32x32 pixels, that's our target for tonight!

Should be a nice easy one, eh, ladies and gentlemen! The larger 2x2 squares should become single black and white pixels, whilst the rest of the output pixels each contain 2 black and 2 white pixels in the source image so they should come out a solid mid-grey. We've even made the white pixels actually ‘rgb(254, 254, 254)’, so our contestants should be able to make the grey simply ‘rgb(127, 127, 127)’ and not have to worry about dithering the extra half a unit we'd get if it was full-on 255. Because we're nice like that. We just want them to score well, because what do points make? Pr... oh, my mistake, there aren't actually any prizes, sorry.

If a contender smears the edges of the grey, or the black and white pixels aren't completely sharp, well I'm sorry, that may be acceptable for quickly fudging photos where you come from, but we're drawing icons and web graphics here, so we need our laboriously-lined-up pixel lines to actually come out on the whole pixels. But nobody goes away empty handed, all our losers — I mean runners-up — will receive this lovely DOXdesk chequebook and sarcastic remark.

So let's welcome the first contestant, The Gimp 2.4, an open-source bitmap editor from Berkeley. Hello Gimp... that's quite an unusual name isn't it! Ah, no, we don't have time for a funny story, let's get right on and see if you can correctly answer the question, what should this image look like resized to 32x32? Now don't be nervous, we all want you to do well, just take your time.

[Over-the-top tension background music]

Gimp 2.4 results

And... yes! The Gimp has done it! An exemplary bit of scaling there, both in the default bicubic mode and in the bilinear version, which of course mathematically should give the same results in this test. Say what you like about the open-source application's interface [and what I like to say about it is that it's crap... but then so's every other bitmap editor UI about at the moment, so whatcha gonna do?], those boys know their algorithms. Smashing, well done, you're a lovely couple.

Next up we've got another open-source contender, it's Paint.NET 3.2. Now you're from Dotnetframeworkland, it says here. Yes? Oh, sounds lovely. Now, if you could take a look at this little teaser and tell us what it should look like scaled to 32x32 pixels, that'd be just great. Ready?

Paint.NET 3.2 results

Yes! Paint.NET has also come up with the correct answer! Round of applause please everyone! But hang on a minute, what's happened in bicubic mode? It's not the default image scaling mode, but look, the edges are all wonky, the pixel grid's slightly blurred, the grey area is weirdly graduated. It's good, but it's not right! You don't get nothing for a smudge, not in this game!

Hoping to reduce the competition to a smudge now, it's Adobe's undisputed heavyweight champion... the bitmap app that needs no introduction... apart from this one... I give you... Photoshop CS3! As the most widespread image editor and at a cost of six hundred quid (blimey ladies and gentlemen eh!) we're expecting a great result from the king of...

Photoshop CS3 results

...oh no! Photoshop has fumbled it! Despite twenty years of training over thirteen major versions, Photoshop's default bicubic mode still can't do a resize without smudging the edges and adding spurious brightnesses to the corner pixels. Gong! Get off the stage!

And Photoshop is getting up and trying to claw back a bit of face by being able to do it properly in bilinear mode instead of the default bicubic, but really, that's got to be a bitterly disappointing effort from the market leader there, and yes, can you please get off the stage please Photoshop, to make way for PHOTO-PAINT, the bitmap editor from rival Corel's flagship DRAW Graphics Suite 12. They do like their capital letters, but is PHOTO-PAINT's resizing performance worth shouting about?

PHOTO-PAINT 12 results

Oh dear, no! Ooh, that's a bad fall. Again, PHOTO-PAINT smudges the pixel grid and gets the corner pixels wrong — ‘rgb(141, 141, 141)’ in the bottom-left, that's well off. But worse than that, it's got the positioning wrong, leaving the image off-centre, smudged upwards and rightwards half a pixel. That's a schoolboy graphics-algorithms error, and unlike Photoshop there's no other rescaling mode that avoids the problem, the judges aren't going to like that.

Louis: No, we expected better from an application of PHOTO-PAINT's pedigree, that's really not a satisfactory performance there. And also, begorrah.

Sharon: Aww, it resized its little heart out, bless, but it wasn't enough, was it. Poor thing.

Simon: What a load of complete crap. PHOTO-PAINT? More like PHOTO-CRAP! ha. You should be hanged in the face mate.

Audience: Booo! Simon is such a nasty.

Just time for a quick break for a couple of pieces of software that aren't bitmap editors. First, the above-mentioned Xara Xtreme. Now I'm told your new VHQ rendering mode is impressive, let's see if you can keep up with the best of the bitmap editors at image rendering.

Xara Xtreme results

...oh, shame, not quite. You've done the same as Photoshop, but with slightly less prominent mistakes in the corner pixels. On any other show, beating Photoshop by a nose would be considered a victory. But today, it's not enough. And how about you, Python Imaging Library 1.1.4? As an extension module for a popular scripting language, you're going to be doing batch jobs like resizing a lot. Can your ANTIALIAS resize mode do it right?

PIL results

Ah, what a pity. You're off-center by a pixel, you've got a bug that makes the top-left corner completely (and randomly) wrong, you've totally smoothed out the pixel grid, and got the averaged grey slightly off. You've let us down, you've let the judges down, but most of all you've let yourself down. Hang on though! There's a version 1.1.6 come out which fixes it so the results are similar to Photoshop's bicubic resize, only with a wider blur. Nice try, but it's still into the gunge tank with you!

Any bitmap editors we've missed? Oh, of course, Corel actually own two more apart from PHOTO-PAINT, since they've been busy buying every other company in the imaging market. Up first is Ulead's PhotoImpact X3. I'd forgotten about you! Oh, right, so have Corel, I see. Well I normally associate the Ulead brand with dodgy consumer-focused video editors with ghastly UIs, bundled with DV cameras, so I'm not expecting great things here.

PhotoImpact results

But what an upset! My word! PhotoImpact pulls it off splendidly. That's a completely correct scaled image, fantastic, ten points to Ulead, that's showed PHOTO-PAINT how it's done. And finally, Corel's other other bitmap editor, nabbed from JASC, it's Paint Shop Pro Photo X2! This is the one Corel are now pushing as their main bitmap-oriented product, so it'll surely have to do really well in the resizing test. But man, what've they done with your interface, PSP? I'm sure you never used to look this ugly. Ah well, let's get to it...

Paint Shop Pro Photo X2 results

Oh bad luck there. It's correctly aligned at least, but except for the top row very smudged, and... well, that's an unusual choice of grey. Yes, ‘rgb(187, 187, 187)’ is a pathologically unusual choice of greyscale for a mid-point between black and white. And your bilinear version is the same, only slightly blurrier. Let's face it, you've embarrassed yourself there. You're standing up on stage and you've wet your pants. The audience hasn't noticed yet, but your hot sticky trousers are baking pee-smells in the hot studio lights and there's a puddle forming by your leg. The best we can do is hurriedly bring the show to an end before you burst into tears. What an unseemly way to end the show.

So there we are, ladies and gentlemen: resizing an image properly, apparently harder than you'd think. Joint winners are The Gimp and Ulead PhotoImpact... let's give The Gimp the tie-breaker as it also offers a Lanczos resize mode. Runner-up: Paint.NET. The rest: I'm disappointed in you. And those of you with version numbers into the double digits in particular should know better. I'll be writing a note to your parents.

That's all from Who Wants to Resize an Image tonight, join us next time for an exciting game of Who Wants to Rotate an Image by 90° Without Messing up the Dimensions or Losing Rows! (Clue... PHOTO-PAINT: not you.)

1st February 2008 ::

Coming to you today live! from London's famous Tottenham Court Road, home of glamour, litter, a challenging gauntlet of charity pesterers, and the world's rubbishest internet cafés. (From which I can't even upload this post directly, so it might not appear for a few days and the bit about “live” is technically a lie. Why do stupid internet cafés have to do crazy things like block SSH connections, and remove Windows Explorer? What do they think they gain by this? Gah.)

Oh, and the bit about the glamour was a lie, too.

I'm Londonning it with a few other sorts from UKNova, for the Westminster Media Forum seminar on Video on Demand. Since UKNova is a BitTorrent site tracking mostly unauthorised captures of UK TV programmes, and pretty much all the other seminar participants are from the UK TV industry, I'm pleasantly surprised that we got out without being arrested or lynched or hanged outside the Houses of Parliament, “You wouldn't steal a TV programme!” daubed in blood sending a strong message to the nation's copyright scofflaws.

DRM is broke ::

Actually it was a bit tame, with some (partially-justified) industry backslapping at the success of VoD in the UK so far, but skipping over some of the controversial items. The session that was to cover Rights Management, for instance, barely mentioned DRM at all, with the simple platitude given that “the rights-holders will have to decide what DRM to have”. A bit disingenuous when the current internet offerings have exactly one DRM model with no possibility for rights-holders to choose anything different. And naturally some of the biggest rights-holders are themselves operating the VoD services, so as a blame-throw it doesn't really work.

It's lucky for the VoD providers that the remaining rights-holders don't seem to have twigged the fundamental flaw of DRM — you know, the minor flaw of not actually working. Microsoft's WMDRM system, used by the main PC-based VoD services in the UK, has been cracked for a long time. Programmes sourced from both the BBC's iPlayer and Channel 4's 4oD have been de-protected and uploaded to torrent sites including UKNova. (Where it's not encouraged; and most cappers prefer the higher quality available from the free-to-air DVB streams anyway, but it has happened.)

So DRM isn't effective — except as a convenient fiction to comfort the rights-holders. Is this fig leaf really worth all the trouble it causes? The customer inconvenience, the cross-system incompatibility, the instability, the control by an external party. Is it? Is it?!*

So the matter of DRM was snuck out of the room quietly to avoid the embarrassment of having to talk about it. At some point TV will doubtless follow the music industry in realising how pointless it all is, but that's not today's game.

The UK internet is broke ::

We did get a little more friction from the ISP issue, even though it wasn't technically on the agenda. Ofcom's Jeremy Olivier opined the UK internet provision market was competitive enough to provide customers with the increased capacity needed to make VoD work, whereas, on the other hand, no-one else in the room seemed to agree.

Get unlimited internets!!* with Piscali! Download infinite movies superfast!!* (* - may not be unlimited or superfast and torrents won't even work, but hey, you'll be stuck in a 2-year contract so, you think we care?)

Whilst I'd certainly agree that the UK ISP market is competitive, it's not happening in a way that results in better products for the consumer, unfortunately. The majority of ISPs are advertising low-cost, high-bandwidth unlimited connections, positively encouraging downloading large files and video on demand. But as the amount of data customers want to transfer goes up (thanks to VoD, file sharing and heavier web use) the economics of home internet provision in the UK makes this impossible. ISPs respond by continuing to use ever-higher headline connection speeds, but limiting the amount of data that can actually flow through them. A variety of more or less sneaky options exist, typically targeting BitTorrent, general file-sharing or, in the worst cases, all non-web traffic. Affected traffic can be slowed down to dial-up speeds or worse.

The BT-bound IPStream/Datastream providers can't possibly afford the capacity they'd need to offer real unlimited connections to users, at current market prices. Whilst the LLU providers potentially could (after recouping higher initial costs), they're not available everywhere, and they still have to compete with the low prices of other ISPs all falsely claiming to have unlimited capacity.

Why someone (Advertising Standards? Office of Fair Trading? Ofcom in general? Anyone?) isn't doing anything about this false advertising I can't fathom. Customers are being lied to, short-changed, and then locked into lengthy contracts it can be difficult to get out of when they discover the deception. And as VoD adoption continues the situation is going to get increasingly untenable.

One technical nugget was dropped in on this front, though: cable op Virgin Media is planning to add capacity by upgrading to DOCSIS 3.0 this year. This is encouraging, as the cash-starved collection of various old-school networks they inherited when buying up the UK's various cable providers is already starting to feel the strain, to which Virgin have responded in many areas with brutal traffic limiting. But from my memories of Virgin's predecessor companies, I woudn't hold my breath for it actually going out in any widespread fashion this year.

Maybe I'm just spoiled by the excellent connections at low prices available to me in countries like Germany and Japan, but it's curious how the UK and US, who pride themselves on free markets, actually end up with such mediocre choice.

The long tail is broke ::

Everyone was talking about the forthcoming BBC/ITV/C4 VoD service codenamed ‘Kangaroo’, which is a bit silly as still no-one knows anything about it, and is basing their discussion on the technical prognostication technique of ‘guessing’. Except presumably the representatives from BBC and C4, and they're pretty tight-lipped about it.

What we do know (thanks to C4's Sarah Rose) is the service is expected to carry third-party submissions. Whether that's to be simply extended material from existing production houses, or more of a free-for-all isn't clear. The only other news — less of a revelation than a confirmation of what we glumly expected — is that there are no plans for Kangaroo or any other service to touch markets outside the UK.

This is desperately short-sighted. UK TV has enormous global potential, not just with ex-pats like me, but amongst all of the English-speaking world. UK programming is already surprisingly popular at TV and general torrent sites worldwide, and should be attracting viewers in the same general market as US media giants.

At the moment, though, the country's content is woefully under-exploited. If you're in the US, you might possibly be able to get BBC America, but if so your cable operator will be charging you a premium for what amounts to 24-hour daytime television. Goodness knows how BBC Worldwide came to the conclusion that what the US market needs is endless provincial inconsequentia like Cash in the Attic, but that's inexplicably how the schedule ended up. The rest of the world has to make do with a bitty little patchwork of difficult-to-receive channels in different countries with similarly lacklustre schedules if you can even manage to get hold of them.

Sure, clearing rights worldwide is a problem, but a wide-ranging VoD service with some content available worldwide would be a perfect way to encourage rights-holders to stick some of the programmes on that are never going to get shown on foreign channels otherwise. I hesistate to mention iTunes since I personally dislike it for other reasons, but make it that easy and they will come.

There was a lot of talk about the long tail: how, once you make everything available, there's a surprising total demand for obscure and niche item. Virgin's Malcolm Wall proudly explained that over half of their views were already coming from shows outside the top 50 — and that's with only a very short ‘long tail’. (Virgin and the others may be boasting about a few thousand hours of material available on demand as if this is a huge quantity, but between DVD box sets and downloaded UK telly I've got more than that in my own personal shiny-disc collection.)

Yet if broadcasters stick to the attitude that — to paraphrase Rose from memory — ‘any show there's demand for will obviously be picked up by foreign broadcasters’ (and similarly obscure archive content is not worth providing at all to anyone), there's no chance of the long tail ever coming into fruition, and potential viewers outside the UK will have to stick with what commercial broadcasters have seen fit to import, which is bugger all. And unauthorised services like UKNova will need to carry on making up the difference for a good long time yet.

29th January 2008 ::

What ho there chaps. Over at DOXdesk it's been plenty busy, but there'll be actual new stuff here this year... promise. There's a fair amount of code we've been using in production for ages that just needs a little polish so it can be released publically. That last little polish that always mysteriously takes weeks and keeps getting put off whilst doing other projects, you know the kind of thing. But still.

In particular you can expect some web-related releases soon: there's a new, vastly improved replacement for form.py (the first Python module we ever gave away!), a new major release of PXTL and a whole new bulletin board package. For some reason there's a real dearth of Python BB software available at the moment so hopefully this should fill one of them there holes. I don't know about you but I'm fed up of PHP board software, with its spaghetti code, endless security holes and dismal Unicode support.

But the first software of 2008 from DOXdesk is better than any of that. In fact it's the best* anti-virus package ever!

Anti-malware: state of play ::

The end of last year saw a slew of articles proclaiming the anti-spyware market dead, and not without reason. With many of the commercial anti-spyware players moving their products into the traditional anti-virus space, and the original anti-virus vendors including a wider threat base into their software, the noticeable difference between the two is diminishing, and in this environment the AV behemoths must have the upper hand.

And it has to be said, the nature of the malware threat has changed too. The traditional Unsolicited Commercial Software pushers, whose parasites were always the central focus of anti-spyware apps, are a shadow of their former selves. Just a few weedy lawsuits and slaps on the wrist from the FTC seem to have made Direct Revenue (Transponder), 180 Solutions (nCase/Zango and now Hotbar and CDT) and IST rein in their worst excesses... and saw Direct Revenue give up, unable to make money without abuse. The FTC did manage to shut down the ghastly Roings/Media-Motor, and Holland's equally-foul DollarRevenue were similarly stopped. It's a pity they will all get away with the ill-gotten gains of non-consensual installations, but at least we're rid of their despicable fat faces for now.

Not that things have necessarily got any better. The Russian-language malware market — that chaotically-organised tangle of relationships and affiliations between adult webmasters, hackers and fraudsters — originally known as ‘CWS’, continues to grow beyond all hope of getting it under control. It generates literally hundreds of thousands of payloads, beyond any signature-based AV tool's capacity to keep up. It compromises internet servers on a massive scale, making it impossible to be sure you're browsing to a ‘safe’ site. It has put away the simple homepage hijackers and traditional partnerships with the trad spyware vendors mentioned above, in favour of stealthy keylogging/bank-targeting trojans and brutal promotion of rogue anti-spyware applications operated by other CWS partners. Meanwhile the Chinese are starting to move in on the same exploit 'n' botnet model in ever greater volumes.

Ryan Naraine on the ZDNet blog spots the trend, but somewhat misattributes the blame IMO:

For the most part, this was a definitions game played to perfection by both sides — the noxious adware vendors who wanted to be viewed as legitimate; and the slick anti-malware vendors who were only too happy to play along to sell a brand new product.

That really wasn't the way it originally happened. When spyware started to hit the headlines around 2001-2002, the anti-virus companies wouldn't touch it with a barge pole. No matter how hard customers complained that the software was unwanted, harmful, and installed without permission, the AV companies ignored the problem. Maybe they didn't understand it... more likely they were afraid of the spyware vendors, the great big farty cowards.

The anti-spyware response was anything but slick. Lavasoft was once a grass-roots company run by a few enthusiasts; it, Spybot, myself and the others that followed were in it to hurt the spyware scumbags, not to sell a product. Our response was ragged software and personal anger, not professionalism.

Now it's become clear there's a market for it, and most of us have escaped or won the constant lawyer attacks intact, the AV companies want in.

But their products are just as hopeless as ever.

AV is rubbish ::

I'll probably lose my special Security Club hat for saying so, of course. We all know the reeived wisdom that must be handed down to users for their own protection, and it must not be questioned or the poor souls might get confused.

Thou shalt run anti-virus. Thou shalt install a personal firewall. Thou shalt not visit dodgy sites. Thou shalt be a good boy and eat all thy definitions updates or thou shall not grow up to become strong and healthy. That'll be another $30 please.

There's only one minor problem: it's a crock. Personal firewalls are pointless for many users (another rant for another time there, I think); avoiding ‘dodgy sites’ won't protect you from the mountain of compromised ‘legit’ servers or advertising networks, and as for AV... it's well past time for a backlash.

Sure, it looks good on the surface. All AV packages claim to detect 99.9% of ‘in the wild’ viruses. But when I happen across a new web exploit infection source and submit it to the multi-AV-checker services, typically less than half the AV engines notice anything wrong. And those that do pick it up often identify it wildly wrongly.

This is not atypical, judging by other malware handlers' reports. And it's not atypical judging by the machines I end up having to drag in and fix. I've got the neighbour's PC here, loaded up with anti-spyware and anti-virus scanners. They're even up-to-date — good boy! — but he's still infected, with a keylogger rootkit, a banking-focused password stealer BHO and a rogue-AV promo.

Anti-virus, you have lost. You sit there filling up our system trays with your little icons and flashing bubbles, constantly seeking attention with your false positives and pleas for updates and money. Your ugly self-advertising user interfaces make us feel physically sick. You cripple our machines' performance and stability with your hundred processes and services loading at bootup and klunging up the system hooks. It takes a lot to bring a modern, powerful PC to its knees with swapping and bluescreens, but you manage it.

Yet despite all this, you still don't protect us. Oh, sure, AV is still effective against old-school viruses and the more widespread mail worms. But come on, what idiot still gets infected by those? No, the bulk of today's infections — including my neighbour's — are driven by web browser-based exploits and related fake-software downloads, against which today's AV tools are woefully ineffective.

The payloads involved are enormous in quantity and range, and are mutated constantly. Against this, signature-based AV has no chance to keep up. Woollier signatures and heuristic-based detection increases the chances of detection a little, but at the cost of so many false positives the user can't trust it any more. Or worse, they do trust it and end up deleting a bunch of random files that happened to be compressed using an application compressor (packer=virus, according to stupid AV). Oh, and Windows Explorer.

Oh sure, you might get an alert from your AV when visiting an exploit, because it peeks into your internet cache folder and manages to recognise part of the payload, or an intermediate downloader file, or the original exploit itself. “I've removed a virus for you!” it says, “aren't I super! It's ‘Delf’, or ‘Agent’, or ‘Small’, or one of the other names we give to specimens we don't really know what they are but they're probably not good”.

By that point it's far too late; either your browser wasn't vulnerable, and the AV has valiantly protected you from nothing at all, or the suspect code has already been run, downloading a whole bunch of other bad stuff. Even if it did miraculously catch all of those (and the odds aren't looking good), how could you possibly know for sure you were still clean? There are some very hard-to-spot rootkits out there that your average PC-using clod hasn't the faintest hope of detecting.

(That's the point at which flattening the OS and restoring from a clean image comes in handy. You did image the system disc, didn't you? You did partition the system disc separately from data, so you don't lose all your documents, right? Oh, your machine came from the idiot manufacturer with a default single partition, and a recovery CD that writes the whole partition? Oh bad luck there mister.)

One day, per-program permissions will be the norm at an OS level, and we'll have the benefits of proper sandboxing without the usability and stability problems of today's primitive behaviour-blocking AVs. Until then...

The interim solution ::

Today's AV is a dead loss. But you can't simply not install any, or everyone will complain. That's where PlaceboAV comes in! It's the fantasic anti-virus solution that's super-fast and absolutely reliable... because it does nothing at all.

PlaceboAV - Ultimate anti-virus solution!! Protect your PC! Just not very much. Download now, FREE!

Yes, new from DOXdesk, PlaceboAV is just as effective as leading anti-virus software — that is, completely ineffective — whilst having no negative impact on system performance, and never bugging you with extraneous errors.

Get the full performance out of your computer, in total peace of mind because there's a little icon in your system tray so you must be safe. And if you're worried that your protection isn't up to date, open the program window, and simply click the Update button for all the latest definitions!

(NB. Since there are no definitions, the Update function does not actually bother to contact the definitions server, and just pretends to load updates. This is more efficient on network bandwidth. And also there is no definitions server.)

Download PlaceboAV now! An unbelievable feature-set packed into just 56KB of executable*! Lordy, it's a miracle! And it's free!

And! As Well! Purchase PlaceboAV Plus Pro now! It's got all the great features of PlaceboAV Free edition, plus you can pay $30 a year for it! Awesome!

DOXdesk is not responsible for any viruses you get whilst using PlaceboAV under the impression it is actually doing something. Well, we probably are responsible, but we're not going to do anything about it and you'll not get a penny out of us. Go away now.