The press recycles worn clichés when it reports on volatility in the markets. Last week’s 700-point drop was a “collapse” and today’s 5% drop is a “meltdown”.
I’m sorry, but 30% is a meltdown and 50% is a collapse. 5% or 7% do not rate such excessive terms.
A widespread financial meltdown almost invariably correlates with widespread fraud. Companies that specialize in data mining should focus on developing forensic accounting data mining tools instead, and partner with investigation agencies or law firms to sell audit and prosecution services to the government, on a bounty basis. It’s not as if the enterprise market is going anywhere but down.
Some yahoo at Debian found what he thought was a bug in OpenSSL, and decided
to comment out some code without having any clue what purpose it served. That
purpose was to seed a pseudo-random number generator with entropy from memory,
specifically /dev/random. This only broke the cryptographic security of
OpenSSL on Debian (and thus Ubuntu) while being mostly
undetectable. It’s quite likely attacks of the same ilk were
deliberately planted by various spy agencies.
This is just an extreme example of why I prefer to build open-source software
from source code myself rather than trust blindly in some packager whose
choice of compile-time settings almost certainly doesn’t match mine. I
have a framework of makefiles that specify how each package is built from
source (meta-makefiles, really). This includes checking for new versions of
the package, setting configure options and make environment variables. For
instance, to fetch the most recent version of OpenSSL, all I do is make sync-openssl; make openssl then as root run make install-openssl. The
maintenance burden is low as I have been assembling these metamakefiles over
the last 12 years, targeting Solaris and OS X. The end-result is a
deterministic build according to my specifications.
My process would not ward against a malicious attack like Brian Kernighan’s notorious trusting trust attack, but it has served me well over the years.
Much of the current financial crisis is due not so much to realized losses on mortgage-backed securities as on uncertainty as to how much the derivatives are worth. Perhaps it’s time to start reversing the process and producing individual mortgages back from derivatives, which at least have some assessable value, even if real estate prices fall by 30%.
Why are Untied Airlines, American and Delta still referred to as “full-service airlines” and Southwest as “no-frills”? As far as I am concerned, it is exactly the opposite. Southwest has leather seats, provides in-flight snacks for free, does not gouge you for checking bags, and if they screw up they will make it right and offer you vouchers in compensation. The so-called premium airlines won’t.