Unixronin is Alaric, the Renaissance Man, Samh-ildánach, Man of Many Sciences, Brother Railgun of Reason, Episkopos of the Discordian Order of NoH, Mystic Zen Biker, Pasha of Atomic Fusion, Czar of Quantum Mechanics, Offender of the Faith, Grand Dragon of Poon Appreciation, technomage, Aspie, loner, technical thug, intermittent vr00mist, shottist, polymath, a lovely little thinker but a bugger when he's pissed, slave to cats, ignostic, occasional poet, sometime artist and sculptor, former wrestler of seals, eclectic swordsman, futurist, minarchist, novice cyborg.
This entry was originally posted at http://wcg.dreamwidth.org/1532353.html. You may comment here using your Livejournal account; or comment there using OpenID or your Dreamwidth account.
Original release date: May 20, 2013 | Last revised: May 21, 2013
Systems Affected
Microsoft Windows systems running Adobe Reader, Acrobat, or Oracle Java
Overview
On May 16, 2013, US-CERT was notified that both www.federalnewsradio[.]com and www.wtop[.]com had been compromised to redirect Internet Explorer users to an exploit kit. As of May 17, 2013, US-CERT analysis confirms that no malicious code remains on either site.
Description
The compromised websites were modified to contain a hidden iframe referencing a JavaScript file on a dynamic-DNS host. The file returned from this site was identified as the Fiesta Exploit Kit. The exploit kit script uses one of several known vulnerabilities to attempt to download an executable:
Any systems visiting running vulnerable versions of Adobe Reader or Acrobat or Oracle Java may have been compromised.
Impact
The exploit kit, once successful, delivers and executes a known variant of the ZeroAccess Trojan. Additionally, according to open source reporting, the malware also downloads and installs a variant of FakeAV/Kazy malware.
The ZeroAccess Trojan attempts to beacon to one of two hardcoded command-and-control addresses, 194[.]165[.]17[.]3 and 209[.]68[.]32[.]176. The beaconing occurs using an HTTP GET using the Opera/10 user-agent string.
After beaconing, the malware then downloads a custom Microsoft Cabinet file and the malware uses port UDP/16464 to connect to the peer-to-peer network. This cabinet file contains several lists of IP addresses, as well as a fake flash installer.
Solution
Apply Updates
Adobe has provided updates for these vulnerabilities in Adobe Security Bulletin APSB09-04 and APSB10-07.
As a "design professional," I am disturbed by the apparent absence of storm shelters in an area prone to killer tornadoes. I mean, storm cellars were a common feature in the Great Plains as far back as the 1800s.
The Internet has turned into a massive surveillance tool. We're constantly monitored on the Internet by hundreds of companies -- both familiar and unfamiliar. Everything we do there is recorded, collected, and collated -- sometimes by corporations wanting to sell us stuff and sometimes by governments wanting to keep an eye on us.
Ephemeral conversation is over. Wholesale surveillance is the norm. Maintaining privacy from these powerful entities is basically impossible, and any illusion of privacy we maintain is based either on ignorance or on our unwillingness to accept what's really going on.
It's about to get worse, though. Companies such as Google may know more about your personal interests than your spouse, but so far it's been limited by the fact that these companies only see computer data. And even though your computer habits are increasingly being linked to your offline behavior, it's still only behavior that involves computers.
The Internet of Things refers to a world where much more than our computers and cell phones is Internet-enabled. Soon there will be Internet-connected modules on our cars and home appliances. Internet-enabled medical devices will collect real-time health data about us. There'll be Internet-connected tags on our clothing. In its extreme, everything can be connected to the Internet. It's really just a matter of time, as these self-powered wireless-enabled computers become smaller and cheaper.
Lotshasbeenwrittenaboutthe "Internet of Things" and how it will change society for the better. It's true that it will make a lot of wonderful things possible, but the "Internet of Things" will also allow for an even greateramount of surveillance than there is today. The Internet of Things gives the governments and corporations that follow our every move something they don't yet have: eyes and ears.
Soon everything we do, both online and offline, will be recorded and stored forever. The only question remaining is who will have access to all of this information, and under what rules.
We're seeing an initial glimmer of this from how location sensors on your mobile phone are being used to track you. Of course your cell provider needs to know where you are; it can't route your phone calls to your phone otherwise. But most of us broadcast our location information to many other companies whose apps we've installed on our phone. Google Maps certainly, but also a surprising number of app vendors who collect that information. It can be used to determine where you live, where you work, and who you spend time with.
Another early adopter was Nike, whose Nike+ shoes communicate with your iPod or iPhone and track your exercising. More generally, medical devices are starting to be Internet-enabled, collecting and reporting a variety of health data. Wiring appliances to the Internet is one of the pillars of the smart electric grid. Yes, there are huge potential savings associated with the smart grid, but it will also allow power companies - and anyone they decide to sell the data to -- to monitor how people move about their house and how they spend their time.
Drones are another "thing" moving onto the Internet. As their price continues to drop and their capabilities increase, they will become a very powerful surveillance tool. Their cameras are powerful enough to see faces clearly, and there are enough tagged photographs on the Internet to identify many of us. We're not yet up to a real-time Google Earth equivalent, but it's not more than a few years away. And drones are just a specific application of CCTV cameras, which have been monitoring us for years, and will increasingly be networked.
Google's Internet-enabled glasses -- Google Glass -- are another major step down this path of surveillance. Their ability to record both audio and video will bring ubiquitous surveillance to the next level. Once they're common, you might never know when you're being recorded in both audio and video. You might as well assume that everything you do and say will be recorded and saved forever.
In the near term, at least, the sheer volume of data will limit the sorts of conclusions that can be drawn. The invasiveness of these technologies depends on asking the right questions. For example, if a private investigator is watching you in the physical world, she or he might observe odd behavior and investigate further based on that. Such serendipitous observations are harder to achieve when you're filtering databases based on pre-programmed queries. In other words, it's easier to ask questions about what you purchased and where you were than to ask what you did with your purchases and why you went where you did. These analytical limitations also mean that companies like Google and Facebook will benefit more from the Internet of Things than individuals -- not only because they have access to more data, but also because they have more sophisticated query technology. And as technology continues to improve, the ability to automatically analyze this massive data stream will improve.
In the longer term, the Internet of Things means ubiquitous surveillance. If an object "knows" you have purchased it, and communicates via either Wi-Fi or the mobile network, then whoever or whatever it is communicating with will know where you are. Your car will know who is in it, who is driving, and what traffic laws that driver is following or ignoring. No need to show ID; your identity will already be known. Store clerks could know your name, address, and income level as soon as you walk through the door. Billboards will tailor ads to you, and record how you respond to them. Fast food restaurants will know what you usually order, and exactly how to entice you to order more. Lots of companies will know whom you spend your days -- and nights -- with. Facebook will know about any new relationship status before you bother to change it on your profile. And all of this information will all be saved, correlated, and studied. Even now, it feels a lot like science fiction.
Will you know any of this? Will your friends? It depends. Lots of these devices have, and will have, privacy settings. But these settings are remarkable not in how much privacy they afford, but in how much they deny. Access will likely be similar to your browsing habits, your files stored on Dropbox, your searches on Google, and your text messages from your phone. All of your data is saved by those companies -- and many others -- correlated, and then bought and sold without your knowledge or consent. You'd think that your privacy settings would keep random strangers from learning everything about you, but it only keeps random strangers who don't pay for the privilege -- or don't work for the government and have the ability to demand the data. Power is what matters here: you'll be able to keep the powerless from invading your privacy, but you'll have no ability to prevent the powerful from doing it again and again.
Here's a man who says what he thinks about getting students into STEM careers:
The United States spent more than US$3 billion last year across 209 federal programmes intended to lure young people into careers in science, technology, engineering and mathematics (STEM). The money goes on a plethora of schemes at school, undergraduate and postgraduate levels, all aimed at promoting science and technology, and raising standards of science education.
In a report published on 10 April, Congress’s Government Accountability Office (GAO) asked a few pointed questions about why so many potentially overlapping programmes coexist. The same day, the 2014 budget proposal of President Barack Obama’s administration suggested consolidating the programmes, but increasing funding.
What no one asked was whether these many activities actually benefit science and engineering, or society as a whole. My answer to both questions is an emphatic ‘no’.
And I think he's right about that. Whipping and driving people into science careers doesn't seem like a very good way to produce good scientists. In fact, it seems like an excellent way to produce a larger cohort of indifferent ones, which is exactly what we don't need. Or does that depend on the definition of "we"?
The dynamic at work here isn’t complicated. By cajoling more children to enter science and engineering — as the United Kingdom also does by rigging university-funding rules to provide more support for STEM than other subjects — the state increases STEM student numbers, floods the market with STEM graduates, reduces competition for their services and cuts their wages. And that suits the keenest proponents of STEM education programmes — industrial employers and their legion of lobbyists — absolutely fine.
And that takes us back to the subject of these two posts, on the oft-heard complaints of employers that they just can't seem to find qualified people any more. To which add, all too often, ". . .not at the salaries we'd prefer to pay them, anyway". Colin Macilwain, the author of this Nature piece I'm quoting from, seems to agree:
But the main backing for government intervention in STEM education has come from the business lobby. If I had a dollar for every time I’ve heard a businessman stand up and bemoan the alleged failure of the education system to produce the science and technology ‘skills’ that his company requires, I’d be a very rich man.
I have always struggled to recognize the picture these detractors paint. I find most recent science graduates to be positively bursting with both technical knowledge and enthusiasm.
If business people want to harness that enthusiasm, all they have to do is put their hands in their pockets and pay and train newly graduated scientists and engineers properly. It is much easier, of course, for the US National Association of Manufacturers and the British Confederation of British Industry to keep bleating that the state-run school- and university-education systems are ‘failing’.
This position, which was not my original one on this issue, is not universally loved. (The standard take on this issue, by contrast, has the advantage of both flattering and advancing the interests of employers and educators alike, and it's thus very politically attractive). I don't even have much affection for my own position on this, even though I've come to think it's accurate. As I've said before, it does feel odd for me, as a scientist, as someone who values education greatly, and as someone who's broadly pro-immigration, to be making these points. But there they are.
Update: be sure to check the comments section if this topic interests you - there are a number of good ones coming in, from several sides of this issue.
Our weather, while tiresome and not conducive to either bike rides or grocery shopping, does not yet involve mile-wide tornadoes. We'll take that trade-off and call it good. Air temperature 52 F with 100% humidity, wind light SE, solid overcast and scattered fog.
Body found in a missing kid case, no positive ID yet. This is probably a 15-year-old girl who left with somebody she met on Facebook. There are so many levels of failure involved here that I can't even begin . . .
Also news that an engineer I've worked with on a couple-dozen projects has apparently committed suicide. No idea what demons were involved. Unlike much of society, I believe that people have a right to kill themselves. I've seen too many cases where it made sense.
So I have a reader, a woman whose name I know from the occasional email and several crowdfunding campaigns and chatting here and there over the past few years. Nice lady. Someone I think of in that fuzzy “friend” territory that the internet creates, you know?
Acquaintance, however, is probably more accurate, since I didn’t learn that her oldest daughter is affected by something called Smith Magenis Syndrome until a few days ago, when Eleri cautiously announced she was doing a fundraiser. For their daughter, SMS causes behavioral issues, developmental delays and sleep disruption. She’s currently at a theraputic facility, and while she’s gone, Eleri is hoping to make their back yard a safer place for their little girl.
They’re aiming for what seems to be a very modest $2500, and are 10% of the way there. If you’ve got a dollar or ten to spare, maybe send it their way? Eleri’s been very supportive of me over the years, and I’d love to be able to help give some of that back to her.
Last week I did a series of tweets talking about going through Body Politic and finding a hundred errors, fixing them, then finding thirty more, fixing those, and finding another dozen. It was an excellent example of iterative publishing. I ended the series by saying that even with all our attention beforehand, we always find mistakes in the finished books. How many? Well take a look at Tub of Happiness to the left. I’ve identified over a dozen things that I want to fix before it heads out for its second printing. That printing is imminent, so if there is a typo or other error in Tub of Happiness that has been driving you crazy, please email schlockmercenary@gmail.com with the error and page number. I may already know about it, but you just might be saving me from holding yet another printed book and finding a mistake in it.
Comments are open on the original post at onecobble.com.
This week and next week I have so many irons in the fire that there is hardly any room for a fire. I’m not likely to have brain enough to write full and thoughtful blog posts. Yet my brain is thoroughly trained to notice things, think about them, and then hold them until time to write. My brain fills up with fragments, each of which would be a lovely post, but time and I have to march onward. By the time I have space to write there will be some other thought more pressing. So I shall record some of the fragments in the hope that if I pin them down with words, they’ll stop fluttering around in my brain begging for attention I can not spare.
No one told me that the sales people would begin circling the minute my child completed her ACT and declared her intention to both graduate from high school and attend college. Circle they did, first with suggestions of the importance of commemorating high school. Surely my child needed a ring, a jacket, a hoodie, photographs, a tassel, graduation announcements, all with her school logo. I was assured that these things would be forever treasured, just like her years in high school. The brochures were pitched to appeal to nervous/nostalgic teens and parents alike. We got her a tassel. While the pitches to commemorate high school were still in full force we started hearing from colleges. All of them wanted us to know that they were very impressed and giving Kiki a very special opportunity for a fast-track application. They very carefully did not say how much they want our education dollars. Kiki applied to a single school, got in, and began bouncing the rest straight into the trash. I thought that would be the end of it, but today we got the first of a new onslaught. Our child is going to the dorms, surely we want to buy her a super value kit of bedding, laundry hamper, toilet kit, all at extremely reasonable prices. Every where I turn someone is hoping that during this transitional period in our lives we’ll be ready to throw around some money in an effort to appease our emotions. It makes me think of the stories Howard tells about the shark-like tactics of coffin salesmen. They’re worse than used car salesmen because they prey on the bereaved.
This morning I gave the final go ahead for the printing of Body Politic. I will next interact with that book when it shows up at my door. As usual, I do not have time to luxuriate in something completed. Instead I am immediately setting to work on the reprinting of Tub of Happiness and even more critically on the shipping of 30,000 coins. Latest word says that those coins will arrive at my door by Wednesday. Tomorrow I’ll begin triaging to figure out how the shipping processes need to work.
We’re in the last rush to complete school work before the year is over. It makes me resentful of the one last complex project that Patch has to complete. The other three kids mostly have at-school things left to do, not homework.
I spent this morning re-creating financial data after my hard drive crash. It was tedious, but finally validated my tendency to keep paper statements. I’m still maintaining a list of data lost. So far it is only four items long. This is good.
I wish I had more time to luxuriate in the process of helping Kiki prepare for her CONduit show. I would love to do right by her there. Particularly since her latest birthday was not everything she hoped it would be. Yes the circling sales people are right, we are a bit emotional during this transitional phase. I just don’t think that buying her the perfect dorm room trash can will make up for whatever lacks there have been in the past eighteen years. Instead I’ve been trying to soak up normal before normal changes. She graduated from Seminary on Sunday. Next Thursday she’ll don the classic cap and gown and march with her classmates. I don’t know where that will put us all emotionally. We’re in uncharted territory here. The kids afterward will have a road map that they can follow or avoid. For now I’m doing small nice things for Kiki daily between now and the beginning of June. It won’t be enough, or rather, if there hasn’t been enough to date, no last minute effort will fix that. But it feels like the impending launch is a good one. We’re nervous, but ready. Also, we’ve still got months. Graduation closes off high school, but it does not begin college.
Howard is feeling better, for which I am daily grateful.
I read a novel draft for a friend. It was how I spent my Saturday instead of the ways I’d assigned to myself. I love when a book pulls me in and earns my tears. Note, there is a difference between pulling strings and really earning sadness. Also, I love it when I can love the books of my friends.
My poor correspondence box is gathering dust. I hope to write letters again in June.
It is late and there are more irons in the fire for tomorrow.
Comments are open on the original post at onecobble.com.
I was discussing the phrase "ye gods and little fishes" with boyfriend the other day, and I swear I remember reading a book as a kid, in which a little girl used that phrase frequently to express her impatience with other people. I cannot remember what book it was - this odd notion comes to me that perhaps it was Cheaper By The Dozen??? Could that be right? If not, does anyone else remember such a little girl using that phrase, possibly in connection with walking to get ice cream? It's very odd what scraps the mind remembers.
I am too lazy to go to the library and find Cheaper By The Dozen just to see if that's it.
This year, our anniversary and Mother's Day came on exactly the same dates it did the year we got married, 1985. It would have been our 28th anniversary. I kept busy and didn't think about it too hard, because who wants to ruin someone else's nice Mother's Day dinner by bursting into tears?
My stepmother lost her first husband when she was considerably younger than I was when Steve died - and she had several small children to take care of as well. (If I recall, her youngest at the time was an infant.) I can only imagine how difficult it must have been for her - and I can see why she would have been happy to meet my dad, even though it wasn't that long afterwards, because she must have been so lonely, surrounded by children who were a constant reminder of what she had lost, without being old enough to be useful in helping her cope with his loss. My stepbrothers and stepsisters never talked about their father very much, though I gather he was rather strict, and chronically ill.
Saturday was our condo community's annual group yard sale. Six boxes of books and two boxes of crafts magazines out the door, along with a few miscellaneous items. Steve's three torque wrenches were the first thing to be sold - lots of guys want those, apparently. The crowd, and what they're looking for, is rather different than Austin; fewer books sold than I had hoped (the leftovers went to the charity donation truck that came at the end, not back into my condo) and a lot more people were looking for clothing, which I hadn't even considered bringing because in Austin, it never sold well - only baby/little kids clothing ever sold at all. Here; people who had women's dresses and suits and shoes were doing a brisk business. I did get a few people who each took an armload of crafts magazines, though, and a few science fiction geeks who picked up 10-20 books apiece. Did a bit of electioneering for the condo board elections this summer - I'm serving as an appointed member, right now, filling in a vacant spot, but I need to get elected to a regular term, and, quite oddly for such things, we have 5 people running for the three open spots (usually it's hard to get anybody to run at all) - so I used this as an opportunity to talk to a bunch of neighbors I hadn't met before, and do a few good deeds - things I would have done anyway, of course, but now I mentioned that I was running, after helping people.
I had my quarterly device check today, and it looks like the battery is holding up enough that we don't have to schedule replacement for July - the power level is still a bit above even the "elective replacement" level, let alone the "mandatory replacement within 3 months" level. So we've scheduled the next quarterly check for August, 3 months from now, with the assumption that at that time, the power will have just dropped into elective replacement then, and since replacement is outpatient surgery, it can be scheduled fairly quickly, probably for later that week. The question will be whether I've healed enough to play in rehearsals that start up around Labor Day - I believe the first concert any of my bands have scheduled for next season is something like September 15. By now, my cardiologist is used to hearing that his schedule comes in somewhere less important than my concert schedule :D
Hey, anyone in Maryland: Maryland Community Band Day is June 9, noon to 8 pm, at the Lurman Woodland Theater in Catonsville. Montgomery Village Community Band is playing at 3 pm, and Baltimore Symphonic Band, as the host band, is playing last, at 7 pm. C'mon out and listen!
So drug companies may spend a lot on R&D, but they spend even more on marketing, right? I see the comments are already coming in to that effect on this morning's post on R&D expenditures as a percentage of revenues. Let's take a look at those other numbers, then.
We're talking SG&A, "sales, general, and administrative". That's the accounting category where all advertising, promotion and marketing ends up. Executive salaries go there, too, in case you're wondering. Interestingly, R&D expenses technically go there as well, but companies almost always break that out as a separate subcategory, with the rest as "Other SG&A". What most companies don't do is break out the S part separately: just how much they spend on marketing (and how, and where) is considering more information than they're willing to share with the world, and with their competition.
That means that when you see people talking about how Big Pharma spends X zillion dollars on marketing, you're almost certainly seeing an argument based on the whole SG&A number. Anything past that is a guess - and would turn out to be a lower number than the SG&A, anyway, which has some other stuff rolled into it. Most of the people who talk about Pharma's marketing expenditures are not interested in lower numbers, anyway, from what I can see.
So we'll use SG&A, because that's what we've got. Now, one of the things you find out quickly when you look at such figures is that they vary a lot, from industry to industry, and from company to company inside any given group. This is fertile ground for consultants, who go around telling companies that if they'll just hire them, they can tell them how to get their expenses down to what some of their competition can, which is an appealing prospect.
Here you see an illustration of that, taken from the web site of this consulting firm. Unfortunately, this sample doesn't include the "Pharmaceuticals" category, but "Biotechnology" is there, and you can see that SG&A as a percent of revenues run from about 20% to about 35%. That's definitely not one of the low SG&A industries (look at the airlines, for example), but there are a lot of other companies, in a lot of other industries, in that same range.
So, what do the SG&A expenditures look like for some big drug companies? By looking at 2012 financials, we find that Merck's are at 27% of revenues, Pfizer is at 33%, AstraZeneca is just over 31%, Bristol-Myers Squibb is at 28%, and Novartis is at 34% high enough that they're making special efforts to talk about bringing it down. Biogen's SG&A expenditures are 23% of revenues, Vertex's are 29%, Celgene's are 27%, and so on. I think that's a reasonable sample, and it's right in line with that chart's depiction of biotech.
What about other high-tech companies? I spent some time in the earlier post talking about their R&D spending, so here are some SG&A figures. Microsoft spends 25%, Google just under 20%, and IBM spends 21.5%. Amazon's expenditures are about 23%, and have been climbing. But many other tech companies come in lower: Hewlett-Packard's SG&A layouts are 11% of revenues, Intel's are 15%, Broadcom's are 9%, and Apple's are only 6.5%.
Now that's more like it, I can hear some people saying. "Why can't the drug companies get their marketing and administrative costs down? And besides, they spend more on that than they do on research!" If I had a dollar for every time that last phrase pops up, I could take the rest of the year off. So let's get down to what people are really interested in: sales/administrative costs versus R&D. Here comes a list (and note that some of the figures may be slightly off this morning's post - different financial sites break things down slightly differently):
Well, now, isn't that enough? As you go to smaller companies, it looks better (and in fact, the categories flip around) but when you get too small, there aren't any revenues to measure against. But jut look at these people - almost all of them are spending more on sales and administration than they are on research, sometimes even a bit more than twice as much! Could any research-based company hold its head up with such figures to show?
Sure they could. Sit back and enjoy these numbers, by comparison:
Note that these companies, all of whom appear regularly on "Most Innovative" lists, spend anywhere from two to eight times their R&D budgets on sales and administration. I have yet to hear complaints about how this makes all their research into some sort of lie, or about how much more they could be doing if they weren't spending all that money on those non-reseach activities. You cannot find a drug company with a split between SG&A and research spending like there is for IBM, or GE, or 3M. I've tried. No research-driven drug company could survive if it tried to spend five or six times its R&D on things like sales and administration. It can't be done. So enough, already.
Note: the semiconductor companies, which were the only ones I could find with comparable R&D spending percentages to the drug industry, are also outliers in SG&A spending. Even Intel, the big dog of the sector, manages to spend slightly less on that category than it does on R&D, which is quite an accomplishment. The chipmakers really are off on their own planet, financially. But the closest things to them are the biopharma companies, in both departments.
Back in the grim days following the Columbine High School atrocity, I pushed hard for the “Israeli model” of armed school personnel. After the Maalot massacre, an all-volunteer program was put together for school personnel and family members of students who were trained by Israel’s civil guard and reported to school with concealed handguns. It was fabulously successful in both stopping and deterring armed terrorist attacks on schools. The concept has much in common with the hugely successful FFDO (Federal Flight Deck Officer) program for armed airline pilots. (It matters not whether the “terrorist” in question is motivated by religious zealotry, politics, or madness. What matters is that a protector with a gun be in place to stop the evildoer with a gun.)
After the recent Sandy Hook atrocity, not only did the NRA come up with a plan for something similar here (while also pushing for more armed police assigned to educational institutions as SROs, or School Resource Officers), but we’ve seen similar plans actually implemented in places like Texas, Utah, and Arkansas. It is a solid, realistic approach to a genuine problem.
I call your attention to an excellent little book published in December of 2012, “School Administrators Guide To Practical Handgun Training.” The author is Richard Rosenthal, a retired lawman with an impressive 40-year career behind him. The first half of that was twenty years with the NYPD. There, he worked Homicide and Narcotics, served as a helicopter pilot, and spent many years teaching at the Firearms and Tactics Unit, which is where I first met him long ago. Retiring after putting in those twenty, he spent a like period as Chief of Police in Wellfleet, Massachusetts.
Having dealt with school administrators as a chief of police, Rich understands their thinking. His credentials make it clear to them that he’s not some sort of right-wing lunatic, and give him credibility in certain circles where gun enthusiasts simply will not be listened to by decision-makers. Rich is not only a master firearms instructor, but a shooting incident survivor himself. His advice on vetting and training armed volunteers and managing such a program is absolutely spot-on.
I highly recommend “School Administrators Guide to Practical Handgun Training.” It’s available for $19.33 plus shipping here.
How much does Big Pharma spend on R&D, compared to what it takes in? This topic came up during a discussion here last week, when a recent article at The Atlantic referred to these expenditures as "only" 16 cents on the dollar, and I wanted to return to it.
One good source for such numbers is Booz, the huge consulting outfit, and their annual "Global Innovation 1000" survey. This is meant to be a comparison of companies that are actually trying to discover new products and bring them to market (as opposed to department stores, manufacturers of house-brand cat food, and other businesses whose operations consist of doing pretty much the same thing without much of an R&D budget). Even among these 1000 companies, the average R&D budget, as a per cent of sales, is between 1 and 1.5%, and has stayed in that range for years.
Different industries naturally have different averages. The "chemicals and energy" category in the Booz survey spends between 1 and 3% of its sales on R&D. Aerospace and defense companies tend to spend between 3 and 6 per cent. The big auto makers tend to spend between 3 and 7% of their sales on research, but those sales figures are so large that they still account for a reasonable hunk (16%) of all R&D expenditures. That pie, though, has two very large slices representing electronics/computers/semiconductors and biopharma/medical devices/diagnostics. Those two groups account for half of all the industrial R&D spending in the world.
And there are a lot of variations inside those industries as well. Apple, for example, spends only 2.2% of its sales on R&D, while Samsung and IBM come in around 6%. By comparison with another flagship high-tech sector, the internet-based companies, Amazon spends just over 6% itself, and Google is at a robust 13.6% of its sales. Microsoft is at 13% itself.
The semiconductor companies are where the money really gets plowed back into the labs, though. Here's a roundup of 2011 spending, where you can see a company like Intel, with forty billion dollars of sales, still putting 17% of that back into R&D. And the smaller firms are (as you might expect) doing even more. AMD spends 22% of its sales on R&D, and Broadcom spends 28%. These are people who, like Alice's Red Queen, have to run as fast as they can if they even want to stay in the same place.
Now we come to the drug industry. The first thing to note is that some of its biggest companies already have their spending set at Intel levels or above: Roche is over 19%, Merck is over 17%, and AstraZeneca is over 16%. The others are no slouches, either: Sanofi and GSK are above 14%, and Pfizer (with the biggest R&D spending drop of all the big pharma outfits, I should add) is at 13.5%. They, J&J, and Abbott drag the average down by only spending in the 11-to-14% range - I don't think that there's such a thing as a drug discovery company that spends in the single digits compared to revenue. If any of us tried to get away with Apple's R&D spending levels, we'd be eaten alive.
All this adds up to a lot: if you take the top 20 biggest industrial R&D spenders in the world, eight of them are drug companies. No other industrial sector has that many on the list, and a number of companies just missed making it. Lilly, for one, spent 23% of revenues on R&D, and BMS spend 22%, as did Biogen.
And those are the big companies. As with the chip makers, the smaller outfits have to push harder. Where I work, we spent about 50% of our revenues on R&D last year, and that's projected to go up. I think you'll find similar figures throughout biopharma. So you can see why I find it sort of puzzling that someone can complain about the drug industry as a whole "only" spending 16% of its revenues. Outside of semiconductors, nobody spends more
Wednesday evening there was an astronomical society committee meeting. It was over well before 10pm!
Thursday the weather was not wet. It stayed not wet long enough for the dew on the back lawn to dry, and in the afternoon I mowed the back lawn for the first time in over a month. It looks better for it.
Friday evening there was gaming. Or rather, there was conversation about gaming and Eurovision and other things, but none of us had enough mental energy to actually select and play a game. Sometimes it's good to just chill. Discussion did at one point wander into considering a game form of Eurovision as a sort of mashup that seemed to involve elements of 7 Wonders (build your band), Scream Machine (perform your entry) and Red Empire (the judging), with a side order of Munchkin. Or something like that.
Saturday the weather was dry enough for some more gardening to be done. Mostly, I applied myself to some late spring pruning. It should have been done a few weeks ago, but I was elsewhere at the time, and everything's growing so fast at the moment that if the pruning didn't get done then parts of the garden would have turned to jungle. That risk hasn't been completely averted, but there's a chance I might more or less keep up with it.
On Sunday I went over the other side of Croydon to visit the Sutton Model Engineering Club's exhibition. I also spent a little time operating the Surrey radio club's demonstration station, which had been set up there. HF wasn't playing particularly nicely, but we made lots of contacts within the UK and a few from further afield. The weather, however, stayed fine, and there were model trains of various gauges and propulsion systems running, some of them taking passengers on rides round the club's circuits. An excellent day out.
The rain originally forecast for Sunday arrived overnight. Today's been a grey damp gloomy chilly sort of day. However, this evening there's a radio club meeting, tomorrow evening there's another, and thursday evening there's an astronomical society meeting, so it's looking like a busy week.
All of the anti-counterfeiting features of the new Canadian $100 bill are resulting in people not bothering to verify them.
The fanfare about the security features on the bills, may be part of the problem, said RCMP Sgt. Duncan Pound.
"Because the polymer series' notes are so secure ... there's almost an overconfidence among retailers and the public in terms of when you sort of see the strip, the polymer looking materials, everybody says 'oh, this one's going to be good because you know it's impossible to counterfeit,'" he said.
Wet morning, 51 F on the car dashboard when I drove for the newspaper. Supposed to do this on and off for the next few days. I will watch for a possible interval of a couple of hours into which I can insert a bike ride, but the prospect looks cloudy . . .
Also need to insert lawn mowing in there somewhere. If you water a lawn and give it sunshine, the nasty stuff insists on growing.
Still find the political scene disgusting. I know some excellent individual humans, but the race as a whole is a bunch of lying thieving murderous scum.
They're going mostly "east" and "down", they're heavily armed, and moving (for an atmosphere) quite quickly, and they've taken on a job that their clients think is impossible...
So...
They're "eastbound and down, loaded up and truckin', we're gonna do what they say can't be done..."
Maria’s one of the other Luna alumni who got picked up at the same time I did. She’s done a kind of splendid shooting star rise, reaching the NYT with first book, and going on to take the YA world by storm since then.
This book might work better for that audience. There’s nothing particularly wrong with it (except a language thing Maria’s chosen to do in all her books which I understand but find jarring), but I was underwhelmed, which leaves me feeling like probably I just wasn’t a good audience for it. There were a few things I liked quite a lot–Avry, the heroine, is a healer who assumes other peoples’ injuries and sickness to heal them, and the way that worked is nice. There are murderous plants, which is always a good touch. There’s a romance that–
–actually, that’s one of my problems with the book, I think. The romantic interest pretty much comes across as a jerk, and I not only never warmed up to him, but I didn’t really believe Avry doing so either. Particularly since there’s a much nicer alternative.
Maria’s got a YA SF thing that I’ll be picking up, but I don’t expect to read any more of this series. Ah well. Can’t like ‘em all, even when people you know write them. :)
Previous 
