BKMILPRJ.RVW 990620 "The Millennium Project", Joseph Massucci, 1998, 0-8439-4460-9, U$5.99/C$6.99/A$12.95 %A Joseph Massucci joe@massucci.com www.massucci.com %C 276 Fifth Avenue, New York, NY 10001 %D 1998 %G 0-8439-4460-9 %I Dorchester Publishing Co./Leisure Books %O U$5.99/C$6.99/A$12.95 dorchedit@aol.com %P 360 p. %T "The Millennium Project" First of all, let's start out with the positives. The brief description of the Y2K problem is not too bad at all. Unfortunately, it doesn't get much space, since the plot involves manipulating financial transactions, and blaming the resultant chaos on the Y2K bug, rather than being a predicament caused by any actual date related computing errors. That's a pretty good idea itself, and one that the RISKS-FORUM digest has discussed. The danger of "single source" creating a kind of single point of failure is quite real. Chemical and semi-biological computers with massively parallel capabilities are considered to be strong possibilities for the future, although they are only in the beginning stages now. (They are, mind you, unlikely to run anything like current operating systems.) There is even one piece of common sense in the book: when computers start to go wrong, an old helicopter is put back into service in order to try and avoid disasters. However, the preface tell us that "Unless they're fixed, all computer programs, everywhere in the world, are expected to stop working at the stroke of midnight, January 1, 2000." And, leaving aside the fact that whatever hiccups might occur will happen at midnight on December 31, 1999, the book goes downhill from there. First of all, this is pure, unadulterated, pulp. Lotsa things that go bang (all with brand names and model numbers, of course), steely eyed heroes, depraved villains, and universally pneumatic heroines and villainesses. (Actually remarkably little sex, but this deficit is made up for by having all but one episode involve violence, degradation, rape, or deviancy.) We also have the stereotypical secret conspirators with identifying marks literally emblazoned on their arms. But this review series is about technology, not literary criticism. Right off the bat we have a plane without non-computer backups for the computerized flight controls. A 767, in fact, so I'm sure that Boeing would be more than willing to explain that modern aircraft do have such things as batteries, emergency means of getting the gear down, and minimal but mandated non-computerised instrumentation. (Oh, and when all the power goes off, how come the passengers don't seem to notice that it's suddenly gotten very dark in the cabin?) A major factor in the nefarious plan is that one manufacturer has managed to corner the market on military hardware, specifically the CPUs upon which all manner of equipment, from satellites to aircraft to ventilation systems, is based. There is, mind you, the small problem that military purchasing is now heavily in favour of COTS (Commercial Off The Shelf). But then, this may be a good thing for the author, since he seems to have changed his mind late in the book, and jumps from shutting down the military to scrambling the world's financial markets. At which point we find that all commercial computers seem to use these same chips. Intel, Motorola, Compaq, HP, and IBM would probably be a bit surprised to learn of this. Returning to the military for a moment, aircraft, and particularly prototype aircraft, in transit are not shipped with a full tank of gas, and most especially not with a full load of armaments. (And that is a really stupid way to fight on a train.) Oh, and just so you know, the US military has its own top level domain. The Marines would have addresses ending in usmc.mil, not usmc.com. How about the government? The book states that industry is in bad shape for Y2K remediation because the government can strip businesses of necessary skilled personnel by offering more money than industry can afford. This proposition is, in fact, precisely opposite to the true state of affairs: governments have been somewhat hobbled by trained people leaving to pursue more lucrative offers in the corporate world. Using a cell phone to get around restricted landlines is a good hack, but it is *not* hacking. And most cell phones don't even work from inside parking garages, let alone mountains. Encryption is as seriously confused at usual. At one point a key is 128 bits, at another it is 128 digits, and at yet another it is described as being like a "lock with 128 ten-digit tumblers." We also have a need for the world's most computationally powerful computer to perform a brute force password attack: essentially counting. Of course, the power of such a computer would be completely wasted in the proposed situation, where the limitation would be the communications link. A T-1 is fast, but it isn't unlimited. But then, as with most authors of this calibre, Massucci doesn't know arithmetic, either. We are told that there are 17,901,787,425,874 attempts in a forty minute period or slightly less. Using the full one and a half megabits per second (and not waiting for a response from the host), you would not quite be able to transmit four gigabits of information in that time. Being kind to Massucci, and using the smallest of the various keys, 128 bits, it would take fifty two years to send 17,901,787,425,874 attempts. Our heroes are also phenomenally lucky: the chances of hitting the right password; again using the smallest, 128 bit, address space; in 17,901,787,425,874 guesses is about one to 10,000,000,000,000,000,000,000,000,000 against. In other words, if you ran something the size of that entire sequence a billion (American) times per second, then you might get it right in only twice the age of the known universe. Half the time. And one other thing to which I can personally guarantee and attest: very few computer manuals are published in hardcover. copyright Robert M. Slade, 1999 BKMILPRJ.RVW 990620