Bad thing #1: Locking down devices. Right now, people like the Dev Team jailbreak stuff within a month or two of release. However, eventually hardware chips will get added that are as hard if not harder than baseband modules to crack. Perhaps chips that "supervise" the OS, and if it runs something out of some strict parameters, the device gets shut down until taken to a $AUTHORIZED_STORE and fixed there.
Neutral thing #2: Phones do a lot. They acquire a lot of knowledge about the carrier.
Bad thing #3: Info by #2 is sent back home to carriers.
Bad thing #4: A combined push by LEOs and our *IAAs to find more info about people to start criminal or civil proceedings with ease. Remember, it wasn't that long ago that suing users in the thousands for having a song available, or snarfing a video clip was not thought of.
Bad thing #5: Ad providers being such a strong force. They don't just show disinterest in stopping malware payloads from being delivered through their networks, they want to add new vectors for infection using Phorm-like injectors. They will happily sell any information they get to all and sundry who have the cash.
Bad thing #6: The "piracy" bugaboo. This is a major excuse used for device lockdown.
Bad thing #7: No interest in anti-monopoly regulation.
Bad thing #8: Blacklists are in common use in the industry. For example, if someone gets banned from one casino in Las Vegas, they get banned from all of them.
Now, the day of convergence happens. All this stuff winds up merging. Joe User now buys a smartphone after all these converge:
Day 1: Joe goes out on a date with a co-worker to discuss business. His device notices that it is near other devices, transmits the GPS info to an ad agency. Joe's wife has a search tool that uses info gleaned from ad agencies to monitor where Joe is 24/7 even though his stuff isn't connected. She gives him a tongue lashing when he gets home.
Day 2: Joe visits a MMA place to see about casual sparring. The phone transmits the location, and insurance companies pick it up. They kick Joe off the health insurance because he is engaging in too risky pursuits.
Day 3: Joe posts a private rant on his favorite social network of choice about his job from his home computer. The social network has a top notch privacy policy and has no advertisers at all. However, Joe's phone has an app that quietly slurps up his posts, even though they are posted by another device and sends them to an ad agency. His work subscribes to an employee monitoring system which sends relevant posts if they have the company mentioned. His boss gets handed the rant, and Joe gets fired.
Day 4: Joe decides to go buy a dime bag because he has no job, an estranged wife, and no health insurance. He drives to a part of town that isn't too bad, but where the "upper" level distributers hang out. On the way back, Joe gets pulled over, his car searched and seized, and he ends up in jail. The local PD uses the ad agencies which keep track of all GPS settings of cars in the area, and has pattern matching. Any traffic pattern that is suspect gets an automatic traffic stop and the dog brought out.
Day 5: Joe's wife decides to file a divorce because she wants to move to someone who is making money. She gets someone to check the phone ad agencies and give her the goods on Joe. She serves him divorce papers via E-mail, and because the ad providers know when someone received the message, the E-mail stands up in court as a proper service, just as a visit from the constable.
Day 6: Joe is afraid of monitoring, so tries to flash a ROM without the 24/7/365 monitoring. The device auto-bricks, and he has to take it into an authorized store, pay $300 for them to flash a replacement ROM onto it. Essentially do a fancy version of RSD-Lite. Joe then uses a better utility that prevents the phone from bricking. However because it downloads a utility like su or Cydia, the cellular provider notices the communication between
The ironic thing is that Android's antipiracy mechanism doesn't depend on root being locked away, like how it is on iOS. Apps on a rooted device are just as secure as on a non-rooted device with the way apps check the Google licensing servers to verify they are on a device they are licensed on or not.
Locking out root has no benefit other than a low road to sell more devices, foist a UI and advertising, or disable out Android provided mechanisms (sideloading, tethering).
My favorite ones are programs that just exit instead of bringing up the UI, and don't even set an error code, or if they do, its just 0. No error messages, no nothing. Just exit. Even worse is when they do some major changes before pulling up a UI, and you don't know if they either completed the changes, partially, or nothing.
#11: No DRM. The BSA would turn any company inside out and have their entrails for Christmas lights if they are caught pirating even a single copy of WinRAR. Businesses who value being open are not going to be pirating anyway. So why add DRM which removes value from the product?
#12: Ability to rebuild the product if it gets corrupted. Have it as an option to have the.cab/.bz2/RPM/.deb/etc. file stored in a directory, including patches. This way, if there is concern about registry/NetInfo/ODM/whatever corruption, it shouldn't be hard to have the product reinstall itself.
#13: An uninstaller. Shit happens and crap gets in a half installed state. It would be great to be able to have a utility that completely removes any and all traces of a program, move aside/archive config files, and rename the config directories. This way, if a config document is causing problems, it is out of the path.
#14: Ability to send reports to a third location, via E-mail or whatnot. This way, either by system logs or E-mail, there is proof that a package was installed or maintained, and not just the install mechanism; but from the application itself.
#15: Ability to install as a non-administrative user if the functionality is relevant (this wouldn't be doable for system utilities, but a Web browser, yes.)
#16: Ability to have a way to completely block installs of the product.
#17: All executables are signed. Not just with the OS signing mechanism, but either with a manifest, or PGP/gpg detached signatures.
#18: A "master console" program that can check for updates, store them, check installed clients if the update is needed, push out updates (either by a program or through the OS's install mechanism), perhaps even allow for removal en masse.
I just wish more operating systems had not just an install mechanism (msiexec, rpm), but an update mechanism from repos (yum, macports). This would make life a lot easier, especially if it can be configured from custom repositories so enterprises can have their own mirrors.
The speakers looked good. However other goods such as the diamond inlaid TV set were pretty pointless.
With electronics, adding bling is pretty much the best people can do for selling ultra-expensive devices. Mainly because of the economy of scale market. If a boutique company made a cell phone that was slimmer than an iPhone, and only made 100 copies, the cost would be astronomical (tens to hundreds of millions of dollars), even factoring out the fact that the device would need a lot of QA testing. The only exception would be taking a motherboard from an existing device and putting it in a custom case, perhaps replacing some components (like the camera or screen) and making sure the OS can work with the modifications. Regression testing is important too.
I'd rather have it known that I purchased the game legitimately, and had to use third party tools to make the software playable as opposed to being yet another person lumped in as another freeloader.
If paying customers make a loud enough statement about something, publishers back down. The removal of some Draconian DRM systems in the past were victories, however small, in this direction. What would help immensely is if publishers see people buying games and stating explicitly they their choices were affected by the absence of DRM. People pirating a game have no voice.
What is even more funny is typing in $RANDOM_NAME, and getting:
$RANDOM_NAME [FAST DDLs] $RANDOM_NAME [CLEAN]
and many more items. Of course, the only thing you will get for free from these sites is a Trojan or perhaps a drive by download if the browser isn't up to date (or up to snuff.)
It is almost astounding -- these warez sites have been doing the same crap since the turn of the century, and since they are still around, they must be doing something right in getting dimwits to hand them cash. Have a search engine demand you vote at three sites, then after that crap, dumped to another engine. If there is anything to be found, it might be a FTP list.
They do have one use to an IT professional though. They are great places to visit with honeypot VMs on a test network to test your host and network security. If one drive-by or Trojan makes it, expect hundreds of other nasties to be installed too, so it is a definite trial by fire for your IDS.
Charging for stuff only adds insult to injury. Nobody in their right mind would allow for direct download access of pirated software for free. First, their connection and their computers would be saturated. Second, every police officer from Interpol to the county dogcatcher would want a piece of the outfit. Third, there is no honor among thieves. Anything downloaded from there would be at best suspect; at worst Trojaned.
Why should the user care about pipe lengths and quality? All this leads to is that companies will scamper to collude with ISPs so the ISP charges their subscribers less to go to their site than the competitions. Instead of finding the cheapest routes to go on, all companies will do is be wheeling and dealing backstage to see which of them get blessed by the ISPs, and who ends up having the site customers have to pay significantly more to view. The argument is good in theory, but in the real world, it just hands more power to the ISPs, because they have the keys to the roads and everyone else has to kowtow to them if they want to stay open on a daily basis.
SSL is useful, but it isn't perfect. All a rogue ISP has to do is block the connection to the core CAs if a certificate for websites they don't like comes by. They can then insert whatever they please, so the site in Elbonia which is a good reference for synchronized projectile vomiting ends up having its content replaced in flight by the ISP. Yes, the user will get a message that the key can't be verified, but users will do what they do, and just continue onto the site. This way, an ISP can effectively defeat SSL. If people say the ISP is at fault, the ISP can say that they block what they feel like they want to, and deal with it or leave it.
Japan isn't a small country; it is the size of California. However, there are many other nations where ISPs focus on building, and not whining. China is one example -- they just went on a spending spree from the government on down to lay fiber and build infrastructure. Russia is slowly but surely getting its infrastructure to where it needs to be. It is just the US that the ISPs are whining instead of actually doing the business their customers pay them to do.
Or he has clients who pay him enough that he can be choosy who he works for. I'm sure there are people who happily do IT work, all cash, and part of the cash is to ensure that what is stored on the machines stays there and doesn't end up on a torrent somewhere, in the hands of an opposing attorney, or God forbid, in the evidence locker at the county PD. The downside of that is that the IRS doesn't like unreported income, so even though it is cash, it should be reported anyway. This way, someone who pays cash doesn't have a way to blackmail if the cash isn't reported as earnings.
If you are good (senior sysadmin/IT architect level) at IT work, all you need are 4-5 SMBs that you do work for on an occasional basis, and that can be enough to make a decent living.
Net neutrality is a misnomer. What is needed is are regulations to stop ISPs from doing any or all of the following:
Discrimating by site. Non-DDoS traffic to site "A" should not cost more than going to site "B".
Add/modifying/deleting in flight traffic. Throttling/QoS is one thing, adding adds via Phorm, or changing people's postings to Web boards in flight is another.
Blocking/slowing down one site, just to make another site seem faster.
Unneeded snooping on connections. Traffic should be considered PII, stored only a few days to check for security breaches, then binned. It is not to be sold to any ad companies who want router logs.
Expanding infrastructure. We never see Japanese ISPs wringing their hands in front of the Diet and saying how they are being driven into the ground by people in Tokyo watching TV on their phones. Nor do we see this in Korea or Singapore. ISPs build infrastructure, not just whine about people actually using their services.
We need to address issues exactly, not bundle them under the hazy "net neutrality" topic.
He does have a point though -- Some Android device makers tend to be lazy when making updates available for their platform, so compared to advertising a device that hasn't shipped, fixing holes on already sold equipment is quite low on their priority list.
The ironic thing -- Android's update mechanism is standalone. When the updates do arrive, they are either already pushed to the device, or easily downloaded via OTA. Contrast this to iOS devices which must be updated via iTunes.
Backing down from an update is also a different story. With tools like ROM Manager and others, it is easy to back up, install a new/updated ROM, and if it doesn't work, roll back. A restore from an iOS device can take a long time, especially if one has a lot of transcoded music files. To boot, unless you use TinyUmbrella and save your SHSH files, you can't go back to an older firmware level.
With bad things, a year of the "foo" can happen, such as (IIRC) 2000 when the E-mail based worms slammed Windows networks, or 1994 when USENET was hit by the spam heard around the world. Those are times when the first salvo is fired starting the conflict in earnest (1994 when the spammers and cancelbots started, and 2000 when malware went from "just" the pirate scene to being able to wind up on anybody's desktop anywhere.)
Right now, malware is relatively rare on phones. However, there are things which are easy money if malware does get a foothold. Dialers for instance -- the old scourge of people who used the Internet before broadband. There is easy money to be made if malware gets a device to spam a SMS service for $10.00 per message.
There is one double-edged sword which both cuts at the freedom of the end user of cellphones and the malware writers -- hardware can change easily between iterations of a phone, while the PC architecture has to remain compatible back to the early 80s and MS-DOS applications. For example, outside of where the iOS apps have their jails, iOS can essentially do anything it wants to, and the apps don't/can't care. Same with Android and the/system directory.
So, the same precautions that can keep malware from accessing the machine can also keep a machine locked down.
Not really. If someone had access to a machine, they can stick a keylogger, and would be able to access the same stuff as stored in a KeePass database as someone enters their passwords to various sites.
As for a secure place to store the KP database, this can be an exercise to the reader, especially if a decent passphrase is used to secure the database. One can't go wrong with an IronKey, but if the machine one is using is compromised, one is pretty much fscked no matter what they do.
Compared to S/MIME, it is a very simple end elegeant authentication system. It doesn't matter what the key pair is, as long as the same key pair is used as was set when the account was created, or when the key pair got changed.
For sake of convenience, this is a good use for the commercial version of PGP, because it can decrypt/sign/encrypt from the clipboard, so authenticating to a site would be just copying the challenge response to that key from the Web browser, clicking "decrypt", pasting the decrypted text in a box, and clicking "OK".
Server-side, it wouldn't be difficult to keep this. The Web server has access to a PGP keyserver, and each account has an entry for the key ID and its fingerprint. If someone compromised the Web server, they can figure out which keys matched to which users, but that's it. Another site using the same keys couldn't be cracked.
Aha... very true. I was meaning client certs. However, for authentication, PGP/gpg keys just like you state work just as well (if not better because a self maintained WOT is more secure than trusting someone else's PKI any way), and would definitely provide both security and anonymity. PGP keys also work in smart cards, so a key for bouncybunny101@mailinator.com could be easily used and if needed, deleted without having it be linked to one's work key or personal info.
That is true, but the current spec for client keys uses a CA that wants people's real names and other info. Some don't care if the E-mail address is unique though, so perhaps multiple keys can be used.
In any case, it makes it easier for cross-site advertisers to tie a single person together. Client certs are a boon to security, but a serious blow to anonymity.
Or if the user wants to be anonymous, and have everything they post on their fetish sites be tied to their same userID as they use for everything else.
Of course, we could move to client certificates stored on smart cards which would make the need for passwords moot, but I don't want every single site to know exactly who I am, and allow third party ad trackers to have absolute knowledge of whom is visting, regardless of cookie stomping, adblocking, or other privacy functions.
Having the Web browser handle passwords is one way to address this. For a new site, I make a password in KeePass, store it in that database, as well as have my Web browser store it. This way, I don't have to bother typing it in, it will be of a decent character length (20 chars), and of random characters, and a blackhat that gets that password won't have access anywhere else I go.
Since my KeePass database syncs with my phone, if I'm using another computer somewhere else, I still have access to sites I go to.
This isn't the best of all worlds solution, but it does work.
Elaborating on this, why not have the password checks be done do an isolated SQL server replicating a read-only table? Then for the password queries, have this be a function of the database, where there is an inserted delay between checks. This way, each user might wait an additional half second to second before logging which isn't that big a deal for them. However, someone who compromised the webserver wouldn't just be able to dump the database en masse, but name by name with 500 ms between each.
Of course, what is obtained is an encrypted nonce and a salt, and the Web server takes the user's password + salt, hashes it x amount of times, then tries to decrypt the nonce. If the nonce decrypts, the user is authenticated. Essentially TrueCrypt's mechanism, plus a backend database function to only allow for delayed single queries.
I have heard this manta repeatedly endlessly by PHBs, "security has no ROI."
With an attitude like this, it gets surprising that these breaches are not even more commonplace. Of course, there will be no long term consequences for the poor security, except what happens to the users.
I hate calling for regulation [1], but it may take governments stepping in and people going to jail before businesses actually pay more than token attention to security.
Defense in depth -- now that is a sensible philosophy. This is really what is needed if businesses are to be able to provide any semblance of integrity. What is ironic is that every MBA that goes through an accredited program has to study ITIL. Defense in depth is one of the topics that they much learn about and pass. So, when a PHB won't fund adequate security, they have no excuse for the consequences.
[1]: With our luck, people call for basic security regulation and get laws like Sarbanes-Oxley which don't add much security (as in less issues with private info walking out the door and onto a torrent site), but would in fact end up making storage companies and "consultants" who do random mumbo-jumbo rich due to mandatory archiving requirements.
The problem is that people are getting dulled by all the warnings popping up on a computer. There are WGA warnings, OGA warnings, warnings that the AV software has expired, warnings that the AV software will expire in a year, but should be upgraded to the premium, deluxe, pro version, warnings that the disk is almost full.
If WGA has to be an issue, pop up a notice at boot time about the authenticity of the PC, offer a method of squelching the dialog completely, and moving on. A user determined to pirate will do so; so might just alert a legit user who might have gotten a non-legit copy once, and move on.
Activation on server products is a gripe of mine. For production critical operating systems, why do they cause potential problems with paying customers? The pirates happily have this disabled. It is the people who pay the good money for the server editions, only to find they have to call in and get shunted to/dev/null who are screwed.
Thankfully MS doesn't completely disable the OS like they used to, so an unactivated Windows copy is more of an annoyance than downtime.
KMS is actually nice. But it has a few caveats which are annoying:
1: To have a KMS server, you need 20 (IIRC) clients or 5+ servers. 2: Activations expire every six months. 3: You have to make sure your infrastructure can connect to the KMS server, so machines can get their needed keys.
Its better than MAK, but the best (IMHO) was XP Pro -- pay for a VLK/SA, and not worry about activation, and the infrastructure changes for it.
Bad thing #1: Locking down devices. Right now, people like the Dev Team jailbreak stuff within a month or two of release. However, eventually hardware chips will get added that are as hard if not harder than baseband modules to crack. Perhaps chips that "supervise" the OS, and if it runs something out of some strict parameters, the device gets shut down until taken to a $AUTHORIZED_STORE and fixed there.
Neutral thing #2: Phones do a lot. They acquire a lot of knowledge about the carrier.
Bad thing #3: Info by #2 is sent back home to carriers.
Bad thing #4: A combined push by LEOs and our *IAAs to find more info about people to start criminal or civil proceedings with ease. Remember, it wasn't that long ago that suing users in the thousands for having a song available, or snarfing a video clip was not thought of.
Bad thing #5: Ad providers being such a strong force. They don't just show disinterest in stopping malware payloads from being delivered through their networks, they want to add new vectors for infection using Phorm-like injectors. They will happily sell any information they get to all and sundry who have the cash.
Bad thing #6: The "piracy" bugaboo. This is a major excuse used for device lockdown.
Bad thing #7: No interest in anti-monopoly regulation.
Bad thing #8: Blacklists are in common use in the industry. For example, if someone gets banned from one casino in Las Vegas, they get banned from all of them.
Now, the day of convergence happens. All this stuff winds up merging. Joe User now buys a smartphone after all these converge:
Day 1: Joe goes out on a date with a co-worker to discuss business. His device notices that it is near other devices, transmits the GPS info to an ad agency. Joe's wife has a search tool that uses info gleaned from ad agencies to monitor where Joe is 24/7 even though his stuff isn't connected. She gives him a tongue lashing when he gets home.
Day 2: Joe visits a MMA place to see about casual sparring. The phone transmits the location, and insurance companies pick it up. They kick Joe off the health insurance because he is engaging in too risky pursuits.
Day 3: Joe posts a private rant on his favorite social network of choice about his job from his home computer. The social network has a top notch privacy policy and has no advertisers at all. However, Joe's phone has an app that quietly slurps up his posts, even though they are posted by another device and sends them to an ad agency. His work subscribes to an employee monitoring system which sends relevant posts if they have the company mentioned. His boss gets handed the rant, and Joe gets fired.
Day 4: Joe decides to go buy a dime bag because he has no job, an estranged wife, and no health insurance. He drives to a part of town that isn't too bad, but where the "upper" level distributers hang out. On the way back, Joe gets pulled over, his car searched and seized, and he ends up in jail. The local PD uses the ad agencies which keep track of all GPS settings of cars in the area, and has pattern matching. Any traffic pattern that is suspect gets an automatic traffic stop and the dog brought out.
Day 5: Joe's wife decides to file a divorce because she wants to move to someone who is making money. She gets someone to check the phone ad agencies and give her the goods on Joe. She serves him divorce papers via E-mail, and because the ad providers know when someone received the message, the E-mail stands up in court as a proper service, just as a visit from the constable.
Day 6: Joe is afraid of monitoring, so tries to flash a ROM without the 24/7/365 monitoring. The device auto-bricks, and he has to take it into an authorized store, pay $300 for them to flash a replacement ROM onto it. Essentially do a fancy version of RSD-Lite. Joe then uses a better utility that prevents the phone from bricking. However because it downloads a utility like su or Cydia, the cellular provider notices the communication between
The ironic thing is that Android's antipiracy mechanism doesn't depend on root being locked away, like how it is on iOS. Apps on a rooted device are just as secure as on a non-rooted device with the way apps check the Google licensing servers to verify they are on a device they are licensed on or not.
Locking out root has no benefit other than a low road to sell more devices, foist a UI and advertising, or disable out Android provided mechanisms (sideloading, tethering).
My favorite ones are programs that just exit instead of bringing up the UI, and don't even set an error code, or if they do, its just 0. No error messages, no nothing. Just exit. Even worse is when they do some major changes before pulling up a UI, and you don't know if they either completed the changes, partially, or nothing.
To elaborate on #11:
#11: No DRM. The BSA would turn any company inside out and have their entrails for Christmas lights if they are caught pirating even a single copy of WinRAR. Businesses who value being open are not going to be pirating anyway. So why add DRM which removes value from the product?
#12: Ability to rebuild the product if it gets corrupted. Have it as an option to have the .cab/.bz2/RPM/.deb/etc. file stored in a directory, including patches. This way, if there is concern about registry/NetInfo/ODM/whatever corruption, it shouldn't be hard to have the product reinstall itself.
#13: An uninstaller. Shit happens and crap gets in a half installed state. It would be great to be able to have a utility that completely removes any and all traces of a program, move aside/archive config files, and rename the config directories. This way, if a config document is causing problems, it is out of the path.
#14: Ability to send reports to a third location, via E-mail or whatnot. This way, either by system logs or E-mail, there is proof that a package was installed or maintained, and not just the install mechanism; but from the application itself.
#15: Ability to install as a non-administrative user if the functionality is relevant (this wouldn't be doable for system utilities, but a Web browser, yes.)
#16: Ability to have a way to completely block installs of the product.
#17: All executables are signed. Not just with the OS signing mechanism, but either with a manifest, or PGP/gpg detached signatures.
#18: A "master console" program that can check for updates, store them, check installed clients if the update is needed, push out updates (either by a program or through the OS's install mechanism), perhaps even allow for removal en masse.
I just wish more operating systems had not just an install mechanism (msiexec, rpm), but an update mechanism from repos (yum, macports). This would make life a lot easier, especially if it can be configured from custom repositories so enterprises can have their own mirrors.
The speakers looked good. However other goods such as the diamond inlaid TV set were pretty pointless.
With electronics, adding bling is pretty much the best people can do for selling ultra-expensive devices. Mainly because of the economy of scale market. If a boutique company made a cell phone that was slimmer than an iPhone, and only made 100 copies, the cost would be astronomical (tens to hundreds of millions of dollars), even factoring out the fact that the device would need a lot of QA testing. The only exception would be taking a motherboard from an existing device and putting it in a custom case, perhaps replacing some components (like the camera or screen) and making sure the OS can work with the modifications. Regression testing is important too.
I'd rather have it known that I purchased the game legitimately, and had to use third party tools to make the software playable as opposed to being yet another person lumped in as another freeloader.
If paying customers make a loud enough statement about something, publishers back down. The removal of some Draconian DRM systems in the past were victories, however small, in this direction. What would help immensely is if publishers see people buying games and stating explicitly they their choices were affected by the absence of DRM. People pirating a game have no voice.
What is even more funny is typing in $RANDOM_NAME, and getting:
$RANDOM_NAME [FAST DDLs]
$RANDOM_NAME [CLEAN]
and many more items. Of course, the only thing you will get for free from these sites is a Trojan or perhaps a drive by download if the browser isn't up to date (or up to snuff.)
It is almost astounding -- these warez sites have been doing the same crap since the turn of the century, and since they are still around, they must be doing something right in getting dimwits to hand them cash. Have a search engine demand you vote at three sites, then after that crap, dumped to another engine. If there is anything to be found, it might be a FTP list.
They do have one use to an IT professional though. They are great places to visit with honeypot VMs on a test network to test your host and network security. If one drive-by or Trojan makes it, expect hundreds of other nasties to be installed too, so it is a definite trial by fire for your IDS.
Charging for stuff only adds insult to injury. Nobody in their right mind would allow for direct download access of pirated software for free. First, their connection and their computers would be saturated. Second, every police officer from Interpol to the county dogcatcher would want a piece of the outfit. Third, there is no honor among thieves. Anything downloaded from there would be at best suspect; at worst Trojaned.
Why should the user care about pipe lengths and quality? All this leads to is that companies will scamper to collude with ISPs so the ISP charges their subscribers less to go to their site than the competitions. Instead of finding the cheapest routes to go on, all companies will do is be wheeling and dealing backstage to see which of them get blessed by the ISPs, and who ends up having the site customers have to pay significantly more to view. The argument is good in theory, but in the real world, it just hands more power to the ISPs, because they have the keys to the roads and everyone else has to kowtow to them if they want to stay open on a daily basis.
SSL is useful, but it isn't perfect. All a rogue ISP has to do is block the connection to the core CAs if a certificate for websites they don't like comes by. They can then insert whatever they please, so the site in Elbonia which is a good reference for synchronized projectile vomiting ends up having its content replaced in flight by the ISP. Yes, the user will get a message that the key can't be verified, but users will do what they do, and just continue onto the site. This way, an ISP can effectively defeat SSL. If people say the ISP is at fault, the ISP can say that they block what they feel like they want to, and deal with it or leave it.
Japan isn't a small country; it is the size of California. However, there are many other nations where ISPs focus on building, and not whining. China is one example -- they just went on a spending spree from the government on down to lay fiber and build infrastructure. Russia is slowly but surely getting its infrastructure to where it needs to be. It is just the US that the ISPs are whining instead of actually doing the business their customers pay them to do.
Exactly. I should have worded it better, e.g., "shut up, and go to your Cisco rep."
Or he has clients who pay him enough that he can be choosy who he works for. I'm sure there are people who happily do IT work, all cash, and part of the cash is to ensure that what is stored on the machines stays there and doesn't end up on a torrent somewhere, in the hands of an opposing attorney, or God forbid, in the evidence locker at the county PD. The downside of that is that the IRS doesn't like unreported income, so even though it is cash, it should be reported anyway. This way, someone who pays cash doesn't have a way to blackmail if the cash isn't reported as earnings.
If you are good (senior sysadmin/IT architect level) at IT work, all you need are 4-5 SMBs that you do work for on an occasional basis, and that can be enough to make a decent living.
Net neutrality is a misnomer. What is needed is are regulations to stop ISPs from doing any or all of the following:
Discrimating by site. Non-DDoS traffic to site "A" should not cost more than going to site "B".
Add/modifying/deleting in flight traffic. Throttling/QoS is one thing, adding adds via Phorm, or changing people's postings to Web boards in flight is another.
Blocking/slowing down one site, just to make another site seem faster.
Unneeded snooping on connections. Traffic should be considered PII, stored only a few days to check for security breaches, then binned. It is not to be sold to any ad companies who want router logs.
Expanding infrastructure. We never see Japanese ISPs wringing their hands in front of the Diet and saying how they are being driven into the ground by people in Tokyo watching TV on their phones. Nor do we see this in Korea or Singapore. ISPs build infrastructure, not just whine about people actually using their services.
We need to address issues exactly, not bundle them under the hazy "net neutrality" topic.
The bouillon ownership will be banned like it was pre-1975.
He does have a point though -- Some Android device makers tend to be lazy when making updates available for their platform, so compared to advertising a device that hasn't shipped, fixing holes on already sold equipment is quite low on their priority list.
The ironic thing -- Android's update mechanism is standalone. When the updates do arrive, they are either already pushed to the device, or easily downloaded via OTA. Contrast this to iOS devices which must be updated via iTunes.
Backing down from an update is also a different story. With tools like ROM Manager and others, it is easy to back up, install a new/updated ROM, and if it doesn't work, roll back. A restore from an iOS device can take a long time, especially if one has a lot of transcoded music files. To boot, unless you use TinyUmbrella and save your SHSH files, you can't go back to an older firmware level.
With bad things, a year of the "foo" can happen, such as (IIRC) 2000 when the E-mail based worms slammed Windows networks, or 1994 when USENET was hit by the spam heard around the world. Those are times when the first salvo is fired starting the conflict in earnest (1994 when the spammers and cancelbots started, and 2000 when malware went from "just" the pirate scene to being able to wind up on anybody's desktop anywhere.)
Right now, malware is relatively rare on phones. However, there are things which are easy money if malware does get a foothold. Dialers for instance -- the old scourge of people who used the Internet before broadband. There is easy money to be made if malware gets a device to spam a SMS service for $10.00 per message.
There is one double-edged sword which both cuts at the freedom of the end user of cellphones and the malware writers -- hardware can change easily between iterations of a phone, while the PC architecture has to remain compatible back to the early 80s and MS-DOS applications. For example, outside of where the iOS apps have their jails, iOS can essentially do anything it wants to, and the apps don't/can't care. Same with Android and the /system directory.
So, the same precautions that can keep malware from accessing the machine can also keep a machine locked down.
Not really. If someone had access to a machine, they can stick a keylogger, and would be able to access the same stuff as stored in a KeePass database as someone enters their passwords to various sites.
As for a secure place to store the KP database, this can be an exercise to the reader, especially if a decent passphrase is used to secure the database. One can't go wrong with an IronKey, but if the machine one is using is compromised, one is pretty much fscked no matter what they do.
Compared to S/MIME, it is a very simple end elegeant authentication system. It doesn't matter what the key pair is, as long as the same key pair is used as was set when the account was created, or when the key pair got changed.
For sake of convenience, this is a good use for the commercial version of PGP, because it can decrypt/sign/encrypt from the clipboard, so authenticating to a site would be just copying the challenge response to that key from the Web browser, clicking "decrypt", pasting the decrypted text in a box, and clicking "OK".
Server-side, it wouldn't be difficult to keep this. The Web server has access to a PGP keyserver, and each account has an entry for the key ID and its fingerprint. If someone compromised the Web server, they can figure out which keys matched to which users, but that's it. Another site using the same keys couldn't be cracked.
Aha... very true. I was meaning client certs. However, for authentication, PGP/gpg keys just like you state work just as well (if not better because a self maintained WOT is more secure than trusting someone else's PKI any way), and would definitely provide both security and anonymity. PGP keys also work in smart cards, so a key for bouncybunny101@mailinator.com could be easily used and if needed, deleted without having it be linked to one's work key or personal info.
That is true, but the current spec for client keys uses a CA that wants people's real names and other info. Some don't care if the E-mail address is unique though, so perhaps multiple keys can be used.
In any case, it makes it easier for cross-site advertisers to tie a single person together. Client certs are a boon to security, but a serious blow to anonymity.
Or if the user wants to be anonymous, and have everything they post on their fetish sites be tied to their same userID as they use for everything else.
Of course, we could move to client certificates stored on smart cards which would make the need for passwords moot, but I don't want every single site to know exactly who I am, and allow third party ad trackers to have absolute knowledge of whom is visting, regardless of cookie stomping, adblocking, or other privacy functions.
Having the Web browser handle passwords is one way to address this. For a new site, I make a password in KeePass, store it in that database, as well as have my Web browser store it. This way, I don't have to bother typing it in, it will be of a decent character length (20 chars), and of random characters, and a blackhat that gets that password won't have access anywhere else I go.
Since my KeePass database syncs with my phone, if I'm using another computer somewhere else, I still have access to sites I go to.
This isn't the best of all worlds solution, but it does work.
Elaborating on this, why not have the password checks be done do an isolated SQL server replicating a read-only table? Then for the password queries, have this be a function of the database, where there is an inserted delay between checks. This way, each user might wait an additional half second to second before logging which isn't that big a deal for them. However, someone who compromised the webserver wouldn't just be able to dump the database en masse, but name by name with 500 ms between each.
Of course, what is obtained is an encrypted nonce and a salt, and the Web server takes the user's password + salt, hashes it x amount of times, then tries to decrypt the nonce. If the nonce decrypts, the user is authenticated. Essentially TrueCrypt's mechanism, plus a backend database function to only allow for delayed single queries.
I have heard this manta repeatedly endlessly by PHBs, "security has no ROI."
With an attitude like this, it gets surprising that these breaches are not even more commonplace. Of course, there will be no long term consequences for the poor security, except what happens to the users.
I hate calling for regulation [1], but it may take governments stepping in and people going to jail before businesses actually pay more than token attention to security.
Defense in depth -- now that is a sensible philosophy. This is really what is needed if businesses are to be able to provide any semblance of integrity. What is ironic is that every MBA that goes through an accredited program has to study ITIL. Defense in depth is one of the topics that they much learn about and pass. So, when a PHB won't fund adequate security, they have no excuse for the consequences.
[1]: With our luck, people call for basic security regulation and get laws like Sarbanes-Oxley which don't add much security (as in less issues with private info walking out the door and onto a torrent site), but would in fact end up making storage companies and "consultants" who do random mumbo-jumbo rich due to mandatory archiving requirements.
The problem is that people are getting dulled by all the warnings popping up on a computer. There are WGA warnings, OGA warnings, warnings that the AV software has expired, warnings that the AV software will expire in a year, but should be upgraded to the premium, deluxe, pro version, warnings that the disk is almost full.
If WGA has to be an issue, pop up a notice at boot time about the authenticity of the PC, offer a method of squelching the dialog completely, and moving on. A user determined to pirate will do so; so might just alert a legit user who might have gotten a non-legit copy once, and move on.
Activation on server products is a gripe of mine. For production critical operating systems, why do they cause potential problems with paying customers? The pirates happily have this disabled. It is the people who pay the good money for the server editions, only to find they have to call in and get shunted to /dev/null who are screwed.
Thankfully MS doesn't completely disable the OS like they used to, so an unactivated Windows copy is more of an annoyance than downtime.
KMS is actually nice. But it has a few caveats which are annoying:
1: To have a KMS server, you need 20 (IIRC) clients or 5+ servers.
2: Activations expire every six months.
3: You have to make sure your infrastructure can connect to the KMS server, so machines can get their needed keys.
Its better than MAK, but the best (IMHO) was XP Pro -- pay for a VLK/SA, and not worry about activation, and the infrastructure changes for it.