Slashdot Mirror
U.S. Gov't Planning To "Help Us" Secure Computers
BahdKo writes: "CNN reported today in this article that the U.S. government is working out a plan to help protect Cyberspace from attacks by "hackers and terrorists." This plan will include the distribution of government-provided software to help clean up insecure Windows installations. It's hard to picture myself executing government provided software on my workstation (we were supposed to be *increasing* the security of the PC's, right?)"
It's almost like the US gov't has a list of things techies hate, and they're going down the list and doing each thing, just to piss us all off.
the gov't or micro$oft?
Anyone think its time us techies got together and voted these idiots out of office?
Eric Aitala
www.f1m.com
Remeber that the government has released security extensions to linux already. so don't be to quick to beat them down. If the software they provide is open and auditable then why not?
[Please type your sig here.]
I wonder if it will be free (either way) and/or open source? I'd bet not.
Maybe they could put the Internet in the same lock box they put Social Security in? Doesn't get any safer than that!
Linux IT Consulting and Domino Development in Michigan
Now, the general populus isn't paranoid about their gov't, but even so most people will balk at the gov't saying, "Here's some nice friendly software courtesy of Uncle Sam that we'd like EVERYONE to run on their computer. It, um, looks for flaws 'n stuff."
For myself, and I assume most of the geeks here, I'd want to read every single line of any code given to me to run by the gov't, compile it myself, and run it. Love your country, yes. Trust your country, never.
The only tool you've got against psychosis is experience.
that wouldn't be enough for me
... like that would happen.
try... open source and I'll compile it myself.
HA!
"The effort has brought together some of the biggest names in business, including computer chipmaker Intel Corp., Chevron and Visa -- part of the group that helped create the standards and is encouraging their use"
Holy fucking shit. I didn't know gas companies, credit card companies, probably some banks and insurance companies too care so much of a shit about my cybersecurity they're willing to coopt with the Pentagon to do it.
And what have these nimbots come up with. oooooh yeaaahhhhhh! some hardening instructions for Windows code.
Can I get a Wit-nesss!
Honestly this is muy lame-o. What kind of MS or other vendor driven crap are they going to 'certify'???? These wankers lead the known universe in their utter fucking indifference to what you or I want or need, so what do you think they're going to accomplish, aside of course for some more lobbying opportunities.
Boo-Yah,
But does that necessarily mean that the source is too? I think it does, but I'm just wildly guessing now.
[PowerPoint] is a tool for capitalist presentation
Why is it cool to think that the United States Government is out to spy on everyone and in general fuck things up?
Slashdot views are so far to the left that they've wrapped around to those of the ultra right Montana Freemen.
Because governent computers are so secure themselves... HA!
Was this the best way the Government could think of to distribute it?
www.slightlycrewed.com - Because aren't we all?
Isn't it ironic that a few days ago /. posted an article about how 1984 DIDN'T happen. Now the U.S. Govt is trying to make it happen? ;)
If you don't trust the government, the terrorists have already won. I know: I saw John Ashcroft say so on Fox News.
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
Time to emigrate to Canada.
After all Everything I know I learned by Ignoring Military Intelligence
Tcd004
I don't forsee this initiative going too far. Most people barely know how to use their computers to send email or read Slashdot, much less secure their systems from attack.
On the other hand, if anyone is going to try to design such a package of software, I imagine that the NSA knows their stuff pretty darned well. They have been advertising security-enhanced Linux on their website for a while now. I've never tried it, so I can't testify to its usefulness.
Sharpies don't just sniff themselves.
http://www.cisecurity.org/
And to clarify alot of paranoia,
These tools were built in conjunction with the Federal government, major manufacturers, service providers and academia. The are basically scanners that look for the most common vulnerabilities on systems. And no, you're not installing an NSA/CIA/FBI/TLA backdoor onto your system.
What I would like to see is Government "grants" to better security at other federal and state agencies like universities, police departments, DMVs, etc. Then open it up to businesses and whatnot. My Unv would love to find a grant to help offset the costs of a good security solution. Our physical security is a joke. Odds are, you can walk right through our office, into our server farm, take a server, and leave with it with minutes, hours, maybe even days to spare before someone even notices it's gone. A grant to help pay for a keycard system and remodeling to accomadate heightened security would be great.
So let me get this straight. They're saying "download and install this software, which looks for security problems that are most commonly caused by users being too lazy to download and install software (updates)". Does anybody else find that amusing?
Unix is user friendly, it's just selective about who its friends are.
Good. So you're not worried about that line 3029 that says:
if (slashdotId == "Wolfier")
{
openBackdoor();
sendHisDodgyWebAccessesURLsToUncleSam();
triggerIRSAudit();
}
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"windows has had time sync support for a long time. It's now part of the GUI in XP. Just double-click on the clock and pick a server. Too bad it only does it once a week or so.
What?
Love the country, yes. Trust the government, only when appropriate.
[o]_O
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
> (we were supposed to be *increasing* the security of the PC's, right?)
;)
;)
I mean if the government was that incompetent, we'd already know who really killed JFK, right?
At any rate, I happen to work for the government, and I've also held a few commercial jobs, and speaking on a reletivity scale, the government network has a much better security model than any place I've ever worked.
They also have a fanatical security "reaction" team that enforces security policy, scours vulnerability lists, and watches logs daily for signs of intrusions. When that apache hole came out a few weeks ago.. they gave every website at the facility about three days to fix it, otherwise they would start black hole-ing ports of machines running unpatched servers.
Now whether we're an exception or a rule I'm not qualified to state, but the government isn't quite as stupid as you're suggesting.
This could be a good thing. Standardized security platforms that help PCs to be just that: Secure is a good idea. Now there are so many routes to go for a "Secure system". What is secure for one person/business is totally unacceptable for another. If the government stepped in and gave everyone a "All-In-One-Grand-Security-FireWall-Intrusion-Alar m-Type-Program"(tm), users could then have "acceptable" security. Yea, I know. How the hell is the Gov't supposed to know what security means. But it would be better than it is now. It seems that 90% of the people I know have no idea about open ports or filesharing.
Anyway, back to the point: Hopefully this discussion won;t turn into a bunch of people yelling (and getting modded up for yelling) "Big Brother-Ware! I'll Never install this."
Trust the Gov't a little. This might be what it takes to get Average Joe Blow User to stop sharing his C drive on the phone company's DSL network.
flogger
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
"First things first -- but not necessarily in that order"
-- The Doctor, "Doctor
If MS is really serious about security (ahem), why don't they do this themselves? It would certainly help their reputation, and would fall in line with the *new* corp. responsibillity that good 'ol GW is talking about.
And then I woke up!
That someone that won't take the effort to keep his system patched, won't run zonealarm or virus scanners, and happily contributes day after day to the sircams, iloveyou's, melissa's, and others, but THIS someone will take the initiative to run the government's software. How is THAT supposed to happen?
:)
Of course, if they bundle it with Kazza, it might be effective. Heavens only knows, a good percentage of the computers in the world install all the spyware crap, it couldn't really hurt any more. All security aside, I have my own problems with running government software on my personal computers, but thats beside the point.
-Restil
Play with my webcams and lights here
Win2000 server alreasy does this. You pick a time server for your PDC. Naval observatory is a good choice. Then all of your DC's sync of your PDC and the member servers and workstations sync off the DC's. All automatically.
right, like i used the NSA group policy templates to secure some Win2k web servers without even a second thought. I knew they'd been widely used and there was nothing on the webserver I'd really care to hide from the Snoops so it wasn't a matter of trust on that level. Besides, things like group policy templates are easy to audit yourself.
I say so long as their tools are this transparent then bring them on, the more help the better.
closed minded is as closed minded does
You're right. But there is no +1 Important.
Since I already fucking paid for it!
"And like that
This is fucking great! I wonder if one of the million Stalin-esque informants will help me install this software?
I mean, it's really good that the same government that busts into a house, shoots an elderly black man, and then realizes the grand drug bust was supposed to go down across the street is going to help me secure my homeland. Yeah, I'm enduring my fucking freedom more and more every day!
Dominion
I understand the reason but I do not understand the execution. Ignoring all "magic lantern" issues, this is just the wrong way to fix it. The government and some companies (Chevron??!) are going to audit the security of Windows, find the flaws and distribute a program to alter it so they are fixed...
:)
This is easier than just asking Microsoft to design a secure version of Windows? Come on, you already found them guilty of being a monopoly, perhaps a nice sentence would be "make a secure version of Windows".
If Windows insecurity is such a threat to homeland defense, shouldn't the government be cracking down on the company making the laughably insecure software? Or perhaps simply not using it since it is (by the government's own admission) insecure?
Or just demand the source code and distribute their own secure version. It worked with NSA-Linux
Finkployd
Can someone please tell me why this is not the responsibility of Microsoft?
Have there not been many discussions about increased liability for fscked up, insecure software?
I've downloaded and looked at it, but I haven't really brought myself to install it.
I'm sure it's legit through and through, but my Orwellian tendancies flare up when I think about patching the kernel of my machine with something developed by one of the most secretive organizations on the planet, whose primary job is snooping on everybody and everything...
It's really not the place for the goverment to encouraging people to start installing goverment sanctioned patches. If your a goverment agency, that's a different matter. What the goverment should do is lean very hard on those who are providing unsecure software and enviroments.
Here's the problem I have...
The Senate and House of represenatives are way too friendly with big business (read: DMCA/SSCEA), this includes the current administration as well... What this means is that I don't trust them to not put all kinds of provisions to entitle them to stomp all over my civil and constitutional rights based on the premise that they're doing the common good... 'cause their not, they're merely ensuring that the current regime keeps it monopolyies.
Yes Francis, the world has gone crazy.
Aiigh! This suddenly reminds me (particularly that juicy, slurpy opening quotation) of those old '50s propaganda items like Appreciate America, where "patriotism" and "being a good American" (whatever that means) are automatically equated with "doing your part" (not incidentally what everyone else is doing).
So let's all be good Americans, well, those of us who are Americans (--points finger--), and spy on our neighbours, secure our piece of cyberspace, and whatever else our fearless leader says we should do, because then those damn Commi^H^H^H^H^Hterrorists won't be able to eat us all up as we sleep in our (all-American) beds at night.
Theme music: "Exhuming McCarthy," REM, Document
I'm not a geek, I'm just a clever script.
Propping up that such poor 'down-on-its-luck company'? I think that the government should FINE Microsoft for each standard hole that each customer out there has; not fix the problems for it using public money.
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"Do I need to do this like, once an hour, day or will once a week do?
Wow, so I can bring my computer up to government standards?
Sorry. I prefer to set my standards MUCH higher.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
Not fully if it's just a Binary, but in the Windows world often a Binary is the only option, and I'd put more trust in a Binary from the Federal Government than in some "Secure Win" Binary I downloaded off a free beer software site or even bought from a company that I hadn't checked out throughly.
Quemadmodum gladius neminem occidit, occidentis telum est
*Begin Sarcasm*
The government? Trying to help... the People? What's the catch?
*End Sarcasm*
So often people seem to treat their relationship with their government as a monarchy: word comes down from on high, we pay taxes to be protected from other kingdoms, and we pay them or they will do mean things to us.
Maybe it doesn't speak well for the government but its odd how that when the government tries to help people seem to think they are lying.
Have things gotten that bad?
What is music when you despise all sound?
"from attacks by "hackers and terrorists."
Enough statements like this and there will be no effective difference between the two.
Watch out, script kiddies: first you could get the death penalty, now you may not get a trial.
Alas, Babylon.
<SARCASM>It may also violate the EULA Bush agreed to by opening the shrinkwrap on Microsoft's campaign donations, so it probably won't be happening.</SARCASM>
I got a chance to tinker with the beta firewall product that the US Gov't is developing. It's obvious they spent a lot of time on user-interface so that the general populace will be able to fight cyber terrorism. Check out this screen shot, you'll see what I mean.
Suck had a great article on "Scare quotes". They almost seem amateurish these days.
Rather pathetic to see them in an article like this; seriously, we expect Microsoft to do sneaky and scary things with their software, and everyone's on the watch for it. If we find something, there are no repercussions on them at all, it seems.
If the *government* were to be caught doing something sneaky on people's PC's, there would be a *huge* stink, heads would roll, etc.. Unlike Microsoft, they *are* accountable to the public,j especially with something as obvious as this. They're not stupid enough to put spyware or backdoors in stuff. With the slashdot crowd out there, they'd be caught in a second.
Anyone who's really worried about this has watched too many x-files episodes. Go out for a walk, get some fresh air, dudes.
Love many, trust a few, do harm to none.
Well, it'd certainly mean that people rely on their computer less. "Bah, I need IE to view this site. I guess I'll go outside."
Yeah, I could see that securing computers all over America.
hahahahahahahaaaaaahahahahhahahahh
Got friends?
Incorrect.
All government developed software is *NOT* public domain.
The AC is right on this one - all government-developed software is most assuredly not PD.
You are running Windows, and you feel that running a program from the government reduces your security?
Think about it - if the ONLY backdoor your Windows machine has is Uncle Sugar's, you are doing pretty well, what with all the Trojans, spyware, viruses, and bugs.
www.eFax.com are spammers
That is a fact that has been widely recognised by most security proffessionals and people that take computer security seriously.
For example banks do not use secret algortighms for their communications. They use well known algorithms so the mathematics community can examine them and point out any problems.
Another example - computers games. They are usually closed source and yet almost every famous multiplayer game has been hacked.
So no closed source doesnt give you much security.
Open source would provide much more security because it would allow every one to check the code and correct mistakes.
Don't blame Florida.
Blame the puffy, middle aged guys named Chuck who think that the right to own firearms is the only civil libery that matters, since it's the only civil liberty you can use to make an exciting loud noise and put holes in cans.
Blame the old people who don't understand the modern world, and as such believe all of the knee-jerk blame laying that demagogues spew out on cable news channels 24 hours a day.
Blame people who see the whole world in moronic stereotypes. Blame the people who think that speech ought to be free only when it matches their own opinions. Blame the people with severely outdated understandings of capitalism who believe that big corporations can self-police and the market can self-regulate. Blame the people who are so cowardly that one terrorist attack which kills a few thousand people is justification enough to toss our most valued rights out the window. Blame the people who think that the flag (and not the hard-won liberties it symbolizes) is sacred. Blame the people who think that their religion should be forced on everyone, and think the founding fathers secretly wanted it that way despite rather obvious evidence to the contrary.
Most of all, then, blame an education system that doesn't teach people how to think in an objective or independant manner. Blame parents who don't teach their kids to evaluate information or ask questions.
But don't blame Florida -- those ballots were pretty confusing.
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
Hmm... So along with protecting us from aliens, maybe the "Men in Black" will also run Windows Update for us too? ("Was that a security update?", "Nope, just a weather baloon." *flash*)
Check out the Center for Internet Security where you will find posted the new Win2k and WinNT standard benchmark. Interestingly enough, there have already been benchmarks for other systems, such as Linux.
Come play Moral Decay!
1) insert windows boot floppy
2) a:\format c:
You're either a troll, or a prepubescent who just doesn't know any better. The government has no ulterior motives? What about the kind, loving, altrustic government witholding treatment to African Americans with syphilis? Intentionally using SmallPox against Native Americans? What about all of our troops who have Gulf War Syndrome? What about the vietnam troops that were exposed to Agent Orange? My father still bears the scars from this.
The best policy when dealing with Government is a Russian proverb quoted by Ronald Reagan. Trust, but verify.
As far as a "greedy" corporation, let me ask you something. Have you ever gotten a job from a poor person? Some corporations are definately bad, (cough cough microsoft cough cough) but others offer quality products at competitive prices without screwing over everyone they can. Now do me a favor: STEP AWAY FROM THE KARL MARX BOOK!
As far as the Apache fix.. it was all over the net. There was a multitude of sites you could get it from.
If any thing, the Government almost ALWAYS has an ulterior motive.
Not a problem, I'm getting great FPS.
Veteran, Bermuda Triangle Expeditionary Force, 1992-1951
Suppose that most computers are insecure. The (MS)OS gives up the HD to anyone who asks,users won't apply patches, the admin is an idiot, whatever.
The Feds are already wherever they want to be and I think that they would rather be the only ones there. I still want to keep out the rest of the world and the Feds want to help. How could this be any worse than what we have.
The really paranoid (or sensible) people will use strong encryption which is more to the point.
All your database are belong to U.S.
All your database are belong to U.S.
They're releasing this software to check how well their backdoors inside America's Army worked. Duh!
It occurs to me that when security tools such as nmap, or crack or airsnort or SATAN come from places OTHER than the government, they are seen as threats to Internet security. Some people in government even want to make them illegal.
But when the government itself comes out with software to expose security holes, it's called the "Gold Standard".
What gives?
-------------------
This is my SIG. There are many like it, but this one is mine.
Anyone who would run this software on their computer deserves whatever they get.
That is not entirely accurate. All government developed software may wind up as public domain, but I would guess that most, if not all, of it will not be available for at least 20 years after it's written. If all the software (and especially source) was public, we'd have some major security holes and exploits possible. Just think about it.
We've got gov't programs running major systems (though NT on Aircraft Carriers, IIRC). A lot of gov't created systems are running gov't machines. Much of the software is so specialized that it's probably not much use to any of us, but there's a few pieces that if crackers got a hold of would be disastrous.
Just to illustrate this, one of the guys I worked with (he left, maybe a week after I started) had worked with the DoD before working here. Me, being the inquisitive student, asked about it. He told me that most of their programmers and engineers don't know what they're working on. The engineers get told, "build this part," not "build this part for this machine."
Programmers are treated more or less the same way. They're not told to write a program. They're told to write a class, or maybe just a function. They aren't told what they're working on, just to code. The higher ranking/clearance guys then put it together.
So, eventually, yeah, maybe we'll get to see the code. But there is a lot of classified stuff in the government. You don't get to hear about everything.
And, correct me if I wrong, we don't even get to see the code for the America's Army game, do we? Of course it wasn't developed by them, just for them. Thoughts?
Thats what they should create instead of making it MS easy, instead of MS doing its job let the US goverment do it.
:)
Not that i care. 1 i dont live in the US, 2 i dont use MS products.
Quazion
According to many online sources (e.g. the U.S. Copyright Office or Lawnotes), works created by the U.S. Government are not copyrightable. However, the government can aquire copyrights for works created by others.
Is triggerIRSAudit available as a Perl module?
Wow, so I guess anyone who believes there's room for improvement in the federal government is a terrorist! Wow, how can we trust a government or a culture that labels reformers as terrorists? They don't trust us, we don't trust them, so they don't trust us.... Something's got to give.
Sounds like the government is trying to co-opt faith for itself.
Isn't it bad enough that they've started using the word "terrorist" for anything and everything that disagrees with the status-quo?
-- thinkyhead software and media
can Microsoft be sued if terrorits use holes in M$ operating systems to do cyberspace attacks that can cause real victims? ..thinking about the death penality introduced for "hackers" guilty of death of people via computer attacks..
on the other hand, YES I KNOW that gnu/linux, BSDs, etc. have holes, but who're you going to sue for linux? the owner of the name 'linux'...? Or maybe m$ cannot be sued because of their EULA that denies any responsibiliy...?
funny..
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
"(we were supposed to be *increasing* the security of the PC's, right?)"
How long ago did the NSA release their security templates for Windows 2000? In that time, have there been any documented rootings of a Windows 2000 machine that is using said security template? Anyone?
They are not copyrightable, but they may still be secret. Suppose software used to develop new weapons were public domain?
A government can be changed by the will of people, and exists to do the will of the people (even populism gives people what they think they want).
A corporation exists to make as many money as possible for their own benifit, that ever benifit that gives to society is a sideeffect.
I don't trust either of them.
You say a government can be changed by the will of the people...but at least for a while, incumbents had a better chance of being re-elected in the US Congress than they had in the Supreme Soviet, and the government has a power that, so far at least, even Microsoft doesn't have--they have an army and a police force that can come and take my property and throw me into jail if I don't go along. So far, I have yet to go to jail for not using Windows.
Besides, what's so great about the will of the people? I like my will better, and in a business transaction, I get to say what I trade my money or goods for; I don't have to go along with what the majority or its alleged representatives decide.
Oh great ... now I'll have >100 U.S. Government CDs laying around ...
Will they pack them in tins?
FTHI (for the humor impaired): This is a spoof of AOL, this is only a spoof. Move along there is nothing else here.
Karma? Karma? I don't need no stinkin' karma.
How about the government fixing the problems and charging Microsoft for the cost? I wouldn't trust a Microsoft solution for the problems they created themselves. If the problem is really as serious as the article author wants us to believe, a serious and hard-working government would impound the Microsoft source code and contract a team of experts to create a solution.
Blame the puffy, middle aged guys named Chuck who think that the right to own firearms is the only civil libery that matters, since it's the only civil liberty you can use to make an exciting loud noise and put holes in cans.
For the most part, I agree with you, but not with this crack about firearms. If you where trolling, or being sarcastic, I'll bite regardless.
It may be the only civil liberty that matters, because as armed citizens, it allows us to preserve all the other civil liberties. The world, or our nation, is not so utopian, so full of people looking out only for their brethen, so lacking in criminals, as to allow us to disarm ourselves.
Criminals prowl our streets. But they do so with far less frequency in areas where even a 20th of the population is likely to be armed (florida-they still go after tourists- Vermont, New Hampshire, or, for the Europeans out there, switzerland.) The police have no obligation to protect you (see Riss vs. New York City)so you must protect yourself. The surest way to do that is to own a firearm, and know how to use it.
Our government is infringing on our rights more each day- being a low user number slashdotter, I'm sure you've been reading about the DMCA and it's ilk for quite some time. How long before our own government becomes as oppressive as Great Brittain was originally? Betcha it'll be a lot longer- if ever- as long as the populace is well armed. Incidentally, the United Kingdom now has the strictest gun control laws in Europe- and the highest violent, confrontational crime rate. (Google cache of Boston Globe)
Gun Restricting laws protect no one but criminals, because only honest people obey them. If someone is willing to ignore laws about theft, rape, and murder, what makes you think they'll obey gun laws?
The right to live includes the right to defend one's life effectively. This was once best done with a spear, then a sword, then a musket, now a handgun. The right to defend our lives against the lawless, and ourselves against tyranny, ensures all other rights. Without the natural right (listed, not given by the 2nd Amendment) to arms, all your other rights are disposable at the conveinance of criminals or the ruling class.
Karma to Burn, do your worst moderators
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
Even if I was running the world's most insecure operating system, which waved it's little electronic "tool" in the face of every hacker, skript-kiddie, and 733t-wannabe out there on a continual basis ...
THERE IS NO WAY I AM GOING TO RUN GOVERNMENT MANDATED SOFTWARE ON ANY COMPUTER I OWN.
I will destroy my computers first, as painful as it might be.
That is my final word on this subject.
To celebrate the occasion of my 1000th post, I will post no more forever on Slashdot. Goodbye.
Think of it this way: AOL made it a point, for the longest time (they may still be doing so), to plaster everyone they could think of with CDs via mail. There's no reason to assume Our Government would be any different.
In both cases, the solution is the same, and you don't even have to take the CD out of the mailer.
First, place the whole thing in a microwave oven and blast it for about three seconds. Next, mail it back to Lord Protector Ashcroft with a note explaining that you'd found a virus on the disc, and that it has been destroyed to prevent the further spread of such.
If nothing else, it'd be good for the amusement value.
Bruce Lane, KC7GR,
Blue Feather Technologies
Why can't you just use the already provided NSA guidelines to secure your windows machine.
Who was that; the KGB?
Actually, you can file a FOIA request for any gov't software, including source code. As with printed documents, they can either blank out sensitive information (leave out code) or deny the request for national security or privacy reasons.
I print, therefore I am.
"Every American relies upon cyberspace and every American has to do something to secure their part of cyberspace," Clarke said of the plan, which will be released September 19 in Silicon Valley. . . Clarke spoke to reporters as well as government and corporate officials to announce government-wide standards for securing Microsoft's Windows 2000, the most commonly used operating system for government and corporate computers.
I'm doing my part. I'm using a Macintosh.
Laws affecting technology will always be bad until enough techies become lawyers.
they want World Domination, Control of all things Monetary, even your labor potential.....
It has been a long time since a political agenda was not transparent as well...make as much money for your corporate master as possible...
errr....umm...*whooosh* *whoosh* Is this thing on ?
To all the libertarian and Ayn Rand-obsessed morons who think that corporations are the end-all and be-all to the worlds problems and exist to keep the government in check, please go away.
Quite frankly, the government IS accountable to the people and DOES have to pay the penalty when they do something Bad. When MS does something bad, 94% of the computer-using public just has to bend over and take it. (The rest use a Mac.)
Although it smacks of scary conspiracy theories and trojan horse monitoring programs, the government CAN'T do something like that. The US Government is not Kazaa. It will not install Gator on your PC. This is not a hidden backdoor to allow Carnivore to track your every move. Do you think something like that could remain hidden for ANY length of time with the amount of scrutiny this program will receive? No.
And if it turns out *to* have a monitoring program in it, stand up for your rights (if you're a US citizen) and VOTE. Call your congressmen and senators. Bang on their doors until they explain themselves and do something about it.
Quite frankly, I'd install this over the next version of Windows Media Player any day. Who knows what random shit MS will try to do with that...
Hire a Linux system administrator, systems engineer,
If it was free as in beer (or speech), I'd give it a look. They can't make my windows xp install any less secure than it is fresh off the cd, and I don't think they'll install some sort of evil spyware. Not saying I'd keep it, though, just because I don't really havy any need for better than marginal security, and this if this is anything more than a registry-tweaker, if it's an app than runs in the background, I probably won't want the overhead.
I'm the stranger...posting to
Well, other than 'classified' stuff, isn't it usually released into the Public Domain?
And about the Army game, they don't really own the code to that. The engine is licenced from Epic Games, so it's not really theirs to distribute.
[PowerPoint] is a tool for capitalist presentation
Blame the old people who don't understand the modern world, and as such believe all of the knee-jerk blame laying that demagogues spew out on cable news channels 24 hours a day.
Blame people who see the whole world in moronic stereotypes.
Although I may agree with many of the sentiments of the parent post, I must ask--does anyone else see the rich irony of opening the message with the first two statements above, only to follow with the third...?
~Idarubicin
I quit! Now my tax dollars are going to pay for software to protect Windows from their own shitty design!
Some days it doesn't pay to get out of bed!
Or are the terms Hackers & Terrorists becomming more closely related in recent days?
How long before hacking becomes synonomous with terrorism in the Media?
And who is then next?
Insert something insightful here, or I'll insert something painful there.
I have used file sharing software.
I have purchased illegal drugs.
I have snooped around my university's computer system when I was younger because I was curious, even though I probably shouldn't.
I have made a joke about the sobriety of the pilot on an America West flight.
I also am a patriot and love America. Why the fuck does the government, media, and corporate world keep wanting to throw me in the same catagory as a bunch of psychopathic assheads who fly airplanes into buildings?
The Internet is generally stupid
>Good. So you're not worried about that line
>3029 that says:
>if (slashdotId == "Wolfier")
>{
> openBackdoor();
> sendHisDodgyWebAccessesURLsToUncleSam();
> triggerIRSAudit();
>}
What buggy code!! You forgot to
closeBackdoor();
before the closing brace!
Please patch before sending it to me. Thanks in advance.
We're from the government and we're here to help...
We are talking about the most massively unAmerican activity since voluntary compliance income taxes. The government wants me to install software on my computer, specific to a certian insecure comercial operating system I don't trust to begin with. No fucking way. At any rate, I happen to work for the government, and I've also held a few commercial jobs, and speaking on a reletivity scale, the government network has a much better security model than any place I've ever worked
They got M$? They are incompetent, fanatical or not because they can not possibly autit all of M$'s massive core of crap, nor can they trust the tools M$ provides them. M$ has no security at all.
This new uberpatch will NEVER accomplish it's stated goal. IT WILL BE A CARNIVORE that uses your machine's cycles to do it's dirty work. There's an obvious cure for this, the use of free audited operating systems. If they would come out and advise that I'd be much much happier, and NO I don't need your stinking secret patch.
Remember the fourth amendment? You know, security in your personal papers and effects? This is NOT the kind of security the the bill of rights had in mind.
Mr. Ashcoft, I call on you to remember your oath of office to uphold the constitution of the United States of America. Let me remind you exacly what you swore to uphold:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
This should scare the ever lovin' crap out of lots of people when the see what a pullulating dish of agar their office, SOHO and home systems are.
Its not just M$, (though people will be throwing a few of these out the window when they see sheer size of the system "vulnerability list",) but this should be part of the connection "pre-flight" process for everybody who is connecting to the net.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
OpenBSD
I can't believe they think that yet another uber patch is going to fix Windoze. We all know the answers, and we all know that the ablsolute worst freaking securtity possible will come from a monoculture of M$ junk. This is NOT an honest move and it indicates that someone is serious about nationalizing computing through M$ .NET, Paladium/dongle hell.
Yes, now is the time for hysteria.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Works produced by government employees on government time are effectively public domain. However, this does not require the goverment to distribute copies of such works. It just means that should you somehow acquire a copy of such a work they can't sue you for copyright infringement should you make copies of it.
Works produced by government contractors are not public domain, even if the government paid for their production.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Well, you're absolutely right, with the guns people are allowed to purchase now, your average citizen would stand no chance against artillery or light armor. You might want to consider, though, how likely it would be that anyone would order domestic artillery or light armor strikes, no matter how difficult the situation. But it's late at night, and I don't feel like arguing that point right now, so I'll move on.
Firearms are tools, Period. They can be used for self-defense, for crime, or in some historic events, revolution. The history of the US, and the history of Switzerland, and now even Israel, show that honest folk are the majority, and the more of them that go around armed, the less crime there is, or the lesser the impact of it. (armed Israeli citizens where instrumental in stopping a recent machine gun attack at a shopping plaza. Armed El Al employees stopped the July fourth attack at LAX, not any US cops or TSA employees)
So if you think that Concealed Carry Permit holders should be licensed like drivers, I agree with you, provided they are licensed exactly like cars.
1. There are no restrictions on the possession or use of an automobile on private property. You can let your twelve year old son drive your F-350 across the family farm if you care to. The F-350 need not be registered or insured, though you'd have to pay taxes on it. The same should be true for guns- no restrictions on the possesion or storage of any reasonable firearm on one's own private property. (I happen to think reasonable is anything short of Anti Aircraft Batteries. Think it's crazy? The swiss allow their citizens to own anti aircraft guns. Your line may be different.)
2. Licenses are issued without question to all who qualify.
3. Associated costs are not so high as to prevent those who may need to defend themselves the most- poor inner city folk, for example.
4. A Concealed Carry Permit in one state is valid in any other.
5. There are no waiting periods associated with purchasing guns, nor any limit to the amount of guns one may purchase.
6. Operating or brandishing a firearm while intoxicated would definatly be illegal.
As for the brady bill saving lives- the Journal of the American Medical Association seems to think they haven't done a thing: "Our analyses provide no evidence that implementation of the Brady Act was associated with a reduction in homicide rates. In particular, we find no differences in homicide or firearm homicide rates to adult victims in the 32 treatment states directly subject to the Brady Act provisions compared with the remaining control states."
Full text here
Based on that, I would have to say that the Brady Bill hasn't stopped any domestic disputes from turning into murder, Unless you find the AMA to be less than authoritative in matters of public health.
I personally think that waiting periods are actually more dangerous to women, as if they know they are in imminent danger from an estranged husband or boyfriend, they are unable to arm themselves. A woman with a gun can stop an attacking man. A woman without a gun stands much less of a chance, as most men are physically stronger and larger than most women.
Quoting Jacob Sullum from reason online (only because he says it well)Supporters say a waiting period allows potential murderers time to "cool off." But anyone who leaves the scene of an argument, drives to a gun shop, buys a weapon, loads it with ammunition, and returns to kill his interlocutor can hardly be said to be acting in the heat of the moment.
I was going to post alot more, then I realized you're in support of handguns for self defense, so if I prattled on, it would be pointless.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
Given debuggers and disassemblers, people are going to "read" it anyway. But there's no sense in them being spiteful about withholding source.
DNA just wants to be free...
You'll need to boot from clean boot media that wasn't in the machine at the time of installation.
Otherwise you could be booting a modified kernel that would hide any changes made.
DNA just wants to be free...
The example for programming is not the norm, but an extreme case your friend told you to impress you. In my experience, if you're working on a program for some DoD project, you're either cleared and mired in it or your uncleared and stay 100 feet away from it. In the few cases where it's possible, you could be doing something like what you mentioned, working with the parts that seperate are unclassified until they are brought together. I've done that once, but not because I wasn't cleared. I just didn't understand it. :-D
Or maybe that's just with the FFRDCs... but I thought they did the majority of the DoDs engineering work.
But anyway, yeah most code doesn't see the light of day not so much because the DoD is involved but that it is "owned" by the RDC or the group within the DoD that was responsible for it. In the case of the RDC, there's no legal requirement to disclose the code at all to the public, but the sponsor (DoD) can still check it out.
Black holes are where the Matrix raised SIGFPE
I believe software published (not stuff developed for in-house) is "open source" (cuz of FOIA I believe). The gov't can't copyright products, but it can get patents.
This is what decompilers and the strings command are for. You'd be amazed how much you can learn about what a binary does by running the .exe through a decompiler and just leafing through the symbols. You might think most apps strip all useful symbols out, but it's not true. You can have yourself an old school literate programming session and leaf through the binary code like a book, if you have a few assembly references handy and limited understanding of addressing modes.
.exe, it's not like you _can't_ ever know what it will really do when you run it. You just need some time, some tools, some brains, and some nerve.
So even if the file is
Democracy. Whiskey. Sexy. Pick any two.
Criminals prowl our streets. But they do so with far less frequency in areas where even a 20th of the population is likely to be armed (florida-they still go after tourists- Vermont, New Hampshire, or, for the Europeans out there, switzerland.)
I almost snorted coffee up my nose when I read 'Switzerland'. Let me explain something to you, and please think about it because it may help you realise why the rest of the world finds the USAs attitude towards guns really sad and frankly bizarre. Switzerland has a low crime rate mainly because the Swiss people are good, honest, non-violent people. The requirement for men to own a rifle is so that Switzerland can defend itself in the case of war. They do not carry the rifles around with them but keep them locked up.
Bet me $50 that whatever software the IRS uses to run its computers, it isn't public domain.
Someone you trust is one of us.
WHat they released was a security template that amounts to the minimum that security experts have been advocating since roughly the dawn of time. The babble Clark was talking about (I really hate it when poeple old enough to be my grandparents use buzzwords like cybersecurity instead of information security or computer security, it makes them sound like dotcommies without a clue) is just political fluff. Without funding, visiblity and a plan of execution nothing will happen in a government program, it's a law of nature. As for the template, I'm still evaluating it, but so far I think it's a decent thing to put on a w2k pro box/ std image especaily if you do work for the gov. I'm just glad to see the government actually doing something security wise that will benift the smaller civil agencys and administrations.
Spyder
closeBackdoor();
before the closing brace!
No they didn't ;-)
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"I care little what the world thinks, because it's always popular to pick on the biggest kid on the block. Nor should the derision of other countries make any lick of difference to our core principles. If they care to piss away their natural rights in the name of being progressive, and laugh at us while we preserve them- then so be it.
;) )only read some on the subject.
Call the US gun crazy, if you will- but from what I understand, the Swiss are the most armed people on the face of the earth, per capita, not Americans. Regardless for the reasons you are armed, the fact remains that every household has at least one military firearm, doesn't it? Might this not have the slightest detterent effect on crime?
The reason you'll find loudmouths like me vicously defending our individual right to keep and bear arms is because there are many people in our society and government seek to restrict this basic right- a problem you don't seriously have in Switzerland, from what I understand.
Please do correct me if I'm wrong, as I've never traveled outside the US (Canada doesn't exactly count, because to the casual observer, they just use different money
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
Not anymore. They tossed those rules and replaced them with rules that say they can decide to sell the IP rights to a private company who CAN patent/copyright.
Democrat delenda est
If they care to piss away their natural rights in the name of being progressive
But in Europe we view the opinion that carrying a bug as a "natural right" as a really bizarre point of view. I know it is hard for many of you in the USA to understand, but we don't want guns. There is virtually no pro-gun political or public movement in Europe at all.
Data published by Krug et al in 1998 indicated the following rates for gun deaths per 100,000 population:
USA - 14.24
Switzerland - 5.31
Scotland - 0.54
England & Wales - 0.41
Japan - 0.05
So, for every one gun death in the UK there were about 35 in the USA. And does the UK have a more serious crime problem than the USA? No. The statistics are even more extreme comparing Japan and the USA.
Face it, the argument that gun ownership reduces crime levels is bullshit. I feel much safer on the streets in Europe than in the USA.
Man, things have just gone downhill. At least in the days of George Bush Sr. we knew that we were safe from broccoli
"Live Free or Die." Don't like it? Then keep out of the USA
Prevent people from owning computers that can connect to networks via legislation.
This is a highly Orwellian proposition (and yes I did see the 'George Orwell was Wrong' article posted recently) but seriously: People in general don't know and never will know how to properly manage a computer. Only experts know this. If all computers are to be secure, then only experts should manage them and the networks. This implies that all networked PCs should be houses in special locations where they can be used in a secured environment.
I remember some years ago reading a mock press release from the President of the US thanking all USA citizens for complying with the ban on all home computers and how it would make the USA a much safer place.
If things keep going the way they are going and there are a few more serious terrorist attacks on North America, we might want to get worried about this (currently highly theoretical) possibility.
You might want to re-examine those numbers friend. Here are a couple recent articles you may find interesting:
s id _2069000/2069400.stm
0 00 /2047651.stm
5 4, 00.html
t la w.html
/ 07 99swissguns.htm
http://news.bbc.co.uk/hi/english/uk/england/new
http://news.bbc.co.uk/hi/english/uk/newsid_2047
(there are more articles--a flurry of reports was released within the past month, I'm sure it can be googled easily enough).
Older article, though I included it for use of the term "Gunchester" which I find rather amusing.
London is now less safe than New York..New York!!
http://www.guardian.co.uk/gun/Story/0,2763,1952
Here's another older article though interesting in that it shows Britain's gun policies NEVER returned great results:
http://www.geocities.com/Athens/Bridge/2431/bri
Here's an article relating to Gun facts in the US:
http://www.cato.org/dailys/05-13-00.html
So here's the perplexing part--guns have been banned, disabled, confiscated in Britain. So how (Why?!) are gun crimes rising?? It's simple, you take away guns from those who are properly licensed and follow the law, and you take away the ability of people to defend themselves from guns. Gang members and other lawbreakers are going to continue breaking the law, I don't see them handing their pieces over to the cops,do you? You punish the law abiding citizens with this action, not the criminals.
Oh and incidentally, is Switzerland not considered part of Europe?? Because they certaintly don't have, use, or want guns there.
(Another interesting article if for some reason you don't believe me about the swiss:)
http://www.enterstageright.com/archive/articles
Gun Deaths != crime.
:
Allow me to explain.
According to the United States FBI and Do Health & Human services, in 1995, there where 13,790 firearm homicides in the US (about 5.51 per 100K). The same year, there where 18,503 gun suicides in the US, or 7.4 per 100K. Why guns? Because they're a very effective way to kill oneself. People who are intent on killing themselves will do so with the quickest means possible.
Don't believe me? Ask your beloved Japan, who had a suicide rate of 16.72 in 1994 International Journal of Epidemiology (1998)
Now, our total homicides (a category much clearer than the deceptive gun deaths) of 5.70 is still about 4 times higher than England's 1.41, but not 34 times higher, as your numbers might suggest to the uncritical reader.
So you feel safe in Europe, huh? How about london? Where you're twice as likely to get mugged, robbed, or assaulted then in New York City?
Quoting the Weekly Standard
The same pattern can be seen throughout Europe--indeed, in much of the developed world. Crime has recently hit record highs in Paris, Madrid, Stockholm, Amsterdam, Toronto, and a host of other major cities. In a 2001 study, the British Home Office (the equivalent of the U.S. Department of Justice) found violent and property crime increased in the late 1990s in every wealthy country except the United States. American property crime rates have been lower than those in Britain, Canada, and France since the early 1990s, and violent crime rates throughout the E.U., Australia, and Canada have recently begun to equal and even surpass those in the United States. Even Sweden, once the epitome of cosmopolitan socialist prosperity, now has a crime victimization rate 20 percent higher than the United States.
Americans, on the other hand, have become much safer. Preliminary 2001 crime statistics from the FBI show America's tenth consecutive year of declines in crime. While our homicide rate is still substantially higher than most in Europe, it has sunk to levels unseen here since the early 1960s. And overall crime rates in this country are now 40 percent below the all-time highs of the early 1970s. In 1973, nearly 60 percent of American households fell victim to property crimes. In 2000 (the most recent data available), only about 20 percent did. Among the economically powerful democracies in the Group of Seven, only the Japanese now have a lower victimization rate than the United States.
Great Britains own Home Office, with a vested interest in preserving the status quo, shows that the US, with it's lax gun control laws, has less crime. And that using categories like 'property crime' and 'violent crime,' which clearly indicate that it's one person commiting a crime against another, contrary to your "Gun Deaths."
Also, none of this has mentioned how often guns are brandished or used to prevent crimes. (A legitimate gun death- where someone acted in self defense- would not be listed as homicide)Defensive gun uses have been estimated anywhere as low as 4.32 (National Crime Victimization survey) per 100K to as high as 103 (Dr. Kleck, Florida State University). If the truth lies in between, as is likely, the presence of guns offers a net benefit to society. Defensive Gun Uses include instances where simply brandishing the fire arm was enough to deter the criminal, and other instances where the criminal was shot)
Now, the article I cite goes on to list other reasons why the US crime rate has fallen, outside of firearm possesion. All things being equal though, I would much rather have the option to defend myself, my family, and my friends with the most effective means available- a firearm. Your gun control clearly doesn't make you any safer.
Also, if you think only cops should have guns- in the US, Police shoot the wrong person 11% of the time. Private citizens do so only 2% of the time.
I think I'll keep the loose United States gun laws, thank you, and you Europeans can laugh until the armed thug knocks on your door. Natural rights exist regardless of how bizzare you think they are, and you're better off exercising them then not.
Set. Bump. Spike. Thank you, come again.
Alcohol, Tobacco and Firearms should be the name of a store, not a government agency.
You might want to re-examine those numbers friend.
Erm, why? You provide a bunch of links about gun crime in the UK. So? Nobody said it didn't exist. But the USA still has substantially higher homicide rates than the UK, in fact than anywhere in Europe. Or would you care to provide some stats that prove otherwise?
The links you provide show that crime in the UK has risen recently, whereas in the USA it has fallen. You seem to think this proves that the gun laws in the USA lower crime. However, there haven't been significant changes in the law with regard to gun use in the USA or the UK for many years, so how can you relate one to the other?
Erm, why? You provide a bunch of links about gun crime in the UK. So? Nobody said it didn't exist. But the USA still has substantially higher homicide rates than the UK, in fact than anywhere in Europe. Or would you care to provide some stats that prove otherwise?
I won't say that crime in Europe is worse than in America, because the stats don't exist to back that up. On the other hand, the US is a much bigger place--I wonder what conglomerate stat for Europe would look like, if you combined western + parts of Eastern Europe. The US also faces many of the same problems that Britain (as well as other countries) are starting to face--for instance gang warfare. Some of the links I posted talked a bit about that--crime rates among poor urban minorities in the US are what skew the stats largely--if you take the inner city gangs out the picture, and drug related deaths (the two largely relate actually), America would be much closer in line with Europe. Again, this is a problem Europe is starting to face too, look at all the recent anti-semitic attacks from France to Germany to London to Italy (mostly not performed by white Europeans) -- it's a problem. I would also agree with you that most European cities are more safe than American cities. I just don't like the notion that every crime in america is because of a gun, and wouldn't be happening otherwise. I live on the Eastern seaboard, and in my entire life, other than on police officers, I have seen *one* person carrying a gun (holster on his hip)--the guy's car also had NRA stickers, "live free or die" type things all over :) This was for a school carwash fundraiser, and he paid double for his car--not all gun users are bad people or nuts.
The links you provide show that crime in the UK has risen recently, whereas in the USA it has fallen. You seem to think this proves that the gun laws in the USA lower crime. However, there haven't been significant changes in the law with regard to gun use in the USA or the UK for many years, so how can you relate one to the other?
Actually the UK gun laws did change signifigantly in 1997, which is why this is a big deal. It still blows my mind that London is now less safe than New York..
Molotov Cocktails tend to make short work of armor. Artillery is just as vulnerable to infiltration and sniping as it is counter-battery fire. If it is mobile artillery, see "Molotov Cocktail."
The danger from an armed populace isn't that they have massive military might; it is that you cannot determine who is or isn't an enemy. Artillery and guided missiles are no longer your enemy; the guy delivering the produce for lunch mess, or the girlfriend of the unit's LT, or the Eagle Scouts who accidently hiked through your camp become the enemy.
Yes, they are all trying to do what they think is the Right Thing. That's not necessarily the same as what I think is the right thing. Sometimes their perception of the Right Thing is quite different from mine.
I find that the higher up a person is in any organization, and the larger the organization, be it government or corporation, the more differences there are between their perception of the Right Thing and mine. The higher a person is, the less I am likely to implicitly trust them until I have seen convincing evidence of trustworthiness.
Of course, as anyone working with security knows, having the source code ONLY helps you crack a product if the product wasn't developed with security in mind, and using a reasonable security paradigm.
If you use a reasonable key system, just having the source shouldn't let you magically hack into it (although it will help if that key system is flawed).
OTOH, if you use a complex scheme like XOR (as certain monopolistic companies who shall remain nameless have done in the past)... then I guess you're pretty well screwed either way.
actually, I blame Nader.
The Kruger Dunning explains most post on