The focus of this article is to compare some of the most popular (and most effective) compression software packages available to the general public.  I will not be going into depth on algorithm comparison, however, so the article is aimed more towards casual computer users than algorithm developers in particular.

For this study, the following software were used: WinZip (9.0 SR-1), PeaZip (2.5.1), 7-Zip (4.65), NanoZip (0.06 Alpha), WinRAR (3.80) and GNU Tar (1.21).  The computer that did the processing had the following specifications: Intel Core 2 Duo (2.33GHz), 2GB RAM, Windows XP Pro SP3.  In order to perform the study, I needed some test data to compress.  I used a group of ~2500 files (143MB) that had a nice mix of source code/text files, object files, images, RTFs and compressed files.  Please note that my results are for the platform and data I used and your mileage will vary (especially processing time, obviously).

Software Summaries

WinZip: This is certainly the most popular of the programs I tested, but it also costs money (and if you read my article on ‘Good Software’, then you know how much I hate price tags on software).  Newer versions of WinZip give the option of spanning a file across multiple chunks, and the ability to encrypt the files individually.  Unfortunately, it only allows you to compress into the ZIP archive format.  The interface is very clean and intuitive.

PeaZip: This software is free, and has a pretty nice interface.  The interface seems a bit quirky at times, especially the compression dialog.  It provides the options to encrypt and span across files (break it into multiple volumes).  It also gives you the ability to pack the file into 12 different formats, plus allows you to specify your own format (by calling an external program you specify to handle it all).  Most formats also allow you to choose a particular compression algorithm you want to use, along with various settings to tweak the performance (including thread settings).  BZ2, in particular, is highly threaded.

7-Zip: Another great, and free, program.  7-Zip allows packing files into your choice of 5 formats, most of which allow you to choose custom settings to tweak performance (including thread settings).  Once again, BZ2 is highly threaded.  Encryption is also available for 7Z and ZIP formats.  Spanning across multiple files (split into volumes) is also an option in this program.  It supports a very wide variety of formats (for extraction mostly).

NanoZip: NanoZip is still in Alpha testing, and so it is missing lots of features (which is to be expected).  For that reason, I couldn’t recommend it for everyday use, but it is definitely a program to keep an eye on.  It provides the option of compressing into the NZ (NanoZip) format using your choice of 7 different compression algorithms.  The downside is that only NanoZip supports the NZ format (that I know of).

WinRAR: This program is not free, and uses its own proprietary archive format (RAR).  The interface is relatively nice, and provides the options of encryption and spanning.  It is famed to have the most efficient compression (esp. with multimedia) and is growing in its user base.

“When it comes right down to it, there’s one main reason that Microsoft is in the position they’re in today — their businessmen.  It certainly isn’t their software, and there’s no way that it’s their executive charm (although Steve Ballmer does seem to have an awkward boyish glow at times).  One might even go so far as to say that Microsoft itself would not be here today if not for their business guys.  It seems that Microsoft is more of a company that sells software, not a software company.  For the majority of their products, they will typically buy other peoples’ software out, load it full of MS logos and slap a price tag on it.  They never do anything innovative, and rarely ever come up with any software ideas on their own.  As stated before:  Microsoft is a company that sells software … not a software development company.”

… More …

Judge Michael Davis stated that “statutory damages awarded against Thomas are not a deterrent against those who pirate music in order to profit … it would be a farce to say that a single mother’s acts of using Kazaa are the equivalent, for example, to the acts of global financial firms illegally infringing on copyrights in order to profit in the securities market.”

He goes on to explain that

“Part of the justification for large statutory damages awards in copyright cases is to deter actors by ensuring that the possible penalty for infringing substantially outweighs the potential gain from infringing … In the case of individuals who infringe by using peer-to-peer networks, the potential gain from infringement is access to free music, not the possibility of hundreds of thousands – or even millions – of dollars in profits. This fact means that statutory damages awards of hundreds of thousands of dollars is certainly far greater than necessary to accomplish Congress’s goal of deterrence.”

“Her status as a consumer who was not seeking to harm her competitors or make a profit does not excuse her behavior. But it does make the award of hundreds of thousands of dollars in damages unprecedented and oppressive.”

This makes me wonder … where in the world does the RIAA come up with damage costs for sharing songs?
Maybe this: (next trial)

What’s next? Will the RIAA bash in the doors to karaoke bars across the nation because the people aren’t authorized by the copyright holders to perform the songs in public? Watch your back, the RIAA is watching us … and they definitely aren’t happy.

Now don’t get me wrong, I certainly don’t condone downloading music when artists are trying to sell it; artists should be getting their fair share of profit for their work. The level that the RIAA is stooping to, however, is nearly robbery of both their consumers and the artists they represent. The days of the dinosaurs are over … there is no longer a need for giant record companies taking excessive profit shares when there can be nearly cost-free publicity and distribution on legitimate resources like iTunes and MySpace.

The RIAA is pretending to be looking after their artists’ best interests, but all they’re doing is money mongering. Their lawsuits are actually losing them money more than anything, however. For instance, in their case against Debbie Foster, they refused to drop charges against Debbie even after it was found that her adult daughter was actually the one who shared music. The RIAA claimed that since the internet account was in Debbie’s name, she was liable for damages as well. Clearly this was nonsense, and the judge ordered the RIAA to compensate her over $68,000 in attorney fees. Their appeal was denied.

What a brilliant business model. The way I see it, since the RIAA stocks are plummeting, we’re one step closer to getting rid of them every day. Good riddance.

Allow me to digress: Microsoft came up with a new XML standard specially for their Office 2007 product line, claimed it to be an “open” standard, and submitted more than 6,000 pages of documentation to Ecma for standardization. The Ecma savants somehow managed to plow through this jalopy of a format and approved what came to be their Ecma 376 standard — Office Open XML (OOXML). Before this, ODF had already been an ISO-approved, international standard. After Ecma approved OOXML, they put it on the fast-track approval process from ISO in hopes that it would become an international standard as well.

Since ISO is an international standard, every country participating votes independently in order to determine an approval. ANSI is the official representative for the US vote, and INCITS V1 is a technical committee that provides recommendations to ANSI. Since ANSI is typically known to follow the recommendations of INCITS, an OOXML approval by this group would be critical for ANSI to give OOXML approval on behalf of the US.

But how does one get to vote in the V1 committee? Well, according to Rob Weir (a member of V1), “The qualifications for voting rights are that you must be a US domiciled organization, pay an $800 membership fee and attend two consecutive meetings.” Enjoy this clip from his blog, An Antic Disposition:

At the start of the year, V1 had only 7 voting members. But by Friday’s meeting V1 had 26 voting members. There was a clear pattern in the voting where the long-time V1 members voted for the “Disapproval, with comments” position as well as “Abstention, with comments” while the newer members voted overwhelmingly “Yes, with comments” and against “Abstention with comments.” This is not surprising since the new members were largely Microsoft business partners.”

On Friday July 13th they voted, and the results? Fourteen of the sixteen new members voted “Approval, with comments”, with fifteen approving in total — clearly less than the 2/3 majority vote required to gain approval by V1. It was a noble attempt to stuff the ballot box by Microsoft, but unfortunately they were … 2 votes short of an approval. Stuffing the technical committee with their partners wasn’t the only Microsoft faux pas, but it appears that 177 people suddenly felt the need to submit letters to INCITS with their approval of OOXML. Poke through some of the pdf submissions, they look amazingly similar. Where did everyone get that letter from? Perhaps the same place people in Ireland are getting theirs from?

The INCITS executive board still has the final say, and with any luck they will realize that OOXML certainly does not (in any way, shape, or form) deserve to become a standard of any kind. And of course, if we all wish on enough shooting stars, OOXML will be rejected by ISO when all the decisions come in.

Why should OOXML be rejected as a standard? Read through a website dedicated entirely to this matter, www.noooxml.org, and see the long list of issues that this poorly designed standard has. Yet another job well done Microsoft.

The RIAA recently filed suit against a father of four, David Greubel, for having illegally downloaded songs on his computer. Oddly enough a major record company, Nettwerk Music Group, has decided to help defend Greubel against the RIAA. Why would a record company go against the pious RIAA for their selfless acts of defending the artists of America? According to Nettwerk, they think that “Suing music fans is not the solution; it’s the problem”. Even though the RIAA insists that, in order to protect artists, suing consumers is the best way to stop illegal file sharing, Nettwerk claims that “the current actions of the RIAA are not in my artists’ best interests”.

Nettwerk has hired Mudd Law Offices to defend the Greubels, as they have handled numerous cases before involving the RIAA tying up the US Court systems with meaningless lawsuits (as if there weren’t enough already out there). Mudd said that the RIAA has “misapplied” U.S. copyright law, and I think most people completely agree.

I honestly think the best way to stop people from filing a ton of worthless claims and enundating our already stretched court systems would be to raise the stakes a bit. Here’s a new rule to consider as an amendment: if you lose your lawsuit, you have to pay them what you were suing for. In other words, if I sue you for a million dollars and lose the case, I have to pay you a million dollars (in addition to your legal fees). That should stop those half-wits from running off to the courts every time they get ticked off at something.

In case you weren’t aware, any computers in the world that work with important information and services run on open-source software (because Microsoft is a health risk for computers). If user-friendliness isn’t a high priority then no one should be stupid enough to run Windows on the computer, and that’s why critical systems are increasingly switching to open-source alternatives.

Through this govt. funding, which they dubbed the “Vulnerability Discovery and Remediation, Open Source Hardening Project”, Stanford and Coverity will create and maintain a system designed to scan various open-source programs on a daily basis, adding any bugs found to a database that will be open to developers.

Three questions popped into my head when I first heard about this:

1. Did they fire the guy that came up with those cool program names, like Operation Desert Storm?
2. What in the world does Symantec know about open-source security?
3. Why aren’t they doing this for Microsoft products?

Although I can’t comment on the first question, the other two have pretty quick answers.

2. Absolutely nothing, except perhaps lying about OS security to make people think they actually need *Nix AntiVirus 2010.
3. They refuse to let others see their God-like source code for fear people will find out it’s written in QBASIC.

Ignoring the fact that they’re wasting $100,000 on Symantec, this is great news in every other aspect. Some of the many software that will be scanned include: Apache, Firefox, FreeBSD, Gimp, Linux, MySQL, OpenBSD, and Samba. Personally I’m pretty excited to find out how many bugs they can find in FreeBSD and OpenBSD — very few I’m sure. Helping secure products that are already seen as the most secure in their class … how much better can it get?

You might be thinking that something doesn’t add up here. Let’s breeze by Secunia and take a look at their stats to make sure we’re on the right track. Just to be fair (and so you don’t think I’m being biased towards Unix-based systems) I’m going to take the lowest stats for MS systems and I’ll use a bunch of different *nix systems (not just the highest or lowest). Also, I’m only using the latest versions of the different OS’s. Here we go:

Just for the records, those stats take into account that MS finally released their patch to fix the WMF vulnerability. Also, that is just a few of the hundreds of different versions of unix-based systems out there. MS has considerably fewer OS’s — only 18, not including mobile/PDA.

If you’re thinking that comparing the 18 MS OS’s to the hundreds of unix-based OS’s is unfair then stick with me … it gets worse. If you read the bulletin you’ll notice it says that it “is a compilation and includes information published by outside sources”. Take a closer look at their “compilation”: the “BZip2 File Permission Modification” flaw is listed ten times because it was reported for multiple weeks. Ut-oh, how about this? “bzip2 Remote Denial of Service” is listed nine times as well. There are many many many more instances of duplicates throughout the report for both MS OS’s and unix-based OS’s.

How about this … Mozilla product flaws account for thirteen of the unix-based flaws. Since when is a Firefox flaw a Unix flaw!? And what about PHP, Apache, Gaim, MySQL, PERL … I guess none of those work on Windows apparently.

US-CERT tries to cover themselves by stating that, “Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.” So, in other words, your entire report is completely useless?

US-CERT should be ashamed of themselves for writing up something so misleading, as they have certainly earned the disdain of the rest of the world. I sure hope they didn’t use any of our tax dollars aggregating that sorry excuse for a report.

Quinn was the CIO (Chief Information Officer) for Massachusetts until he recently quit his position. Much to the chagrin of Microsoft, Quinn was pushing a mandatory ODF (OpenDocument Format) initiative for all state agencies in Massachusetts. Why was Microsoft mad about this? Because they don’t support the OpenDocument Format (read: no one would be using Microsoft’s own personal, licensed document format anymore). Microsoft protested this move towards ODF, saying that it was “inconsistent and discriminatory”. Is ‘discriminatory’ not having to pay MS to look at document files anymore? Maybe they use a different dictionary than the rest of us: Microsoft’s Guide to Rhetoric and Monopolies.

So why did Quinn quit? According to him, “I have become a lightning rod with regard to any IT initiative.” A pretty noble move I would say; lose your job to make sure the ODF goes through — which it will. Starting January 1, 2007, all state agencies in Massachusetts will use the new ODF. It’s good to see Microsoft with their backs up against a wall, struggling to keep up with everyone else in the technology community.

For those of us who play with computers recreationally, we know how gorgeous a rootkit is on someone’s computer (especially if we don’t like the person). If the rootkit is put onto a system with system-level permissions it can run as a kernel-mode rootkit, which has the power to do absolutely anything that it wants — including almost completely hiding itself from sight. If someone can grab ahold of the reigns on this rootkit, they can have complete control over your computer without you even knowing it.

For those who are less familiar with computers, I think Sony BMG president (Thomas Hesse) said it best when he retorted, “Most people don’t even know what a rootkit is, so why should they care about it?” Thank you, sir! I needed some new quotes to go with my good Bill Gates ones =).

After Sony got caught in the act they seemed not to really care; at least they offered replacements and pulled the disks. They also released a patch for the rootkit, but it just made everything worse and could potentially crash Windows. Much, much later they eventually released an uninstaller to the general public.

Apparently Sony thinks they can break laws and no one will care; they’re the poor victims of copyright infringement, right? If Sony had any respect left for them before, they pretty much lost it after they tried to sneak their little rootkits into their disks. Sony is probably the biggest group of hypocritical, imbecilic old-timers that exists in today’s world; their unprofitable, outdated business model is going to be the death of them in coming years if they can’t learn to adapt to the changing digital world.

For some reason they think it is a good idea to spend millions of dollars developing Digital Rights Management schemes that can be quickly circumvented by preteens. It’s physically impossible to stop people from ripping disks and sharing them, especially when there’s something out there called Linux.

I personally think it would be the most enjoyable faux pas of the new millennium to see Sony spend itself into bankruptcy trying to protect their music. They don’t seem to be very bright, so I think it’s very possible … let’s just wait and see.

[update: 2006-01-04] Stewart Baker, assistant secretary for policy at the Department of Homeland Security, bashes Sony BMG: “It’s very important to remember that it’s your intellectual property — it’s not your computer. And in the pursuit of protection of intellectual property, it’s important not to defeat or undermine the security measures that people need to adopt in these days.”

Also, I thought it would be funny to mention that Sony BMG is not only facing numerous lawsuits in the US, but also in Italy and Canada. Italy is currently undergoing an investigation to charge Sony BMG with criminal offenses, as well.

“As I always say, there’s only one type of software that is worth actually spending money on … one that requires a subscription (constant updates) to function well; no one should ever pay for any other kind of software. Any software that is worth using was created recreationally by real programmers that are just doing what they love, and software like that never has a price tag. Not to say, however, that programmers should never get paid for their work; if a company comes to you wanting you to take time out of your schedule to do work for them then they’d better do something for you in return.”

… More …