Slashdot Mirror
Schmidt Predicts Digital Sky Is Falling
Danse writes "Former Microsoft security chief Howard Schmidt now works for the government as the vice chairman of the Critical Infrastructure Protection Board. According to this article on Security Focus, he has been touring the country, proclaiming the dangers of "zero-day viruses" and "affinity worms" that will create the kind of havoc that nothing else short of a nuclear exchange could cause. "Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet, declares Schmidt. The power grid could fail catastrophically by 2005!" How do you argue with this kind of rhetoric, especially when it's being spread directly by government officials to corporate leaders?"
The fact that we have the DMCA, that freedom is being eroded in the face of national ID cards and the loss of anonymity on the net indicate that the sky is falling.
CEE5210S The signal SIGHUP was received.
I think he just first time watched "Hackers"
Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet
Why would these things be controlled via the internet? We already segregate certain high security systems from the internet to avoid even the chance of them being "hacked". I don't think a pacemaker would -EVER- be hooked up to the internet -- not only is there no point, but it's just extra risk for something to go wrong.
On the note about how to stop the rhetoric, it's simple. We need people who are educated in technology to report to the government with the TRUTH, not these fictional facts being spread to merely cause a slight fear which will (in all likely hood) raise the sales in the technology industry to "buy more secure products".
imagine the EULA on that one...
I want 2D games back.
How is this news? This is the same party line as the Luddites have, only this guy has some history and a government position. So what? The Luddites have been proclaiming the end of the world because of technology for over a century. Has it happened? No. Will it happen? Maybe. Can we do anything about it if it does? No; so who the fuck cares?
blog |
My brain just imploded.
In 2004? Read William Gibson and take a good look around the world today =)
Well, as the article points out, what's interesting is the change of tone. While he was a Microsoftie, he was downplaying the impact of viruses & worms.
Now that he's in the government, these things are apparently more important.
The change of perspective and its timing is....interesting.
Don't you remember that old television series Automan?
Between shows like that, in which a computer program given life could control any electrical device, and all the poorly done "hax0r" characters on film and television, why would you expect people NOT to believe things like this?
We have some guys just like that in our gov/police in .nl as well though. According to them, us hackers are 'staatsgevaarlijke anarchisten'. Usually these people aren't taken seriously by people that _do_ know what they are dealing with. And hopefully for you USians that gov chapter has some people with a clue that can set the facts straight.
Howard Schmidt = Chicken Little
>
While it seems that the phrase "snake oil salesmen" has passed out of the vernacular in favor of "really good excuse to sell product," Schmidt is really nothing more than a fearmonger. While I could imagine a worm moving through the internet fairly quickly, I can't imagine it doing too much serious harm. I mean, nothing could be much more serious that code red or Melissa or something. The net is fairly heterogeneous, so if a big chunk of end-user windows machines become infected, who gives a crap? Worst thing is a slight dip in sales at Amazon or buy.com, and McAfee, Symantec, etc get some new sales. Even a windows machine can be armored against these things if you try. Also, spreading instantly isn't even feasible. It takes time for a machine to find connected hosts, transmit and process things, etc.
What worries me most is this absurd prediction that traffic lights and the power grid etc will become part of the internet. There are no good reasons for traffic lights to be on the public internet, and lots of good reasons for them not to be. However, there are lots of good reasons to control such things by computer, and the best way to take advantage of this is by using economies of scale through the use of commodity hardware. In other words, over TCP/IP. So, the traffic light network assigns all lights an IP address. This isn't the same as being on the internet. And despite all the fearmongering it's unlikely to happen.
Remember, these people have been predicting critical infrastructure death for 10 years, and their theoretical net-wide worm actually hit 14 years ago! Be fearless, build firewalls, and update your software, and ignore this moron (though if you can use it to convince your boss you need a new dual 1.5ghz machine with a giant plasma display, go for it...)
Q:Doctor, how many autopsies have you performed on dead people?
A:All my autopsies have been performed on dead peop
Part of the reason Y2K happened nearly hitchless was due to the fact that so much hype was involved. By declaring "the sky is falling" they are preventing a problem through means of hype. However, this man is a microsoft ex-employee and I'll be quick to point out that most viruses and worms are not "computer" viruses specifically but *windows* viruses. By making a fuss he is trying to protect his "alma mater" as it were.
It looks like some big goverment, "I pat your back, you pat mine" business.
Rob
Um, do these use an RJ45 or a BNC connector?
CUR ALLOC 20195.....5804M
This is no different than the DoD explaining the need for $2bn bombers or Justice requiring key escrow.
Anyone believes the gub'mint any more trustworthy than any other institution deserves to get it in the Darwin.
illegitimii non ingravare
Perhaps they need to spread more FUD generated from 'reputable' sources like the government so people and corporations get scared enough to WANT government help.
The most conspiracy-engaging part of myself is saying that this is only the first step in a plan to 'prove' to us that 100% of USA civilian computer systems cannot be totally secure against attack from international adversaries and thus must not be in the hands of civilians.
Computers are incredibly powerful tools and today's machines are beyond what the scientists of 20 years ago dreamed of in the future's uber-super-computers. They can be used as powerful weapons in terms of using 'unbreakable' encryption, launching major DDOS and similar attacks, compromising systems and installing backdoors and more. They are tools for facilitating truly free speech and covertly exporting most any kind of information. Everyone with one could be seen as a threat to a government that wants ultimate control and thus this could be just the initial phase of a long-range multi-decade plan to keep all computers in the USA under physical control of the government.
Of course, this is just a far-fetched conspiracy theory. You are welcome to accuse me of throwing FUD because that's what this probably is.
And while there's some tongue in cheek in this, I really think that 90% of the reason why FUD like this is out there is because of what people see on TV/Movies.
Law and order depicts "worm" that "takes control of your computer just be recieving an email!". Hackers: teenagers in bad oufits can crack into any system in the world (including being able to hack into a system by using phone lines taped together). Speed 2: leech loving man takes over a boat from his room with "fiber optic converter" (actually a data com port switch, I believe). The Net (another Sandra Bullock film) has a woman who's whole identity can be erased (especially when the FBI, Pentagon, and everybody else use the same anti-hacking software, which incredibly is used by evil hacker types).
In movies, anything (microwave, blender, vacuum, whatever) can be controlled by evil computer programs. Don't ever put your computer in charge of your house, or else it will develop artificial intelligence, and try to kill you by making electric cords whip around your neck (I never figured out how that worked).
Joe Public has no idea of how technology works - to him, it's indistinguishable from magic, so why couldn't it work? So when a man stands up and tells people a virus can circle the world 0 seconds, those who pray to the gods of technology in the hopes that their television doesn't turn off must believe.
We don't believe in monsters or demons, so we invent them in the form of hackers and superintelligent teenagers with a vengeance. We don't believe in gods, so we invent them in a government that knows all, sees all (when it's own FBI is 10 years behind the technology curve).
Good god, but I hate human ignorance.
52 Weeks, 52 Religions with John Hummel
Well, as the article points out, what's interesting is the change of tone. While he was a Microsoftie, he was downplaying the impact of viruses & worms.
/., and even we cannot be bothered to get off our asses and become politically involved. How can we expect those whose livlihoods are less directly affected to cast aside their apathy and conditioned reluctance to get actively involved when we can't be bothered to do it ourselves?
... and profoundly depressing.
Now that he's in the government, these things are apparently more important.
Hmm. I wouldn't be too certain there isn't a Microsoft agenda behind this ('Once you work for [ the CIA | Microsoft ], you always work for [ the CIA | Microsoft ]').
With our elected leaders deep within Hollywood's pockets, and the confluence of Microsoft's Palladium agenda to extend and encode their software monopoly into the hardware itself with the media cartels' Digital Rights Management agenda, this is exactly the kind of rhetoric I would expect from someone pusing either, or both, of those agendas.
The Digital Sky is falling, but not because of any foreign terrorists or script kiddiez. It is falling because several powerful cartels, a software monopolist, and our government are joining forces to eradicate the free wheeling internet as we know it in order to replace it with a medium they can better control, something that will resemble Just Another Media Outlet far more than it will the internet as we know it today.
If this steamroller isn't stopped it will be the end of Free Software, the end of the peer-to-peer nature that is inherent in the design of today's internet, and the end to free exchange of information via digital media. In short, it will be the end of freedom as we have come to know it.
And you know what. By the time anyone notices, much less cares, it will be far too late. We are the most affected here on
The change of perspective and its timing is....interesting.
You said it! Interesting
The Future of Human Evolution: Autonomy
Me neither, and it was a pretty good and well informed information site too. I guess it's time to start looking at alternatives just in case the trend continues - any suggestions?
UNIX? They're not even circumcised! Savages!
Exactly. But what I think you are missing is some of the other potential conflicts of interest that still might remain with George Schmidt. Does he own Microsoft stock? With this new FUD tone and Microsoft's new focus on security, is he trying to drum up new business for the company thus boosting their stock price/performance?
Visit Jonesblog and say hello.
Is this the kind of FUD we're going to come to expect from security focus now that they sold out^H^H^H^H^H^H^H^H are under the symantec "corporate umbrella"?
Actually, the article is by George Smith of SecurityFocus criticizing Howard Schmidt formerly of Microsoft fame. (The write-up incorrectly combines these names.) Read the article before you post next time...
--Matt
Oh, I thought he said PEACEMAKER...
So how long 'till I can don my leather chaps, shave my head into a mohawk, and scour the earth looking for ammo and fertile women? How long damn you!!!! HOW LONG?????
Sure, *we* know the sky isn't falling, but the average AOLer who leaves their computer on all day without any type of security or firewall installed could use a wake-up call. If the hype causes people to decide to implement better security and patch their operating systems, why fight it?
I would hope if I ever need a pacemaker, that it would have an IP address. I want my doctor to download all the information in the pacemaker every day, and do some analysis on it. Or at least if there is any hint of future trouble I want my doctor notified quickly. If there needs to be an adjustment, then the doctor should make it remotely when possible.
Note however that this needs to be an excellent ip implimentation. It needs to keep the primary function working no matter what. It must not be a problem if someone tries to DOS my pacemaker. There must be NO remote security holes. (OpenBSD has done a good job there, but even they are not good enough, after all this is my life at risk!)
of one of his travelling sideshows and proclaim, "It's not all that bad George, not /everyone/ uses your Microsoft products"
Actually, it's not suprising, from the usual myopic brainwashed Msft employee mentality of "we are the computer industry", for such a person to think all computers are hopelessly screwed beyond hope.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Maybe you should try reading the article before blasting Security Focus for spreading FUD. The whole point of the article is that Schmidt is the one who's FUDding, and you shouldn't believe him. That hardly sounds like the message that Symantec would be trying to spread if they were manipulating editorial standards for corporate reasons.
There's no point in questioning authority if you aren't going to listen to the answers.
For everyone screaming how bad it would be for a pacemaker to be on the 'net: get a freaking clue people! Ever hear of transmit-only? This would absolutely be a Good Thing(tm). If the pacemaker had some problems, then it could easily alert either someone -- whether it be the user to preemptively protect them, or to automatically call 911 on behalf of the user.
Anyone who engineers anything as critical as the controls to a pacemaker or a traffic light to be remotely configurable or writable is just asking for trouble.
Just because something has an IP adress and can be remotely monitored, does not mean that it needs to have ANY remote access to any functionality that could cause a problem.
Yes, we can (and will) design things stupidly enough so that this will be a problem, but that's more our fault than anything else. Like leaving your car unlocked with the keys in the ignition at 3 AM downtown. It's just not smart.
Now the more serious issue here, though, is that an uninformed government employee is scaremongering for power. Nothing new. But with the stock market doing as it is (buy at 6000, I say) this kind of talk is doing direct harm to the country.
This guy needs to shut the hell up.
In Capitalist America, bank robs you!
Sweet merciful crap! If anyone ever gets one, for the love of god, do NOT post that IP to slashdot! Talk about a Denial of Service...
do not read this line twice.
and only Palladium can hold it up.. I think this is where he's going with it.
Seriously, I don't see advantages to putting the toaster, blender or most household applicances in the home network? Those appliances are single use, load just before using.
I don't need the blender to start up at 5pm, so I can have a mixed drink or something when I get home, because it will have spoiled during the day. And I really don't want my bread sitting in the toaster all night, it invites pests.
Besides, with the extra money spent on these connected appliances, I could hire a maid.
$600 laser toaster with jellyjet printer, anyone?
So the "number two" guy in security has finally realized that a good portion his "l33t 0-day warez" have virii in them?
Maybe he should be a good citizen and stay away from the piracy.
retrorocket.o not found, launch anyway?
Today's Sesame Street was brought to you by the number e.
Does Netgear or Cisco make a router for pacemakers yet?
From Dictionary.com:
shill
n.
One who poses as a satisfied customer or an enthusiastic gambler to dupe bystanders into participating in a swindle.
v. shilled, shilling, shills
v. intr.
To act as a shill.
v. tr.
To act as a shill for (a deceitful enterprise).
To lure (a person) into a swindle.
v : act as a shill
The question is, who's he shilling, the clueless gubers in our government or the public in general or the clueless gubers in our corporations or all the above?
As for who he's shilling for, well, that seems rather obvious.
Everything in the Universe sucks: It's the law!
The truth helps. Just keep speaking the truth, and tell your friends, people on the bus, folks at work.
There are a couple of important points to consider.
* Systems related to national security shouldn't be on the internet in the first place. Sure, that's what its was designed for, to be a comm network that would survive a nuclear strike and still route packets. Of course, plenty of government networks are already physically disconnected. Not firewalled, just not connected. So no Slashdot reading on your power grid terminal. Until we actually start building secure software, cause we don't now, some systems absolutely have to stay disconnected, or connected only through separate, encrypted, physically secure networks.
* Instead of feeping creaturism, maybe its time to actually start worrying about security, ala OpenBSD. Could it be that people would put up with substandard office software and not-so-intuitive file browsers if we guarenteed them that the financial data on their computers would be safe? Would you pay extra for your internet-connected pacemaker (which will probably send data to your doctor) if you knew that somebody couldn't hack it and turn it off? Would your Mom put up with having to learn a confusing operating system if it meant that her Quicken data wouldn't get stolen? I bet mine would.
* And maybe, just maybe, we, as software engineers should stop living up to the low expectations of the marketdroids and the PHBs (oooh look, shiny GUI) and start demanding more of ourselves. The reason that propoganda like this punk is spewing travels so fast is that the computer-using public has been conditioned to expect so little (Oh, another reboot? No big deal. Server's down? Eh, kick it, I'll go get a cup of coffee.)
So, I'd tell people to stop whining, stop freaking out, and stop bowing to the government-media complex's instinct to make everything a damn crisis. Instead of worrying, do something. If you're a software dude, start thinking about robustness and security instead of pretty. If you're a (l)user, start learning how to secure your stuff, and start demanding that they companies you buy from do the same.
Outside of a dog, a book is a man's best friend. Inside a dog, its too dark to read.
I guess I can see where someone might think monitoring a pacemaker would be a good idea, but the way I figure, if I needed one I wouldn't want people to be able to monitor it...can you imagine?:
son: let's up the life insurance policy real quick and not report it
What is your Slash Rating?
Excellent use of the Jedi Mind trick!
How do you argue with this kind of rhetoric, especially when it's being spread directly by government officials to corporate leaders?
Three words: Y2K.
While Apache servers didn't get rooted by Nimbda, or by its cousin Code Red, they were still affected. Of course, it was more of a DOS attack since the Apache daemons were attempting to respond to the bogus requests but it was an attack nonetheless. I've seen the load shoot through the roof on Apache servers the had been targeted by nimbda/code-red infected system. I should note that this was a strange case where someone fired up an NT system (for testing) that they were unaware had become infected and both systems were inside a firewall. Makes a good case for having another layer of firewalls (and, perhaps, an IDS) inside the LAN just to protect your servers from goofy situations like this.
CUR ALLOC 20195.....5804M
... or, you could always double the heartrate and have granddad run around like the last sketch in a Benny Hill episode.
Perfectely correct. But maybe as a Microsoft security guy, he knows about many security issues with MS software and he sees them (that is MS software) spread around into areas where there should not be.
I'll do it for cheesy poofs.
When all your sheeps are going in every direction, what to you do to put them all tightly together? FEAR (dog, barking and looking menacing, drives the sheep back with the gang)
When all of the population starts to see all your little practices and schemes, criticize your every move, and notice you are not representing them but you're representing the whole mighty $ and corporatism, what could be more "welcomed" than a terrorist attack?
ALl the "sheeps" lose focus, are scared, and WANT help, seeing this, after, the gov uses this tactic to lever just about every single agenda he can. And then they preach how free they are, when their objective is to become the second China.
Of course I might be pessimistic and reading too much slashdot that mostly show the negative content when it comes to your rights online, but I've yet to see any form of government that is still 100% there for the VOTERS and not for the companies or mighty $. at some point the $ will fail, look at how much US is in debts, look at how much debts the average american has, look at how many bankruptcy/year, at some point, unfortunately, this system will all crash because it relies on continual expansion.
--- Metamoderating abusive downgraders since my 300th post.
Well back in the good old days (around 96) we all got together and agreed that there would be a few software glitches when the clock chimed midnight.
Word spread slowly at first but by 98 most of the people who needed to know had done their homework and started work.
The band wagon started to roll when the IT industry realised that there was serious money to be made. Services to analyse your systems, reasons to upgrade NOW to the next version, a ton of bodies to poke around in every line of code you were running. New hardware by the lorry load.
By early 99 there was a secondary industry looking at everything from embedded code, to legal and insurance issues, and massive pressure on the late-adopters to fall in line and spend some money. Around this time there were people forecasting planes falling out of the sky, power outages causing knockon effects and taking down the entire grid. Meltdown of the banking industry etc etc
I was involved with some people working in the middle east on Y2K and for the most part govt and companies did just about nothing. Very little was spent, and only the the things that actually broke got fixed. Admittedly they had less IT infrastructure to worry about, but their scepticism about apocalyptic warnings from the West was perfectly justified by events.
I think we are seeing the same pattern with Security issues. There is undoubtedly a problem, people certainly need to spend money on it, for sure CEOs don't really understand the issues and last but not least the problem is not as big as people make out. I guess this is why a few public spirited types are trying to spread some panic in boardrooms.
Question is whether this is a bad thing or not. I'd love it if everyone invested wisely and promptly, but right now its in my personal interest for them to just invest in security services full stop. (or at least to pay me to implement more security)
If everyone goes too far in securing IT who really suffers?
I always interpreted Maximum overdrive as more of a ghost story, so that part never really bothered me. I mean Stephen King does fantasy, not science fiction.
This is mostly all garbage because there is still to much hardware and software diversity. Sure this could POSSIBLY HAPPEN if everything was running off Windows on an x86 chip. But still now that is not the case There are still differnt breads of processors SPARC, MIPS, GX, ARM, Aplha, etc... And there are differnt Operating Systems that run each Processor. So making a killer worm that will distroy all Computers is near impossible because there is to much diversity. and I for one would want to keep it that way, actually I want to get more diversity. More different ways of solving the same problems is a good method each set may have bugs and holes but each one will be a different set of bugs and holes. Just as long as we dont follows MS idea of using a x86 chips and XP for every thing eltronic we should be OK.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
"Press Enter" by John Varley
or
"The Adolescence of P One" by
for tales of AI gone bad. There are others...
Human: "Is there a God?"
zzzaaaappppp - lightning strike fuses the power switch on.
Computer: "Now there is."
The living have better things to do than to continue hating the dead.
The way we are going now, with OS monoculture and lack of physical separation of vital/non-vital systems, this isn't that far-fetched.
Basically, once a sufficient number of vital systems are internet-connected, running the same software & OS, you've got yourself a big, fat potential vulnerability.
This cannot be fought with anything but a painstaking effort to secure the infrastructure that is vulnerable, and keep the secure infrastructre secure. This does not only apply to the US. If such an attack was launched on Europe or South-East Asia, it would also have a devastating effect. We all need to protect ourselves.
Stop the brainwash
would be stupid enough to allow a PACEMAKER ?!?! to be controlled by the internet ? What a total ASSHAT this guy is. The saddest part is there is nothing we can do about it either...Anyone from NZ around ? hows the political climate there ? been thinking of emigrating from the US and I've been trying to track down places that have a shot at staying less than facist.
errr....umm...*whooosh* *whoosh* Is this thing on ?
But we will kill the alpha male, they will all starve, fail to breed and die out.
..... if left to the devices of Microsoft and companies who focus on the bottom line, instead of secure, stable, atomic software. They would absolutely LOVE to have Windows embedded in some form in our public works infrastructure -- not only would it a recurring source of revenue (thanks to their new licensing model), but it's a massive new (and, as of right now, thankfully unexploited) market, as well.
Before software is deemed safe to run the more "modern" aspects of our lives, I think we need to hold people / companies accountable for the work that they do (or don't do). Somehow I think that MS would be less enthusiastic about peddling its wares if they were held criminally and financially liable for the consequences associated with any of the bugs in their various OS'es.
"The Net (another Sandra Bullock film) has a woman who's whole identity can be erased (especially when the FBI, Pentagon, and everybody else use the same anti-hacking software, which incredibly is used by evil hacker types)."
See, that's the best part of the movie. The fact that a monoculture lends itself to insecurity. Look at farms of IIS servers. Are they secure? Why not? Would we be better off with every HTTPD having equal market share? 100% Apache?
Don't knock the only reasonably accurate part of the movie!
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
So who's idea was it to appoint a "Fudmaster General" to the government ?
It was the second hour of a two part documentary on hackers, and it was VERY well produced with lots of subtle manipulations all of which seemed friendly and wise. The finished product aired detailed several true items, amplified them, mixed them in with some twisted until almost false items, dropped in serious faced legislators with hysterical, doom & gloom viewpoints, mentioned the FBI and CIA many times, fuzzed out people's faces, --And then spin doctored the whole concoction into a whirlwind of fear.
Their points were:
1. There is basically NO security which can stop the truly determined hacker.
2. YOUR vital information, money, identity, etc. is valuable to the evil hacker and can easily be comprimised.
3. Airplanes can be dropped out of the sky, hospitals shut down mid-operation, train systems messed with and whole economies crashed, blah, blah, blah. . .
4. There are not enough laws and legal recourses to deal with this disaster which could at any moment strike.
5. Even the American military has a special division charged with the task of swooping in to keep the country from self-destructing should an evil hacker decide to end the world via the internet. -It's THAT serious! Fear! Fear! Fear! (Yawn)
Anyway, because I forgot for a short while that I was WATCHING TELEVISION that I was also being MANIPULATED. Stupid, stupid, stupid. (I stopped watching the evil tube months ago. I'm not sure how I lived back then! Even without two hours or more of crap nonsense per day, there still aren't enough hours between sun-up and sun-fall to get in all the living I want. --Oh, and try watching something after six months of abstaintion; even the 'good' shows suddenly look remarkably brain-dead!)
Anyway, all the government has to do, when enough of this incorrect, (but remarkably easy to sell), belief structure has been installed, is deliberately screw with some major utility or whatever, and then drop in the paratroopers. And people won't put up a fuss, cuz you know, hackers, right?
Essentially, the whole fear-farm works like this:
1. Show vital services and just how bad things would be should they be crashed. This causes anxiety and fear.
2. Deliberately misguide people into believing that ---insert scapegoat here--- can easily cause the above mentioned disasters.
3. Show how the legal systems are woefully underprepared for dealing with this kind of threat.
4. Leave the audience dangling and ripe for the picking. --You only have to get enough senators to watch your 'informative' crap, and bingo! Job done.
It's all a shell game, and the winner takes ALL.
-Fantastic Lad
"How do you argue with this kind of rhetoric, especially when it's being spread directly by government officials to corporate leaders?"
You can't. Most people are idiots, and in the United States, where people are indoctrinated by religious and educational establishments to have unquestioning faith in authority.
Just look at the decades of effort it took for anyone other than white males to be treated as human beings. Homosexuals still don't have the same civil rights as heterosexuals. Do you really think that the computer nerds of America have any real hope of countering the computer-realted bullshit spewed from the mouths of the government,AntiVirus companies, Microsoft, and cable news "experts?"
Your best bet is to do what I did. Realize that getting geeks to do more than write letters is next to impossible, trying to lead them to stand up for their rights, or even for intelligent thought, is hopeless. Your best bet is to just take a different strategy: Get a job working for these assholes, and enjoy the ludicrous salaries sleazy government guys are passing down to the people who build the infrastructure that keeps them in office (At least until some other politician turns the tables.).
Wow. Can you imagine a pacemaker without internet access? Seems outragously boring... almost like riding on a bus with Sandra Bullock, but without a bomb. Get Real!
Who would ever trust his life to a device that's not internet connected?
Nope, no sig
Where does Nimbda keep coming from? IIRC it was Nimda, the reverse of Admin.
This is what I have to say to Mr Schmidt:
;)
Y2K
The end of the world was predicted. Nothing happened. Why? Because good people worked their asses off and prevented the Y2K "damage".
Hint: want to avoid 90% of all problems on the Internet? Follow this three step program:
1. Avoid ALL M$ products like the plague.
2. Whatever system you use, keep it up-to-date, apply the patches and the security upgrade religiously.
3. Whatever system you use, lock down all un-necessary services and ports.
4. Whatever you do, don't put everything on the Internet! Pacemakers, energy grid and air-traffic systems don't have anything to do on the Internet. period.
And no, I won't buy Palladium just because it's the One True Technology That Will Save Our Sorry Asses From Evil Hackers!
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Many of these civic systems don't work anyhow in my town. Nobody would know the difference if they were hacked.
Turn on water, rat flows out, 'nother day in paradise.
Table-ized A.I.
The consequences of bad data being sent by such a network presumably are limited. I would be extremely surprised if the controller for an individual light could be changed to any old color at any moment.
"When a distinguished but elderly (+30) scientist states that something is possible he is almost certainly right. When he states that something is impossible, he is very probably wrong."
"The only way of discovering the limits of the possible is to venture a little way past them into the impossible."
"Any sufficiently advanced technology is indistinguishable from magic."
-Arthur C. Clarke's three laws.
How are you going to connect to it remotely at all if it has no incoming signal capability?
anything that has incoming can be flooded to death whether it wants to respond or not
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
He is merely acting on the inside for Microsoft, trying to push Palladium. Since he works for the government (and Microsoft), he can be seen as "legitimate" and help push companies to continue the Microsoft way, "upgrade" to the coming DRM-friendly, supposedly secure, next big M$ operating system. With people like this in the guv'mnt, it will slow or stall any attempts to open up guv'mnt computing the correct way for citizens and continue to help M$ maintain its illegal monopoly.
His part of the guv'mnt works to help M$ while the DOJ attempts to punish M$ (hobbled/crippled by M$/Big Business-loving Bush) for illegal activities past and current.
He is to be ignored. This catastrophism is an ongoing thing and is mere hyperbole. The digital sky is NOT falling and it will not unless we DO adopt a Palladium monoculture with DRM for everyone. The sky that would fall would be competition, GPL, more civil rights, etc, all in favor of Big Business and Big Business alone.
In Bushworld, they struggle to keep church and state separate in Iraq as they increasingly merge the two in America.
Oh really? "Sheeple" want fridges that print out grocerly lists? Fuuny, I don't remember any of the "Sheeple" I've talked to wanting those things. Where did I hear about stuff like that... oh yeah, it was here on /.!! Seems like either Microsoft or people here would want stuff like that, but people who are happy watching a 20" TV with mono sound are unlikely to want such things.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
... not directly on a public network in most cases, but inside a firewall or whatever.
... I get busy, I put the kettle on, in the old days it had a whistle to let me know it was boiling, nowadays it just shuts off and when I remember and come back it has cooled down again (tea must have freshly boiling water, really!) By having a home network, I can be watching TV or debugging an opensource app and a window will pop up to say "kettle boiling" or "your toast is burning" or "your back door just opened and here's a picture of the man in the black hood entering your den". I want to be able to program my VCR/PVR from my mobile phone/PDA on the drive home ... I want to be able to switch on the heating 30 minutes before I get home no matter how late I work ... I want to be able to go to bed and think "did I switch off the stove?" and be able to check it without going downstairs .. ... so there's no advantage in putting your toaster directly on the public internet, but having many devices accessible through some sort of firewall I would buy ... and why the toaster? Well, if you're going to have it monitor for burnt toast and send an alert, might as well use a standard (tcp/ip) over wifi or whatever rather than another proprietary protocol (like Sony always loved, I have several bits of old Sony hifi, all with "control" sockets and all incompatible)
A connected house has advantages
"Former Microsoft security chief Howard Schmidt now works for the government as the vice chairman of the Critical Infrastructure Protection Board. According to this article on Security Focus, he has been touring the country, proclaiming the dangers of "zero-day viruses" and "affinity worms" that will create the kind of havoc that nothing else short of a nuclear exchange could cause.
Mr. Schmidt would known exactly what's possible since his former employer is responsible for 97% of it. All those kinds of things would be spread over Microsoft products, particularly Outlook, Exchange, IIS, and Windows.
"Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet, declares Schmidt.
Isn't Microsoft trying to get Embedded NT or Windows CE for Retarded Agencies put into these kinds of devices? They already put a battleship in a vulnerable position several years ago with NT, now they want to destroy the rest of society with it. I don't know if Schmidt is being sarcastic or just brutally honest, but he's got to know Microsoft is the problem here. If he doesn't, he's not mentally capable of having any job, much less one with such a high profile.
== Paul Rickard, Editor of The Microsoft Boycott Campaign ====
why tie a pacemaker? So it can be tracked somewhere by a computer tied into the cell phone network that keeps a list on all the pacemakers out there and flags someone when it begins to falter. (Hope the batteries last longer!)
That way Medic-Alert can be rushed into action and allow someone to save the poor sap who has the failing ticker-shocker before he gets so disoriented that he cannot save himself.
This has the potential to save THOUSANDS of lives! Really!
(compare to irradiated beef.. Do I want to eat meat that has been exposed to radiation? Especially after the "people" who test it said its fine after a relatively short test period, the same people who said hormone replacement therapy was fine^H^H^H^H^H a bad idea?)
No.. but sell it as if it will "save lives" and people will jump on it. How many people die every year from bad beef? How many people WILL die in 20 years when they find out its worse for you to eat it than it is to risk getting Salmonella or E-coli? Answer: It doesnt matter. Someone somewhere is making money on the tech, so it must be good.
Feminine Protection? What is that? A chartreuse flame thrower?
Forget fighting it. Start playing along and sell "security products." The guys at Symantec, Mcafee, etc. figured this out long ago. You can either mutter about how they exploit the ignorant, or start wiping your ass with hundred dollar bills.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
See their download page.
The sky is falling, the sky is falling!!
What is the second half of this? The SOLUTION!
Palladium, internet filtering, access controls, NET Guard, TIPS...
Do you think it is a coincidence this chicken little was the Microsoft security chief and now works for the government? Would Bill really hire someone that stupid? He is doing his job in a much larger strategy.
Anyone else see where this is going? The FORMER HEAD of MICROSOFT SECURITY (and quite frankly, microsoft and security should *snicker* never *snicker* be used in the same sentence together).
Obviously... Microsoft is very very happy now. They got the x-head of their security to be high up in government PROTECTION. Now this chicken little is running around squawking. Ya, I can see the next *initiative*... Paladium anyone? Government sanctioned because some LOSER who couldn't design a SECURE HOUSE LOCK is squawking.
For as many times as we accidently bomb some afgani wedding, can't we accidently bomb redmond? Please? Purty Please? With sugar on top?
I still have a cellphone now. I work, I'm back home and I don't move much. Actually, I could just throw it away and nobody would notice it because I don't call on it and I don't get called on it. The only thing I use it for, from time to time is to check my email when on the road.
My point is: a cellphone is useful in some circumstances, but in others it is utterly useless.
Fridges that call servicing, or order food by themselves are a big no-no in my eyes. A nice little paper on the fridge door does very well as grocery list. You take the last egg, write "eggs" on the list. Takes 3 seconds.
The servicing doesn't sound well to me either: imagine the compressor runs a bit hot but it would last another 5 years. It calls service anyway, the guy repairs it and you get a nice little bill of 500Euro...which you could have avoided easily.
Bah, technology is nice....but you don't have to overtechnologize everything.
Not nessicarly. When I run a marathon with a pacemaker, a doctor will be required to monitoring my heart in real time. Worst case he might pull me out, but at the very least he should be making real time adjustments. (Note, currently those with a pacemaker cannot do such exercise, which is why I picked it, at least the first few attempts should be monitored in real time)
I can come up with other examples, but I think it is clear, real time monitoring of someone with health problems is a good idea. However the point that it must degrade gracefully in abuse situations is critical. The mafia better not have a chance to kill me remotely. (or at least they better know that while they can, it is instantly traceable to them, so they won't dare)
Implmentation details are left as an exercise. I am however well aware that they are not trivial.
And you could upload a MIDI file of that "Yakitty Sax" song to the pacemaker so Gramps will have some musical accompaniment as he runs around the house...
- Have a picture
the only way to prevent all of this is to use palladium. haha
Sounds like Y2k. Now THAT was a serious threat, but by the time the event came there had been enough publicity that every company did their due-dilligence. If Win95 was running traffic lights, pacemakers, etc there would be enough homogenity and flaky code to make me a bit nervous, but otherwise...i have a perpetual motion engine to sell you.
John Maynard Keynes: "When the facts change, I change my mind. What do you do?"
Former Microsoft security chief Howard Schmidt
Just explain that it's not going to fail, because this guy is no longer engineering it.
"Traffic lights, pacemakers, appliances -- all subject to outages and interruptions because in the future they're controlled via Internet, declares Schmidt.
Pacemakers? What a dumbass. Although, it would be kinda cool to have cron job which turned grandpa on and off.
Need Free Juniper/NetScreen Support? JuniperForum
Anyone who engineers anything as critical as the controls to a pacemaker or a traffic light to be remotely configurable or writable is just asking for trouble.
Unfortunately, remote adjustment of medical implants (including pacemakers and drug-delivery systems) is sometimes life-critical, often greatly health-enhancing. So many of the devices are remote-accessable. Some of them (such as implanted defibrilators) also log info about the patient (i.e. when / how many times he had to be de-fibbed) and can be interrogated remotely.
But "remotely" means "via a nearby inductive loop (or the like) on a special-purpose device", not an internet link. (The interrogation device, of course, will have a computer in it and might be networked - but that's a separate issue.)
But don't you think the people who design the device and its software don't KNOW that? Medical device hardware and software is built by engineers working to a standard above that of telephony, which is in turn far beyond mil spec. (Yes you can get screwups. But they really do put in the effort. The management knows that killing a couple patients will kill the company, and they have the money to pay for good work rather than cutting corners.)
anything that has incoming can be flooded to death whether it wants to respond or not
Not true. Anything with an incoming link can have the link itself DOSed and taken down for the duration of the interference. Any radio can be jammed, too. But a communication module can be designed so that it doesn't exhaust resources needed by the rest of the system, and so that it will recover from the exhaustion of its own resources as soon as the attack ends.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Never try to match wits with an idiot; he'll drag you down to his level and beat you with experience.
Just thought I'd pass that along.
Michael C. Hollinger
Even a google search couldn't help me.
Does the rest of the world know something that I should?
Well, on Saturday, when there was an explosion at the Con Ed plant in Manhattan, the street lights didn't work...but nothing bad happened other than a few stores closing. Hell, traffic was a little backed up, but if they'd had some traffic officers there, that could have been avoided. And to tell the truth, it didn't look so bad.
I really can't stand the tech-attack FUD that the Bush administration is spewing out. If someone fucks up the global bank records, I could see that being a problem (although the economy is more or less in shambles already) but c'mon, what else is going to happen? Al-Qaeda spam ? Someone will hijack my ebay account ?
C'mon, really. I'll believe it when someone gets past my home firewall and somehow manages to strangle me with an ethernet cable by sending the right packets through it.
Luckily, america is not the world.
... assuming you can get conectivity to the net at all.
... assuming the country isn't destroyed in a nuclear conflict with Pakistan. India is probably the most appealing possibility out there (and having visited that country once, I can say I rather liked it there).
... most of the internet traffic is currently passing through the United States these days ... until that problem is solved, the Long Arm of Uncle Sam, Aunt Hollywood, and Little Billy Gates will reach everywhere, making it difficult for anyone to persue freedom, inside the United States or anywhere else.
Yes, and the day I emigrate from the US is growing ever closer. I've given this serious thought and consideration, and the question remains: where can one go and remain free?
Canada seemed like a nice choice. Buying property and living there as an American is straightforward, the people are nice, the culture, pleasant, and I could afford to keep my airplane and maintain my lifestyle. But, alas, they just had a precident-setting ruling that outlaws the existence of a 3rd Party technology simply because it annoys a product's manufacturer. Goodbye Linux on the X Box, which means in a couple of years, Goodbye Linux on any Palladium hardware.
Europe? The European patent office is eager to follow America's lead and start issuing software patents (in fact, I believe they may have already begun doing so). Europe is considering an EU-wide law that is even worse than America's DMCA.
Central America? The US tends to invade any of those countries that tick off [insert favorite large enterprise here, MS certainly being a possibility], and with the government's current state of belligerance I don't hold out much hope of that changing. Were it a government of the people one could expect better behavior, particularly with the rather popular feeling that out cold-war imperialism was flat-out wrong. But alas, as we all know, our government is one of and for the corporations, and the opinion of little folk like us isn't worth a whole lot anymore (if it ever was).
Africa? That is all pretty hit and miss
India? That is perhaps the best option to date
But
So, there may well be nowhere to run, and perhaps this battle isn't as irrelevant to those who are outside of the United States as they might like to think.
The Future of Human Evolution: Autonomy
It's an ex Microsoft security chief... What do you expect?
What I expected (from the reporter's story) was a description of the alleged security threats he was talking about and possibly an insight into some microsoft vulnerabilities that we haven't yet seen exploited in the wild.
What I got was a content-free hatchet piece that was so busy ridiculing the ex-Microsoftie and his alleged threats that it didn't bother to actually REPORT them.
We know how fast something like the Morris worm can spread. I'd like to know if Schmidt was describing, for instance, a similarly fast-spreading beast that could infest Microsoftware.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
if my cellphone is barely on the 'net, why should my fridge be?
Yes, I know the USA is behind in creative additional uses of portable networked devices, but even then, the only really compelling apps, the only ones people pay for, are the ones that facilitate communication between people. Almost every other wireless app will be niche status for the foreseeable future.
this article says it well--what do people shell out for at Internet Cafes when they're on vacation? It's not online shopping or browsing...it's good ol' e-mail. The near future of cellphones is voice communications (duh), e-mail, and maybe sending pictures. It's not the chance to browse some tiny version of the web or order stocks.
So, I think the rather slow progress of handheld wireless networking has implications for networking beyond the PC. The technology for controlling your house appliances online has existed for a long time; still a minor niche. People don't want their fridge fiddling with their recipes...a much more promising technology there is putting standard barcodes on premade foods that your microwave can scan and know how long to cook, kind of a VCRPlus for food prep... anyway, we're a long way off from having all of society's hardware on the regular 'Net, though obviously cyberattacks have the potential to be more damaging as we rely on the 'Net more and more for information services.
SO YOU'RE GOING TO DIE: The Comic for Dealing with Death
Why all the hate against technology and people who use/enjoy it? And who died and made you the ultimate authority on what should and should not be hooked to the internet?
I dont hate technology, and I dont hate the people who use/enjoy it. I hate being viewed by big business as a bottomless pit of money for the newest fangled crap that I dont need. I buy what I need, and otherwise ignore a lot of it, but there are people out there who dont do that. Those people are the ones spurring on this mad race to integrate everything.
I friggin love my PDA. I had paper organizers for years and I would always leave them somewhere or not have them with me when I needed to write something down. With my PDA that doesn't happen. What is your major malfunction? In another post you want people to actually be satisifed with simpler times and to not go crazy when the electricity goes out. Did you suffer a nervous breakdown recently because of your IT job or something??
Good for you. I occasionally use my Mako for something other than playing games. Rarely, though. I find I keep stuff in my head better. If I stuff it in an organizer, I have yet *another* thing to carry around, and I have to remember to read it, charge it, update it, etc. If I have it in my head, I only have to worry about forgetting IT.. not six other things tied to it.
To each their own.. Im not saying that technology is bad.. Im saying that it sometimes gets used in utterly useless ways.
Maeryk
Feminine Protection? What is that? A chartreuse flame thrower?
Another valid question is why the hell you would want all of your traffic lights and everything hooked up to the internet. There ARE networks separate from the internet. Why are we working to combine them all? So we can sell more buzzwords?
Not crackers as in computers, crackers as in safe, so that when all of the bank computers failed he could send them to get the gold from the vaults and porn from the safe deposit boxes. With that, who'd need electricity?
Virg
Pacemaker stopped? Don't worry! The hospital is automatically contacted and an ambulance is on the way. All thanks to the Internet and GPS. (Meanwhile, we get to keep track of where you are so that we can enhance the marketing power of our company and our "affiliates.")
Car stolen? Have no fear! We caught the thief on video and identified him before he even had a chance to start the car, which he won't be able to do anyway since his facial structure doesn't match yours. (Furthermore, if anyone other than you is to drive your car, you will have to register them as additional drivers, therby increasing registration fees and insurance costs. Oh yeah, did we mention the EULA you signed at the dealership? Each additional driver will cost you another $20k)
Wish you didn't have to make dinner everynight? Your prayers are answered! Our new, government patented refrigerovefreezewavestoventry will do it all for you! It stores and manages all your food, including monitoring expiration dates and printing out shopping lists. Choose predefined or custom recipes at the push of a button and your job is done! New recipes are downloded off the internet. Shopping lists can be submitted to a delivery service at the push of a button. (All recipes entered into the system become the property of the Acme Corporation. Your eating habits will be recorded for marketing and health insurance purposes.)
TodayTM BillyJoelTM GoogleTMd for StitchTMes due to WindowsTM while RollerbladeTMing with an AppleTM and a PopsicleTM
They don't have to be on the net. I used to work for a government department that controlled traffic lights. From my workstation I could change the state of almost any traffic light in the state. From my workstation I could also browse the internet.
Consider then a virus that allowed someone to put a back door into my workstation. They would then have the ability to sniff passwords and ultimately give them control over the traffic lights.
A similar thing could be said for any device which can be controlled from a machine which is either connected to the net, or can be accessed by other machines ultimately connected to an untrusted network.
While the chance is slim that any of this could happen, don't discount the possibility just through your ignorance of how these systems could be attacked. Sure the traffic lights aren't directly connected to the net, but that's not the point.
Fear: When you see B8 00 4C CD 21 and know what it means
A pacemaker should never have a pulse rate outside of 40 bpm to 120 bpm. Sure, it'd be inconvenient if your pulse went down to 40 bpm, but you wouldn't die... maybe you'd pass out. Sure, some athletes have resting heart rates of 30, but if you need a pacemaker, a pulse of 40 to 120 is completely functional. If the CPU tells the hardware to beat outside that range, the hardware should put out a pulse rate of 72 bpm - the average resting heart rate for an adult male, slightly slow for the average female but it's easier on the heart.
Stoplights should have a finite state machine in hardware. One of the inputs sould be a hardware timer that goes low after a state transition and goes high 3 seconds later. The CPU can control some of the inputs to the FSM, but there are no unsafe states and no unsafe transitions. (i.e. "red, green, red, green" can only go to "red, yellow, red, yellow", "r,g,r,y", or "r,y,r,g"). This way, the CPU has no "words in its languge" to describe a transition to the state "green, green, green, green" or from "red, green, red, green" to "green, red, green, red" without going through 3 seconds of "red, yellow, red, yellow" (i.e. if the timer input is low, all of the state transitions for that state return to itself). This way, it's imposible for the light to be in an unsafe state or make an unsafe state transition.
You have the hardware check representational invariants (40 <= heart_rate <= 120) and go into a safe fallback state if the rep. invar. is violated (heart_rate = 72). Otherwise, if the states are simple enough, you have a finite state machine containing only safe states and safe transitions. (If the FSM is too complicated, it's easy to screw it up, so you should have a rep. invar. check to back you up.) If you use one of these techniques, a terrorist can at best inconvinience you, even if s/he replaces ALL of the web-connected CPU's software. A small FPGA or CPLD to do this enforcement costs less than a couple of bucks and the programming is pretty streight forward for simple invarients like those used in stoplights and pacemakers.
There may be reasons to give net connectivity to stoplights. (I can definately imagine giving them 802.11 with IPSEC so that ambulances can change the lights ahead of them witout having to have the 911 dispatch center do it for them.) As long as you have proper hardware enforcement, these things aren't a problem. If the terrorist has the time and acess to pull out the FPGA and re-burn it with some unsafe states, s/he might as well clip the wires to the lightbulbs and cross-wire the lights. On a similar note, if a terrorist has the ability to take the FPGA out of the pacemaker and reprogram it and put it back in the person without killing them. (Maybe for blackmail purposes.) Why not implant a remote drug O.D. injector or a remote triggered half kilo of semtex in the abdomen?
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
Ah! It does this by turning your heart on and off really fast, just like the way sound was produced on the old TRS-80s?
...About the Earth expiring in 2050!! Yadda, yadda, yadda. All these studies see to have one thing in common: They seem to assume the Earth (or the net in this case) is a static enviornament in which nothing changes, from technology to resources. Every worm and virus to this day has acted to strengthen the structure of the internet. Sure, they've caused problems, but they've cause anti-virus software developers to adapt. Sure, somebody can develope something nasty, but if it can be made by a man, it can be analyzed and circumvented by a man. And that's what backups are for anyway. Any admin worth his salt and any absolutely critical system has backups and redundancies. It may hurt, but it will hardely be the collapse of civilization the artical seems to advocate.
You need a FREE iPod Nano
There are two ways the digital fridge can work, outside of failure monitoring. First, you tell the fridge what's in it, and it tells you when you run out of it (an extension of this is that you tell it when you bought your milk or eggs, and based on the date it tells you when you should consider throwing it away). The other way is that you tell it when you want to buy stuff and it tells you what to get. The most common method of this is that you tell the fridge when you put stuff in it, then you tell it what you're making, and based on the recipe, it advises you as to what ingredients you're missing.
In short, it knows what you want because you tell it.
Virg
The article makes fun out of the ex-Micro$loth's predictions.
Tech Public Policy stuff
what if he's right?
This
The solution to that is simply make it illegal to use Microsoft products in any life-critical situation.
While this doesn't make stupid software design for traffic lights, SCADA systems, etc. impossible, such law would prevent stupid design from being unavoidable and inevitable.
Tech Public Policy stuff
The one thing the internet has that prevents massive worm penetration is heterogenality (sic) . When nimbda (sic) came out it was windows boxes. This did not effect (sic) apache/*nix boxen (sic) .
However, Code Red did "affect Cisco 600 series DSL routers by inadvertently triggering a previously published vulnerability" (my emphasis). And, if I remember correctly, I think it also affected some HP print servers, too.
Operating systems are complex. Routers use operating systems, as do dedicated print servers, and many other electronic devices. Even if a device or operating system is not specifically targeted, it can still be inadvertently hit when connected to a world-wide Internet.
By the way...any statistics on how many smug Windows-loathing administrators aren't up to date with the patches for their routers, print servers, managed switches, firewalls, etc.?
This sounds like we may get a little bit of Darwinism out of this - everybody who is smart enough to realize how ridiculous this is will come out on top, and probably make a tidy sum off the fools who believe that the sky actually is falling. I think I should become a consultant for the PHB's in their all-windows shops, and charge $100,000 to tell them they can get a more secure, stable system by switching over too... well you know what I'm going to say, this is slashdot!
Seriously, if people are going to make ridiculous claims like this, and management starts to believe it, why can't we hire ourselves out to make sure the company's print servers can't make all the traffic lights in a five mile radius turn green all at once? Sure it's unethical, but I gotta eat too!
I really hate signatures, but go to my website.
I've seen it when traffic lights go dead mid-city, and the amazing thing is that no one gets mashed. Cars still behave and the like cause people stop being compliant and start being courteous. It's a lovely thing.
Excuse the Unicode crap in my posts. That's an apostrophe, and slashdot is busted.
Who has a pacemaker with an IP address???
Heh heh, perhaps the people who want this clothing line to actually be more functional?
Solomon
"Twice half-assed makes an ass whole." --Solomon K. Chang
...it will be the end of freedom as we have come to know it.
I think it is more accurate to think it will be the end of the convenient freedom we have become used to. If the Internet disappears, we can still send hand-written letters, subscribe to newsletters, stand on a soapbox in front of the courthouse, read the paper books of our choice, etc. The First Amendment will remain intact, but there will be fewer media in which we can exercise it.
The logical conclusion to DRM and Palladium is that the technological golden age we seem to be in will diminish, the U.S.'s dominance in computing technology will vanish, and the only real growth industries in the U.S. will be the old stand-bys, such as retail stores, services, and some manufacturing. It will be like living in the pre-computer era again, when sophisticated mechanical and traditional electronic devices were booming. In a way, it is sort of romantic (whether the reality of it is desirable is another matter, however).
Healthcare article at Kuro5hin
What kind of farking idiot would hook his pacemaker up to the internet? It sounds to me like the guy in charge of securing the computing infrastructure of the U.S. knows jack $hit about security. IIRC, the government has always known that the best way to secure a system is to have a "wall of air" (read: don't make it accessible remotely). Even if they do hook these systems up to the internet, as long as they don't run M$ products (Outlook, IE, etc.) on them, and they used a little common effing sense in their security measures, they should be fine.
It sounds to me like this still M$ crony is trying to use his position to push Palladium.
BlackGriffen
How do you argue with rhetoric? You don't. You laugh at it, you demonstrate it's fallacies, and you look at who appointed this asshole (and people like 'em) to where they are at, for THEY are the ones with something to gain.
"Avast! Prepare for the rodgering!" THWACK! "Arrr.. me nards.."
All I can say is: "I hope it falls on his head".
(Oh, that's good to get off of my chest!)
Free Software: Like love, it grows best when given away.
While I'm the first person to acknowledge that marketing pushes a lot of products on people that they don't really want or need, both of your examples here fail.
Day-timers are great for people that have 50 contacts and 5 items on their todo list. My mom used to carry around one of the 5x8 ones that was quite full. It didn't even fit in her purse, so it was very inconvenient. I kept demonstrating my PDA to her, that it was indeed easier to use than the laptop she used at the office, etc. Finally she lost her day-timer and freaked out. There was no way she was going to recall all the appointments she had made over the coming weeks and months. Luckily, she had only left it at an associate's office who called her the next day. She immediately switched to a PDA and within a month was able to use it far more efficiently than the day-timer. If she loses that, it's all on her laptop at work.
As for cell phones, I'm quite happy with mine. As long as you don't go nuts and start thinking that just cause it's ringing you have to answer it, you'll be okay. I turn it off when I don't want to be interrupted, and I put it on vibrate when I carry it so no one else is ever bothered by it. Two recent examples of being useful. Saturday we were driving to a friend's party an hour away. The driver had written the directions incorrectly, so I called my friend on the highway to get the right junction. Then Sunday a friend called while I was shopping to see if I wanted to head to another friend's house for the day -- he was just leaving home and could pick me up on the way. That's convenience and new opportunities that I'm glad to have.
That one idea for a new gadget (internet-enabled pacemakers) sounds like a bad idea doesn't mean they all are. If you could work out the security issues completely, network-enabled traffic signals could be very useful. Imagine an ambulance leaves the station in an emergency. The system operator could have the traffic signals along its path go red in both directions and ring they're own sirens, giving advanced notice to cars and pedestrians to clear the street.
As for worrying about giving your son a laptop, I wouldn't lose any sleep over it. I had legos as a kid (no home computers), so I said, "Hang on. I'll put away my toys and be right over." And I don't feel I'm somehow scarred by it. :) Computers are tools, like toys, books, and guns. The key is to educate your children in their proper use before you let them use them. Some tools may have bigger consequences in misuse than others, and that should be discussed as well.
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
Let's see... security is a shambles, the world is coming to an end. Every access point is a blazing security hole. Who will protect us? Who will make us safe? How will we get that warm fuzzy feeling back? Why, of course! By using Microsoft products!! (right.)
You say the power grid is vulnerable? My, my.
Let me show you something:
"This is your power plant...
This is your power plant on Windows."
Vortran out
Knowledge is like ignorance.. too much can be just as bad as not enough.
Bull. Hype and the labor of countless millions of IT folks turned into dumpster fillers did not solve y2k for us. It's more like y2k was a fraud. Funny how all my old equipment still works with no effort on my part at all. Systems not designed to be fail safe are flawed.
Never the less, it's a good thing you brought up y2k as it's the easiest way to fight the FUD:
Y2K and war are now perpetual. Right!
You will only suffer continuous computer failure if you use M$.
Friends don't help friends install M$ junk.
Let's see, URL News story
One line blog. I hear that they're called Twitters now.
Sounds just like the year 2000 hysteria...
That article was a little bit too much opinion, not enough information. This one's a little better:
President's Advisor Predicts Cyber-Catastrophes Unless Security Improves
Just to ease the suspense, he still comes across as a bit of a loony, but at least there is enough meat in the article to properly discuss.
Premises:
- The general public are not idiots, just normal people, and normal people don't understand technology.
- Normally, people are afraid of things they don't understand, and are willing to believe just about anything to assuage that fear.
- Normal people are willing to trust authority figures, even if you aren't.
Conclusion:- You stand a great chance of spreading anti-BS FUD by proclaiming yourself the Grand Poobah of Internet Security, and ranting to anyone who will listen about how the evil hackers are already working for / in cahoots with the government to destroy your lives and steal your Wonder Bread.
I betcha most of the people readingThis post expresses my opinion, not that of my employer. And yes, IAAL.
I'm not disagreeing with your larger point, but I notice a certain tendency among geeks to possibly misunderstand business events. Bankruptcy is not necessarily bad news for the executives and officers of a company. In fact, they may have planned the bankruptcy as a chance to sell off some assets cheap to friends or to other companies they control. I'm pretty sure that whoever actually cooked the books at Worldcom benefited substantially from the fraud and doesn't care at all if the company is bankrupt.
Likewise, separation from a company is not necessarily bad news for executives/officers/partners. There are frequently huge golden parachute payments. You point to the "death" of Arthur Andersen as if it's some cautionary tale to accountants - I doubt it. I think the partners made lots of money by selling diluted auditing, and always knew it couldn't last. They will move on to new accounting firms and continue their careers. Trying to translate misconduct into dollar terms doesn't work too well because the dollars belong to "the corporation" and the people making the decisions have no problem with "the corporation" losing money if they make money.
This is probably a troll, but if so it is a reasonably clever one, so I'll bite.
This is extreme even for Slashdot. You ought to be ashamed of yourself.
Nonsense. I have accurately described the logical consiquence of any one of the aformentioned efforts (Palladium, DRM, The "Disney" Hollings Bill, etc) reaching fruition. If it sounds extreme, perhaps you should be directing those thoughts at those who are promoting these efforts: it is their goals which are extreme, not my shedding some light on them. You don't even need to take my word for it: read today's New York Times.
You set up a strawman which I will not bother to knock down, except to point out that I mentioned a confluence of events, not a conspiracy as such. In other words, interests happen to coincide, to their benefit and our great detriment. As for an "organized movement:" if you believe for one moment that the entertainment cartels are not organized in their efforts to lobby and shove DRM down our unwilling throats you are a fool. If you believe Microsoft's lobbying for Palladium is not organized either, then you are oblivious to even the most obvious, front-page (technical) news items we've been seeing here and elsewhere for weeks. Finally, if you believe a marriage of convinience between a software monopolist interested in locking in his monopoly and an outdated cartel interested in banning or neutering technology that threatens its business model and stranglehold on its respective industry to be farfetched, then I would humbly submit that you are profoundly naive. Particularly when the means and technical methodology to do the first is equivelent to the solution proposed to accomplish the second.
Taking away the digital freedom we have come to know and value, in other words, our freedom of expression as we have come to know it, does not equate some grand scheme to destroy mankind (as you would like to so misleadingly represent my thoughts on the subject), it merely indicates that some powerful interests have found that they stand to benefit from doing so, and feel no compunction whatsoever in acting on those interests to our detriment.
The fact that these forces are operating form such banal motives does not decrease the abhorrance of the act they are trying to commit, nor will it alleviate the detriment it will cause to the rest of us in the very least.
It is, in short, you who ought to be ashamed, not I.
The Future of Human Evolution: Autonomy
And what does reality have to do with this? (-:
For an example from science, it's been obvious for the better part of a century that the universe is galactocentric - and becoming more obvious with each new, more precise set of measurements - but despite being obvious and a clear winner in `trial by Occam's Razor', that's the one proposal you won't see proposed in Nature or Science as an explanation for the data since it is the one proposal which most offends the religious convictions of many of the scientific Powers That be (and to be specific: including but not limited to the editors of Nature and Science).
If evidence in such a clear, unambiguous realm can be blind-eyed so completely, what hope has evidence from fuzzier fields like politics and psychology?
Time to memorise a 2048-bit key so that you can encrypt your hard drive.
Got time? Spend some of it coding or testing
The problem is this:
Got time? Spend some of it coding or testing
By the way, Apache's had serious security flaws, and so has Sendmail, there are probably at least three other seriously dangerous bugs in widely-deployed Linux applications that could be exploited if the Bad Guys find them first. Any decent Warhol Worm will make sure it's got a good Apache bug to exploit as well as the easier Microsoft targets.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Some of the studies of fast-spreading worms demonstrate that, if there are simultaneous exploitable bugs in widespread versions of Apache and Microsoft webservers, a Bad Guy could take over and 0wn most of them faster than a credible response could be deployed, and if the Bad Guy wanted to be destructive, lots of those servers could be wiped (your basic Warhol Worm followed by a "Thhhattt's Alll, FFfffolkssss!!!"). Sites that aren't running decently secure environments (serious backups, separation between webservers and critical databases, good firewalls, etc.) would be toast. More fun if you can combine it with an attack on Microsoft Outlook Mail as well. There's far more potential for destruction if the attacker also targets important applications, but at some point it's a tradeoff between successful faster destruction and deeper destruction.
Of course, just because there are things that are worth being afraid of, that doesn't mean that we should immediately let the Feds tell us what to do and start trusting them to take care of us, or even give them whopping big budgets and unlimited powers to "inspect" our computer systems, which are some of the major purposes of government Fearmongering.
By the way, while it is owned by Fearmongers, the NIPC.GOV website really does have some good tools and material there - I found it very helpful when dealing with a Staecheldracht DDOS cracker on my lab machines last year.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Do you know what I'd do to an engineer who presented the plans for a pacepaker which is controlled over the internet?
I'd fire the bitch, then I'd inject some air into his veins to see how *he* likes heart attacks.
Maybe that's why I'm not in management?
It's been a long time.
Yeah, like CEOs need hackers to humilate them these days...
It Is the Nature of Information to Transgress Artificial Boundaries