PraxIS November 2005

05-11 Contents: Printer tracking, Security Awareness, Amazon Sales Rank analysis, SoftTest, Spreadsheet Testing and news

ISSN 1649-2374 This issue online at   [Previous] [Index]   [Next]

Systems Modelling Ltd.: Managing reality in Information Systems - strategies for success  


1) Risk & Security
     Secret tracking codes in laser printers cracked
     Security Awareness - survey and measurement
2) Quantitative Ecommerce
     Amazon Sales Rank tracking and estimation
     The Long Tail of markets
     Used books, Amazon marketplace, special offers
3) European & Irish news
     SoftTest Ireland half day conference software testing case studies
     Irish subsidiary lets Microsoft slash taxes in U.S. and Europe
     Euro convergence
4) Spreadsheets
     Training course in spreadsheet auditing methodology - Dublin, London
     'Spreadsheet Check and Control' book reviews
     Free MS Office certification tests
     SCANXLS listed on Microsoft Marketplace
5) Off Topic
     Pakistan appeal
     The laws of Murphy and others
     Use MS Maps for your mileage allowance calculation
30 Web links in this newsletter
About this newsletter and Archives
Subscribe and Unsubscribe information


Welcome to PraxIS

Some investigation into quantitative modelling of Amazon sales this month. And a request for your contribution of reviews of my book.

Patrick O'Beirne

_______________________________________________________ _______________________________________________________

1)  IT Risk and Security

Secret tracking codes in laser printers cracked

Mike Musgrove, Sleuths Crack Tracking Code Discovered in Color Printers, *The Washington Post*, 19 Oct
2005, D01. Many colour printers add barely visible yellow dots that encode printer serial numbers and time stamps intended primarily to combat counterfeiters. The "secret" steganographic code in colour printer copies has been decoded by four people at the Electronic Frontier Foundation. The encoding is straightforward, and includes no encryption. This guide is part of the Machine Identification Code Technology project. It explains how to read the date, time, and printer serial number from forensic tracking codes in a Xerox DocuColor color laser printout.

Security Awareness - survey and measurement  Security Awareness Tools

SA-Perception-Survey-and-Measurement.ppt is a 123-slide presentation by Melissa Guenther. Topics include:

Danger Signs
3 Major Steps to a Zero Incident Culture
Assessing Security Culture
Key Drivers of Security
Behavior Reinforcement
Security Values
Management Credibility
Culture Assessment Report
Organizational and Individual Values
The Difference Between Incentives & Accountability
Communicating Vision & Values
Fear in the Workforce
Why Employees Don’t Do What They are Supposed to Do
What Gets Rewarded Gets Repeated
5 Steps for Effective Coaching
Security Awareness, Training and Education
Incident Analysis
Root Cause Analysis
Success Factors for Managing Change

2) Quantitative Ecommerce

Amazon Sales Rank tracking and estimation

I'm using a PHP script on my server to track hourly the sales rank of my book at Amazon USA, Canada, UK, Germany, and France. This raises the question of how to estimate sales volume given only that position in the 4 million books that are potentially on sale on Amazon.  Previous studies fit this data to a Pareto (log-log) curve: Quantity = a*Rank^b

Erik Brynjolfsson and Michael Smith, are MIT economists who led the team that did the research: A large book publisher provided weekly sales quantities and average weekly sales rank for 321 book titles tracked over several weeks in the summer of 2001. They found that these points fit remarkably well to a Pareto (a.k.a. log-log) curve and used that to come up with an estimate that 39.2% of Amazon's book sales fall in titles with ranks above 100,000.

Judy Chevalier and Austan Goolsbee developed an experiment to approximate the fit of a Pareto curve by purchasing titles from Amazon and observing the sales and ranks before and after the experiment.

Chris Anderson used it as the basis of his original Amazon Long Tail sales estimate:
That is probably the longest discussion and most useful place to start reading about this. He has updated it at

If you haven't got the appetite for equations, Morris Rosenthal provides a graph at

Apart from my own interest in Amazon rankings, this also gives me a nice example of a Pareto chart for my course in Quantitative Methods that I am currently presenting at the Irish Management Institute to the Management B.A. students.

The Long Tail of markets discusses the economic phenomenon of niche markets.

"The theory of the Long Tail is that our culture and economy is increasingly shifting away from a focus on a relatively small number of 'hits' (mainstream products and markets) at the head of the demand curve and toward a huge number of niches in the tail. As the costs of production and distribution fall, especially online, there is now less need to lump products and consumers into one-size-fits-all containers. In an era without the constraints of physical shelf space and other bottlenecks of distribution, narrowly-target goods and services can be as economically attractive as mainstream fare.

Traditional retail economics dictate that stores only stock the likely hits, because shelf space is expensive. But online retailers (from Amazon to iTunes) can stock virtually everything, and the number of available niche products outnumber the hits by several orders of magnitude. Those millions of niches are the Long Tail, which had been largely neglected until recently in favor of the Short Head of hits. "

Joe Kraus of Jotspot was the first to really develop a Long Tail framework for software:

As he pointed out, you can think of the many thousands of Excel templates that have been created over the years by individuals for their specific needs as small, targeted software applications running on a common platform. Although they probably didn't think of it this way, each of those accountants, project leaders and HR managers was acting as a software developer of sorts. Software companies developed bloated one-size-fits-all software applications for big markets, and then left the customizing of that software to IT consultants or the users themselves. As Joe put it, "the traditional focus has been on dozens of markets of millions instead of millions of markets of dozens."

Used books, Amazon marketplace, special offers

Another curious angle on this are the advertisements for "Used & New" or "Offer" prices that appear on the Amazon web pages. Many of the UK and USA offers appear to be from vendors who use the same sources as Amazon, Gardiners, and Ingrams. But the really bizarre prices are in Amazon France where a copy of my 29.95 euro book is on offer at 125 euro, and in Amazon Germany for 1,402.11 euro! Heck, for that price, I'd fly there to hand deliver it! So what's going on there? No person can seriously be setting that price; I suspect it's an automated bidding system that looks for books not directly offered by Amazon, and starts a Dutch auction by initially asking a large multiple of the price, and then dropping until they find the highest price someone is prepared to pay.

There are quite a few academic studies of this, such as:

"Internet Exchanges for Used Goods" ,sat422.pdf by Michael D. Smith, Rahul Telang H. John Heinz III, School of Public Policy and Management, Carnegie Mellon University.

"Evaluating Pricing and Product Line Strategy Using eCommerce Data: Evidence and Estimation Challenges" by Anindya Ghose and Arun Sundararajan of the Leonard Stern School of Business, New York University Working Paper CeDER-05-24, Center for Digital Economy Research August 2005.


3) European and Irish news

SoftTest Ireland half day conference Nov 16 : software testing case studies 

Date: Wed Nov 16 2005
Time: 14:00-17:00, registration from 13:30
Venue: Institute of Engineers in Ireland, Clyde Rd, Ballsbridge, Dublin 4

To register for the event, please email info (at)
This event is proudly sponsored by Cresta, Insight Test, and Compuware.

(1) Leon Brinkley, ESB
The largest IT project in the history of the Irish state - Market Opening (deregulation).
The presentation covers the evolution of the test planning and execution from project inception through design, build, test, and implementation.

(2) Susan Windsor, WMHL consulting
Case study for the use of Test Automation Frameworks
After many years of buying, and trying to use test automation tools for functional testing, we surely have to finally admit that our industry has totally failed to realise the predicted benefits. A case study is presented from Lloyds TSB Offshore on their experiences of using one of the new Test Automation Frameworks when the deadline was set in stone and automation played a huge part in being able to meet that deadline.

Irish subsidiary lets Microsoft slash taxes in U.S. and Europe (Wall Street Journal)

'The four-year-old subsidiary, Round Island One Ltd., has a thin roster of employees but controls more than $16 billion in Microsoft assets. Virtually unknown in Ireland, on paper it has quickly become one of the country's biggest companies, with gross profits of nearly $9 billion in 2004.'

Euro convergence

I'm getting enquiries from the new EU members on how to manage the conversion to the euro. News stories on this include: Cyprus sets 2008 target for euro adoption Opposition to euro currency grows in Estonia


4) Spreadsheets

Training course in spreadsheet auditing methodology  now taking bookings for:
Dublin (city centre) Monday November 21, 2005
London (city centre), Thursday December 1, 2005

The intended audience is anyone who builds or reviews spreadsheet models, such as managers, accountants, actuaries, financial modellers, or IT analysts in enterprise IT audits. You need to have an intermediate or advanced knowledge of Excel. You should leave the seminar with the confidence to use the tools and methods shown to risk-assess and test spreadsheets in your organisation.

• Where to start and what are the most efficient techniques to use
• How you can cut down a huge system of spreadsheets to a manageable audit task
• The symptoms that indicate potential or actual problems
• How a company can create an inventory of its critical spreadsheets, assess them for risk, and prioritize scarce resources
• How the top spreadsheet auditing software tools compare, including little-used secrets of Excel's auditing features
• Includes a copy of "Spreadsheet Check and Control", my new book of 47 professional checking techniques
• Reinforce your learning with an optional hour of hands-on practice using demonstration versions of auditing software

'Spreadsheet Check and Control' book reviews

I am pleased to say that Colm Toolan was first off the block to write a review of my book on Amazon. May I ask you to add a review to the Amazon web site in your country?
"If you need useful, practical advice on building better spreadsheets, then this book is for you.  If you need to have confidence in the models that your colleagues and employees build, then this is the ideal present for them!" - Germany  "Spreadsheet Check and Control does what no other book before has attempted" - USA "the 200-page book puts comprehensive controls on spreadsheet development firmly into the hands of the end users" - Ireland "Probably one of the most important spreadsheet books ever written" - UK    De Accountant - Netherlands The Hindu - India Internal Audit - Austria

Free MS Office certification tests

Brainbench is opening its entire library of certification tests (regularly priced at $49.95 per test) at no charge from November 1 - 15, 2005. There are eight Excel tests available, but if you want to take up a challenge, try this certification test. Douglas Smith wrote it and to his knowledge, only one person has ever gotten a perfect score on it:   Excel 2000 test

SCANXLS listed on Microsoft Marketplace

My workbook that provides you with an automated way to take an inventory of spreadsheets and assess them for size and complexity is listed on the Microsoft Office web sites:  UK  USA



Simply send your comments to FEEDBACK (at) SYSMOD (dot) COM

Thank you! Patrick O'Beirne, Editor

_______________________________________________________ _______________________________________________________

5) Off Topic


Pakistan earthquake disaster

Winter is here. Amazingly, the charity Oxfam is reported as saying that "less than 30 per cent of the UN's original target had been pledged." It named France, Austria and Spain among seven of the world's richest countries which had not contributed a single penny to the UN's emergency appeal for the earthquake. Don't wait for the national responses, help the Red Cross or your preferred charity.

Not Serious

Murphy and more  A list of all the "laws" (like "Murphy's Law"), famous and obscure. Here are two:

Baruch's Rule for Determining Old Age: Old age is always fifteen years older than I am.

Finagle's Laws of Information:
1. The information you have is not what you want.
2. The information you want is not what you need.
3. The information you need is not what you can obtain.
4. The information you can obtain costs more than you want to pay.

Mileage sign errors 

MassHighway admitted that the state had found 19 legends on the new signs with significant errors in mileage. That's 12 percent of the 164 new signs in the $1.05 million contract. According to the contractor, some of the distances were calculated using Microsoft's Streets & Trips software. According to Microsoft, the software without a GPS hookup costs $39.95. This contractor was paid $130,000 by the state.


Copyright 2005 Systems Modelling Limited, . Reproduction allowed provided the newsletter is copied in its entirety and with this copyright notice.

We appreciate any feedback or suggestions for improvement. If you have received this newsletter from anybody else, we urge you to sign up for your personal copy by sending a blank email to   EuroIS-subscribe (at) yahoogroups (dot) com - it's free!

For those who would like to do more than receive the monthly newsletter, the EuroIS list makes it easy for you to discuss issues raised, to share experiences with the rest of the group, and to contribute files to a common user community pool independent of the web site. I will be moderating posts to the EuroIS list, to screen out inappropriate material.

Patrick O'Beirne, Editor
"Praxis" means model or example, from the Greek verb "to do". The name is chosen to reflect our focus on practical solutions to IS problems, avoiding hype. If you like acronyms, think of it as "Patrick's reports and analysis across Information Systems".
Please tell a friend about this newsletter.
We especially appreciate a link to from your web site!
To read previous issues of this newsletter please visit our web site at

This newsletter is prepared in good faith and the information has been taken from observation and other sources believed to be reliable. Systems Modelling Ltd. (SML) does not represent expressly or by implication the accuracy, truthfulness or reliability of any information provided. It is a condition of use that users accept that SML has no liability for any errors, inaccuracies or omissions. The information is not intended to constitute legal or professional advice. You should consult a professional at Systems Modelling Ltd. directly for advice that is specifically tailored to your particular circumstances.
We guarantee not to sell, trade or give your e-mail address to anyone.
To subscribe to this Newsletter send an email to
EuroIS-subscribe (at) yahoogroups (dot) com
To unsubscribe from this Newsletter send an email to
EuroIS-unsubscribe (at) yahoogroups (dot) com
EuroIS is the distribution list server of the PraxIS newsletter. It also offers a moderated discussion list for readers and a free shared storage area for user-contributed files. The archives of this group are on YahooGroups website