Title: Editorial

How often have you been approached by a friend, colleague or family member telling you that "the Internet isn't working"? If you're polite, you'll work out a way to find out what is actually wrong without having to tell them that there is no single centralized thing called the Internet, and that most of it certainly is working just fine, thank you very much. I hope you'll do me the same courtesy when I say that, right now, the Internet is not working.

Decentralized as it is, there is one thing holding the Internet together: the distributed database known as DNS (domain name service). While DNS information is distributed, it relies on a known set of "root" servers to provide authoritative information on top-level domains. Maintenance of these root servers is contracted out to Verisign, a private company whose interests do not always coincide with those of other Internet users.

One thing Verisign are responsible for is answering DNS queries for machines in the .net and .com domains. Fortunately DNS is defined by open standards, and Verisign are (or ought to be) bound by various contracts and rules. So far, so good. But then Verisign decided to change the way DNS works on the Internet, presumably in a bid to make more money. In effect, Verisign have registered every single possibly unregistered domain in the .com and .net domains. Yes, every single one. Any lookup for the address ("A" record) for a domain name that is not registered to someone else will now return the address of sitefinder.verisign.com, where it should return a result indicating that the domain is not registered.

In case you're thinking that this is harmless, let's look at some consequences.

There is more, but space and time are limited. A quick web search (or a visit to Slashdot, http://slashdot.org/) will get the latest details.

There is an online petition to register disapproval with Verisign's actions to ICANN, the authority responsible for the appointment of Verisign and others, at http://www.petitiononline.com/icanndns/petition.html

At the time of writing about 13,000 people have signed. Don't be passive - make your voice heard. It might make a difference. Verisign's current position is to claim (against all manner of evidence) that their change has not had any significant ill effects. It's necessary to make a stand against this behaviour. If the directory services of the public Internet can be subverted for gain by a private company, there is little hope for keeping the Internet remotely honest.

I'm hoping that cybersquatting rules will be bought into play. Maybe a $0.01 fine for each domain that Verisign are inappropriately redirecting to their site would suffice...

It has long been a cliché to say that "the Internet interprets censorship as damage and routes around it". It's pleasing to see that the Internet community has some ability to interpret abuse of power similarly, and to reduce its effect. Within days of Verisign's attack on the Internet's infrastructure an update was announced for BIND, the most common DNS server on the Net, to filter out the inappropriate A records returned by Verisign's root nameservers. I am in two minds about whether it is better to lobby our ISPs to install patches for their nameservers to limit the damage Verisign can do or to meet the problem head on. Opinions?

[Late breaking update: ICANN has formally requested that Verisign restore the previous functionality of the DNS system while an inquiry is conducted. It's possible that Verisign might do so - but they have not yet.]

I have used a fair range of different operating systems in my time, from the unnamed OS powering my first 8-bit micro through Acorn's amusingly named "Arthur" (presumably a reference to the fact that it was Arthur, sorry, half a, operating system, a stopgap until RISC OS was released), a Unix from a company using the now largely disgraced name SCO, IBM's OS/2, more flavours of Windows than I choose to admit (even to myself), Mac OS and a host of others including RTOSes from embedded systems. My latest venture in the OS world has been to run a system using Apple's latest offering, Mac OS X. With Mac OS X, Apple have left behind their legacy and moved into the 20th, sorry, 21st century with pre-emptive multi-tasking, protected memory and many of the other things that other "grown up" OSs have been offering for many years. They continue to offer an OS heavily influenced by aesthetic factors, and intended to be more user-friendly that the competition. Most importantly for me, it's a Unix (or at least, Unix-like) system that integrates smoothly with my laptop hardware (because it's a one vendor show) and allows me to run Microsoft Word natively. So far, so good (again).

There were several reasons for me to give Mac OS X a try. Firstly, as with many programmers, I like to work with anything new and different. Secondly, it was guaranteed to go down well with my Mac-loving wife (who was not my wife when first I bought a machine with Mac OS X pre-installed). Those two are not necessarily in order of importance. Thirdly, with Mac OS X Apple appear to have moved on from previous battles with the Free Software and Open Source worlds a little, and now ship a software which is based on an Open Source core, Darwin. Indeed, Darwin is essentially Mac OS X without the pretty graphical user interface, and is freely available - which can come in handy, as when recently I wanted to see how to make system calls without using the supplied C library.

An aside: that was part of a hobby project, implementing the standard C++ library for myself - a fun exercise I'd recommend to anyone who wants to get more familiar with the library. I'd also recommend that for most purposes you use a tried and tested implementation rather than a homegrown one. std::list, for example, may be nice and easy to use, but in terms of implementation difficulty it's by far the most complicated linked list specification I've ever come across! Now where was I? Oh, yes: back to the OS talk.

My first real experience with Mac OS X was with version 10.1, and I had mixed feelings. As a Unix it's rather non-standard in terms of directory structure, startup operation, and many other aspects. As a system with a much hyped graphical shell, it felt rather incomplete - things that should have been simple weren't possible without dropping back to command line tools that were specific to Mac OS X. One small hurdle was the fact that Mac OS X does not, by default, permit root logins, and the option to allow them is well hidden. Using sudo is a good idea, but sometimes I just want to be root for a while.

The upgrade to Mac OS 10.2 filled in 90% of the holes I saw in 10.1. Stability issues still exist, and Apple's "It just works" slogan annoys me, because I find that less true of Mac OS X than of the other platforms on which I work and play: with Mac OS X simple things intermittently stop working, and then start working again. The ping utility, for example, will stop being able to resolve names even when nslookup can - and then minutes later ping will recover its senses. Come on Apple, the basics should "just work". I do have to reboot several times a month, a level of instability I haven't seen since Windows NT 4. At least I got a free upgrade to 10.2 as I bought 10.1 only weeks before the launch of the later version.

But now Apple are set on losing whatever loyalty I might feel towards them. We are promised that the next release, 10.3, will cost US$129 whether you are upgrading from a 5-year old OS or from a 5-month old copy of Mac OS X. Should a company with a market share smaller than 5% of the desktop be so hostile to its existing users?

Maybe it's time for me to move on and try another exciting new OS - any suggestions?