I'd say some things have gotten better, and some worse over the years:
Better:
1: Domestic roaming. When I had either AT&T and SBC Wireless [1], if I drove a small distance out of Austin, and if I ended up calling someone from a cafe, the roaming charges were pretty substantial. These days, it doesn't matter, because one isn't going to get hit by roaming charges in the US. Outside the US, and across the pond, this is different.
2: Cost of a phone. $400-$600 for a phone as well as a year contract. Blergh. These days, one can pay 15 bucks, get a T-Mobile to go prepaid phone, and periodically toss some money for minutes at the device, and have basic communication. If one wants a 1-2 year contract, one can get a decent Android phone for the price of the contract.
3: Cloning. Before AMPS was shown the door, it was pretty common for someone to be able to grab one's ESN/MIN info and go to town. These days, the resources to even copy an IMEI to a different device are beyond all but the most sophisticated attackers.
4: Text messaging. In the past, this was fairly expensive. These days for someone like me who sends/receives a good amount of SMS/MMS messages a month, it is well worth it.
What has gotten worse:
1: Tethering. I bought my T-Mobile MDA (HTC Wizard), and it allowed tethering out of the box, where one just flipped the modem on, and one had rather slow Internet access pretty much everywhere. EDGE was sluggish, but it did get the job done. Now, tethering costs a good chunk a month.
2: ETF charges. $150 from SBC Wireless, I don't mind. $350... yeesh.
3: Bandwidth charges. There are times when I can easily run over 10GB/month on a device, especially with cloud based backups and storage.
4: Tinkerer-hostile devices. Motorola we all know tells modders to go elsewhere, HTC is being held up to the wall and bitch-slapped by the carriers to make their phones unable to take unofficial Android upgrades. Other phone makers are touch and go. In the past, if one bought a smartphone, it was essentially open to whatever you wanted to do with it. Even Apple's devices are getting harder and harder to completely JB and unlock.
[1]: SBC Wireless was a CDMA provider, and AT&T was TDMA at the time. I am glad we have GSM-based networks now, just for the ease of changing out phones with SIM cards.
Problem is that with most modern malware, cleaning up is almost pointless. The only real way to get back to a known state is reformatting and restoring to a point in time that is definitely before any infected code got free reign, or formatting and installing from scratch, reloading the OS and apps, and hopefully any recovered data.
I don't mind an ISP notifying (perhaps via SMS) about viral threats, as it puts their IDS system to good use. However, I am leery of having an ISP automatically pull the plug on what it suspects may be an infection... just too much room for abuse on that front.
It also helps to use an anonymous VPN service, even one that is in the same country. This way, Comcast has no way of telling what is going over the PPTP/L2TP link.
It also strengthens the case of either they provide a legal reason that a judge would sign off on, or they provide compensation for what might be a material breach in their contract terms.
Your network security is good, but physical security might need some work. It can't hurt to encrypt the backup disk (perhaps a TrueCrypt file is the most foolproof), and use some form of encryption for Ubuntu.
Of course, other types of security (Remington, Ruger, Smith & Wesson, Calico) can't hurt either.
Individual security isn't rocket science either. Last virus that I had end up running uncontrolled was the WDEF virus on the Mac, pre System 7. One can do some fairly simple measures so their individual security is up to par:
1: First and foremost backups. Not RAID. True backups with media rotated out. This way, if malware nails the drives and the backup media, restoring is still possible. Backups mean what would be at best a day long install-fest (finding the OS media, installing the OS, applications, and then digging past the used condoms under the bed to find the piece of paper with the license keys for the above) into putting a recovery CD or USB flash drive in, telling it to restore, walking off for an hour or so and coming back to a restored box. It also doesn't hurt to periodically burn critical documents to CD or DVD. For critical stuff, I like having it on burned media (stored offsite -- even a climate controlled self storage is better than nothing, as Iron Mountain may be too expensive), stored encrypted (WinRAR archives or TC volumes) at a cloud provider, and present on a fileserver.
2: Some means of separating your internal machines from the Internet. In the past, I used a Linux box, NAT, and ipchains/iptables rules. These days, I just use a decent firewall/NAT box [1].
3: A method of blocking ads. AdBlock does far more to keep out unwanted crap than any antivirus. Since the largest vector for infection of PCs these days is through the Web browser, blocking out the ad servers (and most of their "wink, wink, nudge, nudge" attitude towards advertisers that use malicious add-on code) pretty much ensures a clean browsing environment.
4: Common sense. If a pr0n site requires a "codec" or "pr0n viewer" application, find a clean site.
5: Use top tier stores if at all possible for music/movies/software. If one has to pirate and doesn't know reliable sources (i.e. someone who doesn't read/.), use word of mouth with people who know their stuff for sites/programs. The answer is NOT eMule/LimeWire/etc. Nor is it "warez search engines" which demand you vote for them, then dump you to another site, all the while trying every browser based exploit possible on your setup.
6: Encrypt everything, especially laptops. TrueCrypt, BitLocker, PGP for Mac (until Lion comes out with true HDD encryption), LUKS for Linux, EFS for AIX [2], and so on. Encryption turns a theft into a "mere" hardware loss, which insurance is for. Done right, it means not having to worry about the data on the drives that were stolen. I prefer mechanisms that use hardware security (BitLocker + TPM with a PIN, TrueCrypt + a keyfile on an IronKey, PGP whole disk encryption + a cryptographic token) so brute-forcing a passphrase can't be done.
7: If traveling with a laptop, use a VPN service at Wi-Fi hotspots. This way, not just FireSheep attacks become a non-issue, but if the owner of the Wi-Fi router is sniffing packets, they won't be able to glean much, other than perhaps traffic timing analysis.
[1]: If someone says that NAT by itself is security, one has to resist laughing in their face. NAT by itself is just security through obscurity.
[2]: AIX's EFS is totally different from EFS on Windows. Same with AIX's IPSec mechanism being different from Windows's IPSec.
On the contrary, it actually benefits the game companies if the old stuff gets forgotten. This way, they can dredge up forgotten IP, market it as a gritty reboot and have something to sell.
Take EA for instance. I wonder how long it will be before they decide to make a Wing Commander reboot for the consoles. Cybermage? The old Origin IP they are sitting on can provide them with decades of IP to attach to what would be another boring FPS.
This isn't a fight that Apple lost; this is a fight Apple has not decided to push. If Apple really wanted to fight this, they could:
1: Reword all cellular carrier agreements where they will drop service and blacklist any devices suspected of being jailbroken (downloading stuff from Cydia repos for example.)
2: Encrypt bootloaders, and have the baseband hand the keys to the OS. This is how Motorola does it, and so far, the trouble of cracking Moto's encrypted bootloaders have gotten modders to move elsewhere.
3: Push software down to the iPhones periodically to search for jailbreaks. If devices are JB-ed, all Apple IDs connected with them would be banned. MS does with the XBoxes, Valve does this with VAC, etc.
4: Have the baseband software and processor (IIRC, the radio uses a separate processor than the main OS), act as a TPM. If the running OS isn't signed, put the device in DFU mode until a valid copy of the IPSW is put on.
5: Ask cellular carriers to cough up IP records of anyone who bought programs through Cydia, cross reference the IMEIs, and when it comes for an iOS update, blacklist all IMEIs gathered which are suspected during the SHSH negotation process.
6: Have a firmware eFuse counter that only allows for flashing higher versions (assuming they are not betas).
7: Separate the iPhones into different models, each having different hardware protection, and when rev B is put out, anyone caught using rev A exploits is banned from cellular networked via IMEI, and their Apple IDs are banned.
8: Get with cellular carriers and lease iPhones the way Ma Bell used to lease telephones. This + a EULA would mean that jailbreaking would be against the law because it wouldn't be the owner's device.
Sony did score a dubious achievement of having a console out for so long before it was cracked.
However, I am almost certain it would have been cracked earlier had they not pulled the Other OS thing out.
I hope Sony learns this lesson... if they have a PS4 with the ability for people to do homebrew stuff on it, accessing the features of the machine (pretty much everything but the DRM stack), it likely would never be cracked. The true jailbreakers/devs can't stand pirates and just breaking a DRM stack so someone can download Madden 2011 from a torrent as opposed from buying the media wouldn't be a high priority on their list.
One can look at some of the tweets of the Apple Dev Team's posts about their contempt for app pirates, and if they could find a way to make sure Installous wouldn't run on a JB-ed iPhone, they likely would.
Nuclear power is a must, but there is one failing about it:
With today's technology, it needs an unbroken chain of custody, from the designers, to the material makers, to the manufacturers, to the architects building the facility, to the people maintaining it, to the people charged with its decommission. Break any link in the chain, and you have a disaster on your hands.
Here lies the problem: A lot of contractors are of the "lowest bidder" type. You know, people who can't ground showerheads, so service personnel end up getting electrocuted to death.
If we have problems with bathroom fixtures being not installed right, how can we trust contractors who are hired because they bid the lowest to try to build it right? Nothing keeps them from making a reactor head out of pot metal, and pretending it is useful... and when it melts, the company just goes bankrupt, with large golden parachutes for all the officers.
This is a matter of policy and procedure: How do we get people who build and maintain the plants to actually do a job, as opposed to doing the barest minimum they can get away with? Other nations don't have this problem. Some company botches a Chinese reactor, the company's officers will be executed. Perhaps a branch of the military should do this, so the responsibility is not just civil, but criminal, so higher-ups are more motivated to do the job right, as opposed to cheaply.
There are heavy interests worldwide which want to shut down nuclear power:
1: Big Oil/Big Coal. The "good" coal is all used up. We are using lignite coal in most plants which is the bottom of the barrel when it comes to impurities. It is pretty simple -- nuclear power takes off, coal goes to the wayside, because with effective power plants, who wants to throw toxic chemicals into the atmosphere?
2: "Environmentalists". These tend to be group #1's puppets. In reality, nuclear power is something people who value the environment should champion.
3: People who like the status quo.
Because of this, the press tends to whip people into a frenzy. I remember a death at a nuclear power plant some years ago. The news essentually reported, "OMGWTFBBQ, a guy died in a nuclear power plant while welding, we need to shut these down NOW or else we will all be glowing!" The fact: The guy was MIG welding with argon, not following any safety procedures, especially ones about adequately ventilation, the argon pushed the oxygen out of the area, and the guy bit it. This had -nada- to do with nukes in any way, shape, or form. Had this been some bonehead welding in an enclosed space in a metal shop, the only real press reports would have been an obituary, and a back page news article.
All stuff aside, we (as in mankind) need nuclear power. Until fusion becomes commercially available [1], splitting the atom is the best we have, and the US Navy, Toshiba, and other places can show this can be done in a safe and well done way. We already have went past peak coal; energy is just going to get more expensive.
To boot, with nuclear power, there are tasks too energy inefficient to be done now that can be easily done with smaller reactors nearby: Large scale desalination of seawater to pump inland for irrigation and thermal depolymerization of trash in the Pacific Gyre for useful petroleum for plastic making would be just a few ideas.
[1]: It would be nice to see fission, but so far, other than incremental things (a tad more efficient containment field here, a fusion core remaining active for a few more attoseconds there), there have been no real advances in getting it into a commercially usable reactor form since the 1950s. We still have yet to pass the "get more usable energy out than we put in" barrier, much less even close to the "get enough usable energy out to sustain the reaction indefinitely" stage.
If you look at history, it isn't paranoia here, especially in the days of ACTA, Son of ACTA, the COCIA act, the INDUCE act, ISPs not adding infrastructure, but new fees and other ways of charging, net neutrality essentially dead, the FCC hamstrung and essentially relegated to just chasing after teenagers with pirate radio stations.
We can expect to see laws like this popping up more and more. The economy is in the gutter, so the pie isn't getting bigger. Thus companies are scrambling to take pieces of the pie away from others.
The only real way to defend against this type of law is to see about getting more F/OSS components certified for FIPS and Common Criteria. This way, people can use products and say that "due diligence" was performed when due to security due to the CYA stickers.
What would hurt Microsoft the most would be an Exchange replacement. For most companies (other than IBM and Google), they run on Exchange for their mail and messaging, or they don't run at all. What is needed is a F/OSS solution that can function with LDAP and be a drop in replacement for Exchange, with the auditing, logging, and mobile device capabilities as well. Until this is done, MS will still have a stranglehold in almost all business IT departments.
Is there a good FAQ on this that you can point to? I'd like a URL on why a signed kernel is crackable and not the end of the world, while Moto's encrypted bootloaders are impossible. These differences are important (especially when steering people to what phones to buy.) It would be nice for a "dummies" guide to this stuff I can point people to.
Problem is that the EULA indemnifies MS from damages, so even if the software refused to run (as earlier versions of non VLK XP did when they thought they were not activated), there would be really zero chance of a countersuit, much less one that succeeds.
There is one thing Android has which is going to be more and more important as time goes on: Apps.
Right now, Android's apps are not as polished as the iPhones, but give the platform time. Because there is no app approval phase, Android app developers can have a very fast development cycle which would allow the platform to catch up eventually with app quality on average.
Motorola going with another smartphone OS is not going to go over well -- people will wonder why they can't get Angry Birds or another mainstream title and not bother buying the device. See the MS Kin line for this in action.
From the modder community point of view, if Moto leaves the Android scene, it would be "don't let the door hit you on the way out."
I really wish it would be different. Motorola would gain a lot more good press if they actually contributed, or at least didn't tell the modding scene to go to hell.
Not really that many limitations in TFA. In fact, it wouldn't take much to make consumers and end users liable for piracy up the supply chain.
If this passes, I'm sure we will see massive litigation against thousands of individuals because they bought a bolt from Home Depot, and the maker of the bolt happened to have a version of Windows 7 that wasn't legit.
Think the massive lawsuits due to movies were bad? That would be tame compared to the people dragged into court due to this law. Since court precedent allows "joining" of cases on a massive scale in the US, it would only require the plaintiff to win one case to get judgements against tens of thousands of people.
I hope I'm wrong about this, but if Microsoft does get this law passed, it would completely turn them around as per profit margins as a company, just due to the legal threats they can bring against almost anybody.
Problem is, it is not just Moto who is doing locked bootloaders, signed kernels, and other crap. All the other guys are doing it too (HTC, Dell, Samsung, LG, and I think ZTC).
The only exception are the Google development phones, the ADP1, ADP2, Nexus, and Nexus S.
This leaves a nice market opportunity for a company that can make and sell a high end, completely unlocked device. It wouldn't just sell to the modders, but it would sell to anyone who felt like having a cool device that would get new features as time went on.
Motorola has good hardware, but here is one fact they fail to understand about competing against Apple:
I buy an iPhone. I know, due to Apple's history that the phone will receive OS updates for at least two years, or at the minimum, until two subsequent model releases (so if I have an iPhone 4, it won't be until the iPhone 6 that Apple stops making OS updates for it.)
I buy a Motorola phone. It might receive one OS update, but after six months, the device is completely abandoned, and with the signed kernels, it is very hard to mod to a decent level.
The ironic thing -- the price differences are not that big between Android phones and the iPhone on AT&T. Since things are essentially equal, why would I buy a device from Motorola that is essentially obsolete after six months versus an iDevice from Apple which will stay reasonable current for at least two years, and even after that, will still remain supported by app makers for a while.
Take the Motorola Atrix. As of now, it already lags behind six months when it comes to the version of Android it sports. What Motorola should have done is not bother with signed bootloaders and other BS. Instead, they initially should make sure the OS is ships with is solid. Then get some rapport with the modding community to make an unofficial image of 2.3. After some internal testing, QA, and idiot-proofing, make an official ROM. I'm sure that a partnership with the guys over at xda would make development and testing of not just new ROMs for existing devices, but for new stuff a lot faster and more pleasant for everyone involved.
Right now, Motorola is thinking they can make money by making their devices obsolete and keeping them obsolete. This is extremely short-sighted thinking because come contract renewal time, people will find other hardware. Instead, they should create a loyal customer base that actually will ask for Motorola products by name because they not just will work, but can be modded to do stuff the designers never thought of.
A phone maker and a cellular carrier partnering up with the modding scene would produce a lot of interesting and cool stuff. It would be a win/win/win situation for all involved in the long term.
Very true. However, since MS wants to buy the law, they want the burden of proof not with them. It is a lot easier to prove piracy did take place due to someone ratting a company out, as opposed to proving that no one company, from the guys who mined the ore, to the smelter, to the metal shop, to the CAD place, to the assembly plant didn't use an unlicensed copy of Windows someplace.
This might backfire on MS though. If a commercial product goes out of licensing spec, it may mean millions of fines. F/OSS done right wouldn't have these licensing headaches (although there are other issues such as making sure about FIPS and Common Criteria compliance and other stuff.) So, if a company uses zero Microsoft products and can attest to that, they are a preferable vendor compared to a company that does use MS products and has to deal with license audits, and the fact that if they are even a few copies short, all their downstream customers are now liable.
This proposed law would instantly make Microsoft billions. If done right, companies would have to prove their supplies didn't use pirated products in order to not get sued.
It also will force companies to buy Microsoft products for CYA reasons. This happened with Sarbanes-Oxley and the fact that operating systems on up had to have some sort of compliance (FIPS, Common Criteria) in order for IT departments to show due diligence. This caused wholesale migrations to Windows just for this reasons.
I can see companies not just moving to MS, but demanding their supplies be Microsoft based, so they can show that they are compliant.
Big win for MS, big win for businesses with lots of lawyers, small businesses now are easily destroyed should they show some innovation that can't be bought up easily.
Plus, if one of the copyright lawsuits for an insane amount does go through, a company can easily owe Microsoft trillions, especially with the precedents seen with LimeWire and other cases.
This is a good way for companies with large law departments to cudgel smaller businesses. Just like how the endangered species act is misused sometimes, find some product, no matter how esoteric, that a company used that might be called into question, then threaten to sue that company out of existence unless they take an offer to be bought out.
This would be a field day for law departments. If one thought the patent lawsuits flying back and fourth with the phone company makers is insane, wait until the lawsuits because a bolt made from an offshore company just might be considered being made with a bogus copy of XP Embedded on the CNC mill.
For those not of the bar association, it means higher prices for everything (since companies have to pay bucks to CYA, and create additional internal auditing divisions, or fight these claims.) It also raises the barrier for entry for small businesses.
It will be interesting to see who will end up the lawmakers' master on this one. Companies who don't want the trouble of additional IP regulation, versus the usual people who keep fighting for more Draconian IP laws to protect their tired old stuff. This might get interesting because it may pit well-heeled lobbyists against other lobbyists of companies who just don't want the legal liability if this law passes.
Don't worry, phone makers and carriers are working feverishly to remedy "ugly" custom ROMs with crap like signed kernels/bootloaders, read-only filesystems, eFuses, and other stuff.
I am glad Apple is getting sense and putting FDE in their OS. This has been a hurdle to get Macs adopted by IT departments, unless one makes sure that the Mac is bundled with PGP's WDE.
In the business sector, an OS on a portable machine without a well implemented FDE is a disaster waiting to happen.
Nothing is perfect, but moving to OS X from the previous MacOS/System versions was a smart move for Apple, and was one of the reasons Apple is still around today.
Before OS X, if a program did not hand control back go the OS via WaitNextEvent(), the Mac essentially need to be restarted. In fact, Macs became so unstable, people ended up just rebooting them every two hours just to be safe.
It is an ironic contrast to these days where the only time Macs go down is a reboot to install a security patch, or a Safari update (why Safari patches require a reboot is beyond me, but that is Apple for you.)
Apple did the right thing. People yelled at Apple to get an OS that did actual, preemptive multitasking for years. Multiuser security? You had to use a utility that would do tricks to create the illusion of multiple users, such as Kent Marsh's FileGuard, Empower, Casady & Greene's [1] AME, or another utility.
Of course, there was the virus issue. OS 9 and previous did have a good number of viruses on the platform. OS X has not had a single one in the wild.
All and all, OS X has withstood this decade quite well. No major breaches in the wild (except for Trojans like the one bundled with a pirated version of iWork '09). No OS is completely secure (and it often was the first to fall in hacking contests), but it has proven to have a well deserved security reputation in the real world.
Is there room for improvement? Yes. OS X needs a modern filesystem to compete with ZFS, btrfs, and possible changed to NTFS. OS X also needs full disk encryption and not just FileVault. Hopefully Apple will address these, preferably before they run out of big cat names for OS versions.
[1]: Yep, the same Casady & Greene who made the software that was renamed into iTunes.
The downside to the GPL3 is that companies notice one product or piece of code with the v3 license, then their legal team gets scared, throws the baby out with the bathwater and starts over with a closed source product.
I have known one business which produced embedded controllers move from Linux to Windows CE just because their legal eagles feared that the GPL v3.x would force them to give up their trade secrets of some manufacturing methods to any customers that asked.
All and all, I'd would say the GPL v2 is/was the best balance between being able to do what one wanted and redistributing, versus keeping code available for subsequent users. GPL v3 was made with good intentions, but instead of the intended outcome of killing DRM and dealing with patents, it has gotten some businesses to completely dump F/OSS completely and move to closed source systems.
I'd say some things have gotten better, and some worse over the years:
Better:
1: Domestic roaming. When I had either AT&T and SBC Wireless [1], if I drove a small distance out of Austin, and if I ended up calling someone from a cafe, the roaming charges were pretty substantial. These days, it doesn't matter, because one isn't going to get hit by roaming charges in the US. Outside the US, and across the pond, this is different.
2: Cost of a phone. $400-$600 for a phone as well as a year contract. Blergh. These days, one can pay 15 bucks, get a T-Mobile to go prepaid phone, and periodically toss some money for minutes at the device, and have basic communication. If one wants a 1-2 year contract, one can get a decent Android phone for the price of the contract.
3: Cloning. Before AMPS was shown the door, it was pretty common for someone to be able to grab one's ESN/MIN info and go to town. These days, the resources to even copy an IMEI to a different device are beyond all but the most sophisticated attackers.
4: Text messaging. In the past, this was fairly expensive. These days for someone like me who sends/receives a good amount of SMS/MMS messages a month, it is well worth it.
What has gotten worse:
1: Tethering. I bought my T-Mobile MDA (HTC Wizard), and it allowed tethering out of the box, where one just flipped the modem on, and one had rather slow Internet access pretty much everywhere. EDGE was sluggish, but it did get the job done. Now, tethering costs a good chunk a month.
2: ETF charges. $150 from SBC Wireless, I don't mind. $350... yeesh.
3: Bandwidth charges. There are times when I can easily run over 10GB/month on a device, especially with cloud based backups and storage.
4: Tinkerer-hostile devices. Motorola we all know tells modders to go elsewhere, HTC is being held up to the wall and bitch-slapped by the carriers to make their phones unable to take unofficial Android upgrades. Other phone makers are touch and go. In the past, if one bought a smartphone, it was essentially open to whatever you wanted to do with it. Even Apple's devices are getting harder and harder to completely JB and unlock.
[1]: SBC Wireless was a CDMA provider, and AT&T was TDMA at the time. I am glad we have GSM-based networks now, just for the ease of changing out phones with SIM cards.
Problem is that with most modern malware, cleaning up is almost pointless. The only real way to get back to a known state is reformatting and restoring to a point in time that is definitely before any infected code got free reign, or formatting and installing from scratch, reloading the OS and apps, and hopefully any recovered data.
I don't mind an ISP notifying (perhaps via SMS) about viral threats, as it puts their IDS system to good use. However, I am leery of having an ISP automatically pull the plug on what it suspects may be an infection... just too much room for abuse on that front.
It also helps to use an anonymous VPN service, even one that is in the same country. This way, Comcast has no way of telling what is going over the PPTP/L2TP link.
It also strengthens the case of either they provide a legal reason that a judge would sign off on, or they provide compensation for what might be a material breach in their contract terms.
Your network security is good, but physical security might need some work. It can't hurt to encrypt the backup disk (perhaps a TrueCrypt file is the most foolproof), and use some form of encryption for Ubuntu.
Of course, other types of security (Remington, Ruger, Smith & Wesson, Calico) can't hurt either.
Individual security isn't rocket science either. Last virus that I had end up running uncontrolled was the WDEF virus on the Mac, pre System 7. One can do some fairly simple measures so their individual security is up to par:
1: First and foremost backups. Not RAID. True backups with media rotated out. This way, if malware nails the drives and the backup media, restoring is still possible. Backups mean what would be at best a day long install-fest (finding the OS media, installing the OS, applications, and then digging past the used condoms under the bed to find the piece of paper with the license keys for the above) into putting a recovery CD or USB flash drive in, telling it to restore, walking off for an hour or so and coming back to a restored box. It also doesn't hurt to periodically burn critical documents to CD or DVD. For critical stuff, I like having it on burned media (stored offsite -- even a climate controlled self storage is better than nothing, as Iron Mountain may be too expensive), stored encrypted (WinRAR archives or TC volumes) at a cloud provider, and present on a fileserver.
2: Some means of separating your internal machines from the Internet. In the past, I used a Linux box, NAT, and ipchains/iptables rules. These days, I just use a decent firewall/NAT box [1].
3: A method of blocking ads. AdBlock does far more to keep out unwanted crap than any antivirus. Since the largest vector for infection of PCs these days is through the Web browser, blocking out the ad servers (and most of their "wink, wink, nudge, nudge" attitude towards advertisers that use malicious add-on code) pretty much ensures a clean browsing environment.
4: Common sense. If a pr0n site requires a "codec" or "pr0n viewer" application, find a clean site.
5: Use top tier stores if at all possible for music/movies/software. If one has to pirate and doesn't know reliable sources (i.e. someone who doesn't read /.), use word of mouth with people who know their stuff for sites/programs. The answer is NOT eMule/LimeWire/etc. Nor is it "warez search engines" which demand you vote for them, then dump you to another site, all the while trying every browser based exploit possible on your setup.
6: Encrypt everything, especially laptops. TrueCrypt, BitLocker, PGP for Mac (until Lion comes out with true HDD encryption), LUKS for Linux, EFS for AIX [2], and so on. Encryption turns a theft into a "mere" hardware loss, which insurance is for. Done right, it means not having to worry about the data on the drives that were stolen. I prefer mechanisms that use hardware security (BitLocker + TPM with a PIN, TrueCrypt + a keyfile on an IronKey, PGP whole disk encryption + a cryptographic token) so brute-forcing a passphrase can't be done.
7: If traveling with a laptop, use a VPN service at Wi-Fi hotspots. This way, not just FireSheep attacks become a non-issue, but if the owner of the Wi-Fi router is sniffing packets, they won't be able to glean much, other than perhaps traffic timing analysis.
[1]: If someone says that NAT by itself is security, one has to resist laughing in their face. NAT by itself is just security through obscurity.
[2]: AIX's EFS is totally different from EFS on Windows. Same with AIX's IPSec mechanism being different from Windows's IPSec.
On the contrary, it actually benefits the game companies if the old stuff gets forgotten. This way, they can dredge up forgotten IP, market it as a gritty reboot and have something to sell.
Take EA for instance. I wonder how long it will be before they decide to make a Wing Commander reboot for the consoles. Cybermage? The old Origin IP they are sitting on can provide them with decades of IP to attach to what would be another boring FPS.
Devil's advocate stand here:
This isn't a fight that Apple lost; this is a fight Apple has not decided to push. If Apple really wanted to fight this, they could:
1: Reword all cellular carrier agreements where they will drop service and blacklist any devices suspected of being jailbroken (downloading stuff from Cydia repos for example.)
2: Encrypt bootloaders, and have the baseband hand the keys to the OS. This is how Motorola does it, and so far, the trouble of cracking Moto's encrypted bootloaders have gotten modders to move elsewhere.
3: Push software down to the iPhones periodically to search for jailbreaks. If devices are JB-ed, all Apple IDs connected with them would be banned. MS does with the XBoxes, Valve does this with VAC, etc.
4: Have the baseband software and processor (IIRC, the radio uses a separate processor than the main OS), act as a TPM. If the running OS isn't signed, put the device in DFU mode until a valid copy of the IPSW is put on.
5: Ask cellular carriers to cough up IP records of anyone who bought programs through Cydia, cross reference the IMEIs, and when it comes for an iOS update, blacklist all IMEIs gathered which are suspected during the SHSH negotation process.
6: Have a firmware eFuse counter that only allows for flashing higher versions (assuming they are not betas).
7: Separate the iPhones into different models, each having different hardware protection, and when rev B is put out, anyone caught using rev A exploits is banned from cellular networked via IMEI, and their Apple IDs are banned.
8: Get with cellular carriers and lease iPhones the way Ma Bell used to lease telephones. This + a EULA would mean that jailbreaking would be against the law because it wouldn't be the owner's device.
Sony did score a dubious achievement of having a console out for so long before it was cracked.
However, I am almost certain it would have been cracked earlier had they not pulled the Other OS thing out.
I hope Sony learns this lesson... if they have a PS4 with the ability for people to do homebrew stuff on it, accessing the features of the machine (pretty much everything but the DRM stack), it likely would never be cracked. The true jailbreakers/devs can't stand pirates and just breaking a DRM stack so someone can download Madden 2011 from a torrent as opposed from buying the media wouldn't be a high priority on their list.
One can look at some of the tweets of the Apple Dev Team's posts about their contempt for app pirates, and if they could find a way to make sure Installous wouldn't run on a JB-ed iPhone, they likely would.
Nuclear power is a must, but there is one failing about it:
With today's technology, it needs an unbroken chain of custody, from the designers, to the material makers, to the manufacturers, to the architects building the facility, to the people maintaining it, to the people charged with its decommission. Break any link in the chain, and you have a disaster on your hands.
Here lies the problem: A lot of contractors are of the "lowest bidder" type. You know, people who can't ground showerheads, so service personnel end up getting electrocuted to death.
If we have problems with bathroom fixtures being not installed right, how can we trust contractors who are hired because they bid the lowest to try to build it right? Nothing keeps them from making a reactor head out of pot metal, and pretending it is useful... and when it melts, the company just goes bankrupt, with large golden parachutes for all the officers.
This is a matter of policy and procedure: How do we get people who build and maintain the plants to actually do a job, as opposed to doing the barest minimum they can get away with? Other nations don't have this problem. Some company botches a Chinese reactor, the company's officers will be executed. Perhaps a branch of the military should do this, so the responsibility is not just civil, but criminal, so higher-ups are more motivated to do the job right, as opposed to cheaply.
There are heavy interests worldwide which want to shut down nuclear power:
1: Big Oil/Big Coal. The "good" coal is all used up. We are using lignite coal in most plants which is the bottom of the barrel when it comes to impurities. It is pretty simple -- nuclear power takes off, coal goes to the wayside, because with effective power plants, who wants to throw toxic chemicals into the atmosphere?
2: "Environmentalists". These tend to be group #1's puppets. In reality, nuclear power is something people who value the environment should champion.
3: People who like the status quo.
Because of this, the press tends to whip people into a frenzy. I remember a death at a nuclear power plant some years ago. The news essentually reported, "OMGWTFBBQ, a guy died in a nuclear power plant while welding, we need to shut these down NOW or else we will all be glowing!" The fact: The guy was MIG welding with argon, not following any safety procedures, especially ones about adequately ventilation, the argon pushed the oxygen out of the area, and the guy bit it. This had -nada- to do with nukes in any way, shape, or form. Had this been some bonehead welding in an enclosed space in a metal shop, the only real press reports would have been an obituary, and a back page news article.
All stuff aside, we (as in mankind) need nuclear power. Until fusion becomes commercially available [1], splitting the atom is the best we have, and the US Navy, Toshiba, and other places can show this can be done in a safe and well done way. We already have went past peak coal; energy is just going to get more expensive.
To boot, with nuclear power, there are tasks too energy inefficient to be done now that can be easily done with smaller reactors nearby: Large scale desalination of seawater to pump inland for irrigation and thermal depolymerization of trash in the Pacific Gyre for useful petroleum for plastic making would be just a few ideas.
[1]: It would be nice to see fission, but so far, other than incremental things (a tad more efficient containment field here, a fusion core remaining active for a few more attoseconds there), there have been no real advances in getting it into a commercially usable reactor form since the 1950s. We still have yet to pass the "get more usable energy out than we put in" barrier, much less even close to the "get enough usable energy out to sustain the reaction indefinitely" stage.
If you look at history, it isn't paranoia here, especially in the days of ACTA, Son of ACTA, the COCIA act, the INDUCE act, ISPs not adding infrastructure, but new fees and other ways of charging, net neutrality essentially dead, the FCC hamstrung and essentially relegated to just chasing after teenagers with pirate radio stations.
We can expect to see laws like this popping up more and more. The economy is in the gutter, so the pie isn't getting bigger. Thus companies are scrambling to take pieces of the pie away from others.
The only real way to defend against this type of law is to see about getting more F/OSS components certified for FIPS and Common Criteria. This way, people can use products and say that "due diligence" was performed when due to security due to the CYA stickers.
What would hurt Microsoft the most would be an Exchange replacement. For most companies (other than IBM and Google), they run on Exchange for their mail and messaging, or they don't run at all. What is needed is a F/OSS solution that can function with LDAP and be a drop in replacement for Exchange, with the auditing, logging, and mobile device capabilities as well. Until this is done, MS will still have a stranglehold in almost all business IT departments.
Is there a good FAQ on this that you can point to? I'd like a URL on why a signed kernel is crackable and not the end of the world, while Moto's encrypted bootloaders are impossible. These differences are important (especially when steering people to what phones to buy.) It would be nice for a "dummies" guide to this stuff I can point people to.
Problem is that the EULA indemnifies MS from damages, so even if the software refused to run (as earlier versions of non VLK XP did when they thought they were not activated), there would be really zero chance of a countersuit, much less one that succeeds.
There is one thing Android has which is going to be more and more important as time goes on: Apps.
Right now, Android's apps are not as polished as the iPhones, but give the platform time. Because there is no app approval phase, Android app developers can have a very fast development cycle which would allow the platform to catch up eventually with app quality on average.
Motorola going with another smartphone OS is not going to go over well -- people will wonder why they can't get Angry Birds or another mainstream title and not bother buying the device. See the MS Kin line for this in action.
From the modder community point of view, if Moto leaves the Android scene, it would be "don't let the door hit you on the way out."
I really wish it would be different. Motorola would gain a lot more good press if they actually contributed, or at least didn't tell the modding scene to go to hell.
Not really that many limitations in TFA. In fact, it wouldn't take much to make consumers and end users liable for piracy up the supply chain.
If this passes, I'm sure we will see massive litigation against thousands of individuals because they bought a bolt from Home Depot, and the maker of the bolt happened to have a version of Windows 7 that wasn't legit.
Think the massive lawsuits due to movies were bad? That would be tame compared to the people dragged into court due to this law. Since court precedent allows "joining" of cases on a massive scale in the US, it would only require the plaintiff to win one case to get judgements against tens of thousands of people.
I hope I'm wrong about this, but if Microsoft does get this law passed, it would completely turn them around as per profit margins as a company, just due to the legal threats they can bring against almost anybody.
Problem is, it is not just Moto who is doing locked bootloaders, signed kernels, and other crap. All the other guys are doing it too (HTC, Dell, Samsung, LG, and I think ZTC).
The only exception are the Google development phones, the ADP1, ADP2, Nexus, and Nexus S.
This leaves a nice market opportunity for a company that can make and sell a high end, completely unlocked device. It wouldn't just sell to the modders, but it would sell to anyone who felt like having a cool device that would get new features as time went on.
Motorola has good hardware, but here is one fact they fail to understand about competing against Apple:
I buy an iPhone. I know, due to Apple's history that the phone will receive OS updates for at least two years, or at the minimum, until two subsequent model releases (so if I have an iPhone 4, it won't be until the iPhone 6 that Apple stops making OS updates for it.)
I buy a Motorola phone. It might receive one OS update, but after six months, the device is completely abandoned, and with the signed kernels, it is very hard to mod to a decent level.
The ironic thing -- the price differences are not that big between Android phones and the iPhone on AT&T. Since things are essentially equal, why would I buy a device from Motorola that is essentially obsolete after six months versus an iDevice from Apple which will stay reasonable current for at least two years, and even after that, will still remain supported by app makers for a while.
Take the Motorola Atrix. As of now, it already lags behind six months when it comes to the version of Android it sports. What Motorola should have done is not bother with signed bootloaders and other BS. Instead, they initially should make sure the OS is ships with is solid. Then get some rapport with the modding community to make an unofficial image of 2.3. After some internal testing, QA, and idiot-proofing, make an official ROM. I'm sure that a partnership with the guys over at xda would make development and testing of not just new ROMs for existing devices, but for new stuff a lot faster and more pleasant for everyone involved.
Right now, Motorola is thinking they can make money by making their devices obsolete and keeping them obsolete. This is extremely short-sighted thinking because come contract renewal time, people will find other hardware. Instead, they should create a loyal customer base that actually will ask for Motorola products by name because they not just will work, but can be modded to do stuff the designers never thought of.
A phone maker and a cellular carrier partnering up with the modding scene would produce a lot of interesting and cool stuff. It would be a win/win/win situation for all involved in the long term.
Very true. However, since MS wants to buy the law, they want the burden of proof not with them. It is a lot easier to prove piracy did take place due to someone ratting a company out, as opposed to proving that no one company, from the guys who mined the ore, to the smelter, to the metal shop, to the CAD place, to the assembly plant didn't use an unlicensed copy of Windows someplace.
This might backfire on MS though. If a commercial product goes out of licensing spec, it may mean millions of fines. F/OSS done right wouldn't have these licensing headaches (although there are other issues such as making sure about FIPS and Common Criteria compliance and other stuff.) So, if a company uses zero Microsoft products and can attest to that, they are a preferable vendor compared to a company that does use MS products and has to deal with license audits, and the fact that if they are even a few copies short, all their downstream customers are now liable.
Nail, head hit.
This proposed law would instantly make Microsoft billions. If done right, companies would have to prove their supplies didn't use pirated products in order to not get sued.
It also will force companies to buy Microsoft products for CYA reasons. This happened with Sarbanes-Oxley and the fact that operating systems on up had to have some sort of compliance (FIPS, Common Criteria) in order for IT departments to show due diligence. This caused wholesale migrations to Windows just for this reasons.
I can see companies not just moving to MS, but demanding their supplies be Microsoft based, so they can show that they are compliant.
Big win for MS, big win for businesses with lots of lawyers, small businesses now are easily destroyed should they show some innovation that can't be bought up easily.
Plus, if one of the copyright lawsuits for an insane amount does go through, a company can easily owe Microsoft trillions, especially with the precedents seen with LimeWire and other cases.
This is a good way for companies with large law departments to cudgel smaller businesses. Just like how the endangered species act is misused sometimes, find some product, no matter how esoteric, that a company used that might be called into question, then threaten to sue that company out of existence unless they take an offer to be bought out.
This would be a field day for law departments. If one thought the patent lawsuits flying back and fourth with the phone company makers is insane, wait until the lawsuits because a bolt made from an offshore company just might be considered being made with a bogus copy of XP Embedded on the CNC mill.
For those not of the bar association, it means higher prices for everything (since companies have to pay bucks to CYA, and create additional internal auditing divisions, or fight these claims.) It also raises the barrier for entry for small businesses.
It will be interesting to see who will end up the lawmakers' master on this one. Companies who don't want the trouble of additional IP regulation, versus the usual people who keep fighting for more Draconian IP laws to protect their tired old stuff. This might get interesting because it may pit well-heeled lobbyists against other lobbyists of companies who just don't want the legal liability if this law passes.
Don't worry, phone makers and carriers are working feverishly to remedy "ugly" custom ROMs with crap like signed kernels/bootloaders, read-only filesystems, eFuses, and other stuff.
I can see two reasons for Google being leery of a source release:
1: The patent drama going on in the cellphone world, with almost everyone suing each other. It is like watching The Departed, except with lawyers.
2: iOS. Google is nervous about the June iPhone release, so is hedging bets to see which way to go after the iPhone 5 comes out.
I am glad Apple is getting sense and putting FDE in their OS. This has been a hurdle to get Macs adopted by IT departments, unless one makes sure that the Mac is bundled with PGP's WDE.
In the business sector, an OS on a portable machine without a well implemented FDE is a disaster waiting to happen.
Nothing is perfect, but moving to OS X from the previous MacOS/System versions was a smart move for Apple, and was one of the reasons Apple is still around today.
Before OS X, if a program did not hand control back go the OS via WaitNextEvent(), the Mac essentially need to be restarted. In fact, Macs became so unstable, people ended up just rebooting them every two hours just to be safe.
It is an ironic contrast to these days where the only time Macs go down is a reboot to install a security patch, or a Safari update (why Safari patches require a reboot is beyond me, but that is Apple for you.)
Apple did the right thing. People yelled at Apple to get an OS that did actual, preemptive multitasking for years. Multiuser security? You had to use a utility that would do tricks to create the illusion of multiple users, such as Kent Marsh's FileGuard, Empower, Casady & Greene's [1] AME, or another utility.
Of course, there was the virus issue. OS 9 and previous did have a good number of viruses on the platform. OS X has not had a single one in the wild.
All and all, OS X has withstood this decade quite well. No major breaches in the wild (except for Trojans like the one bundled with a pirated version of iWork '09). No OS is completely secure (and it often was the first to fall in hacking contests), but it has proven to have a well deserved security reputation in the real world.
Is there room for improvement? Yes. OS X needs a modern filesystem to compete with ZFS, btrfs, and possible changed to NTFS. OS X also needs full disk encryption and not just FileVault. Hopefully Apple will address these, preferably before they run out of big cat names for OS versions.
[1]: Yep, the same Casady & Greene who made the software that was renamed into iTunes.
Devil's advocate here:
The downside to the GPL3 is that companies notice one product or piece of code with the v3 license, then their legal team gets scared, throws the baby out with the bathwater and starts over with a closed source product.
I have known one business which produced embedded controllers move from Linux to Windows CE just because their legal eagles feared that the GPL v3.x would force them to give up their trade secrets of some manufacturing methods to any customers that asked.
All and all, I'd would say the GPL v2 is/was the best balance between being able to do what one wanted and redistributing, versus keeping code available for subsequent users. GPL v3 was made with good intentions, but instead of the intended outcome of killing DRM and dealing with patents, it has gotten some businesses to completely dump F/OSS completely and move to closed source systems.