The problem still exists. The reason why you don't see more LTE towers or WiMAX coverage is twofold:
1: Good luck finding an upstream. They will laugh in your face.
2: Even more luck getting a wireless license from the FCC for getting the towers up.
Really, our only hope of seeing bandwidth increase in most areas (most of the US it has been the same for quite some time now) is either a push by the Federal government because of we being so far behind, or LTE Advanced [1] finally getting deployed by cellular companies.
[1]: LTE Advanced has a lot of nice features, the main of which is that voice and data use the same channels rather than being split.
This is not the subscriber's problem. Again, I'll use a car analogy. Foo Shipping guarantees overnight delivery anywhere in the US. However, when they get customers, they end up whining to Congress and the media that they have to keep buying tractor trailer rigs, space on trains, and planes to meet the obligations that they promised customers.
You know what Congress would say if a shipping company did whine about this? Here is the number for Peterbilt; buy some vehicles to add to your fleet and charge it off your expenses, or file bankruptcy and let people who can do the job do it. The only reason Comcast is getting away with this is that Congress isn't tech savvy enough to know that Comcast just is too cheap to do what is needed to keep in business. Comcast needs to get the backhoes out there and get the long haul infrastructure that they are apparently promising, or contract with people who can do the job.
No other country in the world has these issues. You don't see Japanese ISPs complaining because they are streaming a different movie to tens of millions of cellphones in densely populated areas. Plenty of people watch streaming movies on their cellphones in Seoul and the ISP isn't screaming bloody murder about it.
Comcast has no excuse. They need to stop calling Congress about their issues, and start calling the Cisco reps for equipment upgrades.
Isn't carrying traffic the job of an ISP? This is what they are paid for by their subscribers, so the subscribers can go to the websites they choose and look at whatever they so want. If Comcast was unable to carry the subscriber traffic from netflix, they should not have advertised that they can carry that bandwidth. The car analogy would be a private company who owns a tollway, one lane north, one south, advertising that they can take on all the NAFTA traffic of I-35 from Mexico to Canada, then finding out they don't want to add more lanes. So they demand that both the place where the truck is going and where the truck was heading from pay the tollway company money or else the semi would be seized and the cargo sold off.
Comcast appears to be extorting; double-dipping because they can. If they truly couldn't handle Netflix's load, they should notify people that they are unable to hold up their end of the subscription process, and depending on SLA (if any), notify their customers of an anticipatory breach of contract and refund differences until Comcast can get the infrastructure up to par.
From what I see with dealing with users, it is less despair, but more than a nonchalance of "this is just a machine, why can't I push a button and have the pr0n pop up for me to ogle?"
Companies know this. Google has this user designed exactly in mind when designing ChromeOS (where the user will never have root on the desktop.)
I fear this path, although it is forced upon us in some ways by users who have zero interest in security and who then complain to companies (and Congress) about the lack of security in products. I wonder in 10-15 years, that having a "#" prompt on the desktop would be as much a memory as being able to desolder through-hole ICs without a wave soldering station so a whole board wouldn't need replaced because of one bad chip.
It is trivial to redirect anything going out port 53 to your DNS servers, so if someone is using Google's DNS or OpenDNS, it would end up with the query being returned from the ISP's servers.
That is probably the best solution we have... until ISPs wise up, go actively to war against their customers and start blocking ports.
The problem is what VPN services are worth using, versus the ones who would turn you in (or are already selling the user data) in a heartbeat? The guy who riffled through Palin's E-mail account was using a VPN.
I am sure someone would make a killing by having a VPN service that has a good reputation, with a fast connection and located offshore somewhere, perhaps with server farms to redirect traffic back to the US (so the offshore links are outputted domestically for Hulu access.)
Caveat: You have to trust your VPN provider because they know where all your traffic really goes.
Problem is that there are some people in IT don't understand backups. Other departments install the client (be it Avamar, TSM, NetBackup, Networker, BRU, Zmanda, or whatever solution), and assume their problems are magically solved.
However, there are three things that people forget about backups:
1: The backup server needs to be the most secure on the network, or at least more secure than the most secure machine it backs up. If a blackhat gets into the backup server, they don't just have access to everything present, they can push out bogus restores and overwrite/destroy production machines.
2: A key management system for encryption goes without saying. Even if one of the keys is put on multiple media (CD-ROMS, USB flash drives) and stuffed in a corporate safe deposit box, only accessible by the company officers (CEO, CFO, etc.) Almost any backup product for the enterprise supports encryption, but managing all the keys can be a daunting task if not done right.
3: Recovery scenarios. There is a world of difference between grabbing a file from an image that got accidentally deleted versus restoring a bare metal machine image onto different hardware (because the old machine completely died.)
4: Retention periods. If someone keeps data on disk indefinitely, it will make EMC or NetApp happy, but it may not be the best thing for the budget. Eventually the old stuff that has to be kept for 7 years (E-mail), or even 50 years (anything doing with aviation) needs to be migrated to media that doesn't have to be kept spinning. People say that disk is cheap; but enterprise SAN disk space where you want the data that you want to keep is definitely not, even if it space on the tier 3 platters. Tape isn't going away -- even the EMC Avamar units [1] which replicate their backups have tape out for offsite and offline storage.
Backups are one of those things that you never get 100% right, but you try to do what you can, and hope that when you get hit by a disaster, you can recover something. For example, you might have everything set up so you meet your offsite copy of media by a certain time (when the offsite storage guy comes around.) However, a machine glitches, keeps a disk or tape in use and you find your offsite doesn't complete by the time the media has to leave. You then learn to start splitting your offsite jobs so the machines that matter the least get their stuff copied last.
It is less a social issue than a security issue. It could be a disgruntled admin, but it could also be a blackhat who gets admin rights. Having everything stored on replicated disk pools means that the installation is one, perhaps two commands away from oblivion when it comes to the backup system. This is something affects every company; no matter who you are, there is someone who would love to see all your business's or organization's data be wiped if only just for brag rights in their section of Elbonia, or as an example to a crime ring to carry out extortion.
This doesn't mean that tapes are the be all and end all, but it takes a lot more to destroy a bunch of tapes than it does to blender a hard disk based solution.
Exactly. Copying to another server might help against hardware problems, but all it takes is an admin who wants to do some damage, root, and a dd command to ruin that completely.
The ideal system is D2D2T. Have lots of disk space onsite that backups to go. Then copy it every so often to a tape library, write-protect the tapes, and have those offsited. With WORM tapes (LTO and DLT have this capability), this also takes care of tamper-resistant archiving, as the data on the tapes can only be destroyed, not modified. Of course, two disk arrays replicating is what a lot of backup vendors sell... however, it just takes that one blackhat who gets admin access and the show is over.
Backups are one of the most misunderstood and neglected concepts of computing as we know it. Between laziness and vendors selling their appliances and gadgets, there are a lot of misconceptions about proper backups.
Horror story #1: The guy with the term paper on the laptop which gets backed up to a USB flash drive. Roommate gets kicked out of the university, and grabs laptop + drive as a consolation prize. Result: Retaking a course. Moral: Backups to another drive are good, but don't address the problem.
Horror story #2: Business had two machine which rsynced with each other for offsites. One of the sysadmins was disgruntled, rm -rf-ed the files on one end, rsynced that, then rsynced some large blobs so the deleted files would be overwritten.
Backups are easily forgotten about... until they are needed. I have seen a lot of deer-in-the-headlights looks from people who thought they had working backup systems, but in reality, they backed up the wrong data, overwrote the wrong items, had great encryption and no recovery keys, or the tapes were safe at Iron Mountain... but nobody had an account to access there.
Like security, PHBs consider backups pointless because they have no obvious ROI. Of course, this comes to kill businesses if something does fail. Here in Austin, there was a textbook seller for the University of Texas called Texas Textbooks. They were on top of the market. Then they had HDD problems and lost all their data with no ability to recover. End result, a few months later, their doors were shuttered.
Backups are not rocket science. You have a way to copy data to an onsite repository, then a second way to copy it offsite (be it to a cloud, to tapes or other media that you move offsite) This applies to everyone from a SOHO business to the big guys. You then validate that the data is readable, and every link in the chain is present, from having the license keys for the backup software, to having the software somewhere, to the right hardware for reading the media, etc.
This is something I wonder about. The last MUA on a cellphone that supported S/MIME was Outlook on Windows Mobile 6.5.
Why do E-mail programs not support client certificates and secure messaging anymore on smartphones? Of course, not everyone uses it, but S/MIME is better than nothing and at least protects the mail from end to end. What would be ideal is both S/MIME support and PGP/gpg support with support for PGP/gpg key maintaining.
As for encryption, it would be nice if phones had a special segment of persistant memory for keys, and stored the encryption key to the root and data volumes in that. This way, a secure erase just means essentially unmounting all program and data filesystems, a zap of the key, a new key generated, a couple mkfs runs, remounting the program and data filesystems, and copying the OS back from a read-only area. This way, the data is unrecoverable that was there before, barring a complete breakage of AES.
PKIs are nice, but it is better to trust multiple people as trusted introducers than just one CA. This way, if a person decides to introduce Charlie as Bob, Alice will know because Mallory and Dave will show Bob's public key as different than what was stated, and the person who lied about the introduction can be marked as untrusted [1], and that info about the person being not trustworthy being propagated along the WoT chain.
[1]: Untrusted as in any keys signed by the person will not be considered useful unless someone else signs them. The person can be a raving loon, but if they are reliable in making sure whose keys they sign are really that person, they are trusted in this sense.
Perhaps a separate, burned ROM (that can't be tampered with) that boots if a button is pressed? This ROM would scan the other BIOS storage and do exactly as you say -- compare everything to known hashes, and if there is an issue, zero out the BIOS and slap a "1.0" image that originally shipped with it, or perhaps have another mechanism for writing a BIOS to the storage. This is similar to booting a Linux machine from a Knoppix CD, running a hash of all files, then permissions and comparing the two to a known good reading.
Perhaps even just having a standard connector and method for accessing the JTAG ports might be the way to go. Plug a connector in, check on a second device if the code stored matches what it should be. If not, copy over a version that does. This could be automated so the NIC maker can make a security tool with a green/yellow/red light about the size of a 1/8 to 1/4" audio jack adapter that plugs into cards, reads a green light if the ROM matches a known good one, red if it doesn't, and yellow to tell the user the device is reflashing the NIC to a known good BIOS load.
Don't have to turn it on for all cards, just like one of the prime vectors for malware are ad infected ad rotators where the ads just show to a small percentage -- just one in every several thousand cards with a bongoed ROM can bring in a superb ROI for blackhats.
I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.
I can see this happening with malware, especially on a NIC with DMA access. Even if a machine is completely DBAN-ed, the botnet client will silently reinstall itself. As more devices (keyboards and such) have ROMs that can be flashed, we will see more and more devices have this avenue for compromise.
How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.
I can also see an alternative #3: Attempting to remove browser history or identifying cookies is considered bypassing DRM under DMCA/ACTA/whatever future laws get made.
What I'd like to see is research on pseudo-anonymity. The ability to have an identity remain anonymous, but people are able to correlate posts/ideas. This way, someone anonymous ID (like the person posting under the nym Black Unicorn back in the Cypherpunk days) can start to have a reputation and some way of knowing posts were his/hers, but without the ability to tie it to a real person. A real person can have multiple of these nyms and change at will.
True anonymity is a good thing, but having a method of being able to have some sort of identity that isn't tied to the person would be nice too.
For me, journaling was the reason to move from ext2 to ext3. However, for an end user, ZFS has a few cool features that are significant:
1: Deduplication by blocks. For end users, it should save some disk space, not sure how much. 2: File CRCs. This means file corruption is at least detected. 3: RAID-Z. 'Nuff said. No worry about the LVM layer. 4: Filesystem encryption.
This is a good view. I can summarize it up in three words:
Innovate or die.
Right now, what is needed is R&D. R&D -> New stuff found in lab -> New stuff that can be adopted to commercial use -> markets -> expansion of overall economy -> jobs -> more people buying stuff -> more businesses starting/expanding -> more jobs.
What it is going to take is capital to seed R&D. Compared to other things the US government spends for, this is not a major expense. Of course, there are numerous places to start. No, the ROI on this wouldn't be in a quarter or two, but in several years, the payback will be far greater.
"There are no fleet management components or APIs.
There are no policy controls to prevent data theft of give data protection at all (aside from DRM).
There's no saction from Apple to use the iPad in business. They claim it's a consumer device, and not one for business. Ask them."
I just made a policy for a client using one of Apple's tools to ensure that a PIN is used on iPhones connected to Exchange servers, as well as erase the device after 10 failed attempts. It isn't a significant security policy, but stricter rules were needed, I could do a good amount more when it comes to enterprise iPhone lockdown, be it ensuring backups via iTunes are encrypted, using passwords for unlocking the device instead of PINs, etc. The Apple tools even allow disabling of the iTunes store, disallowing music, disallowing the camera to be used, and many other things that some businesses might need.
Apple's provisioning tools are not the greatest, but are decent.
As for Apple in the enterprise, I think the people who have the wheel at Apple know that their strong point is in the consumer level market. Inventing new markets in the enterprise is a lot harder than finding a new gadget for people to buy. So, Apple's presence is enough to get them past the bean counters (such as native Exchange support and policy adherence), but they are not going to make an XServe type of machine ever again. It sucks that one has to use 12Us of rack space for a machine that used to take up 1U, but Apple never sold that many XServes to keep that model going.
Apple knows its strengths and weaknesses. It knows it isn't going to be able to compete in the enterprise against the likes of MS or Oracle, the same way that IBM knows it can't compete in the commodity PC market and cut its losses.
I wonder if the US government should set up another backbone, similar to SIPRnet and NIPRnet. Call it "BIPRnet", this would be a backbone for large businesses to communicate with each other, for example bank "A" to credit card handler "B". It would be pre-assigned which machines could communicate to which, so if bank "A"'s machine tries to communicate to bank "C"'s machine without some form of process of opening ports, it will be automatically refused. This way, an attacker would have to find a gateway machine on the backbone to compromise, then try to find one of the relatively few machines on "BIPRNet" that the box can communicate with to try to break into.
This would narrow down greatly the way a box can be attacked, as well as remove critical business traffic off the Internet, unless going through an encrypted gateway [1].
[1]: A real encrypted gateway that both half-routers have a preshared key and/or a public key both know and not certificate based. This keeps someone from getting access to a third party master CA and firing up a MITM attack.
I keep wondering about just having a beefed up starter that can propel the vehicle for a small distance. This would take some engineering because of the cooling and added stresses, but this would be a lot easier to do than completely re-engineer a vehicle like the Prius or Insight.
This way, when idle, the ICE engine is off, but the car can be moved forward on the starter motor (similar to how you get a manual Jeep that is stalled off of train tracks).
IIRC, the diesel fuel particulate laws are stricter here in the US than abroad, a blowback from the Mercedes turbo diesels which could evacuate a city block with their sulphur belching.
This is pure pedantic-ism on my part: Accidents happen. Too much beer and no restrooms nearby may result in an accident. Trusting a fart when you are over 40 may result in an even worse accident.
However, when it pertains to vehicles, there is no such thing as an accident. Instead, they are wrecks or collisions where one or more parties broke the rules of the road and damage or personal injury resulted.
This is just a personal rant of mine, because I know people who have gotten in some serious collisions then try to blame anything and anyone but themselves.
The problem still exists. The reason why you don't see more LTE towers or WiMAX coverage is twofold:
1: Good luck finding an upstream. They will laugh in your face.
2: Even more luck getting a wireless license from the FCC for getting the towers up.
Really, our only hope of seeing bandwidth increase in most areas (most of the US it has been the same for quite some time now) is either a push by the Federal government because of we being so far behind, or LTE Advanced [1] finally getting deployed by cellular companies.
[1]: LTE Advanced has a lot of nice features, the main of which is that voice and data use the same channels rather than being split.
This is not the subscriber's problem. Again, I'll use a car analogy. Foo Shipping guarantees overnight delivery anywhere in the US. However, when they get customers, they end up whining to Congress and the media that they have to keep buying tractor trailer rigs, space on trains, and planes to meet the obligations that they promised customers.
You know what Congress would say if a shipping company did whine about this? Here is the number for Peterbilt; buy some vehicles to add to your fleet and charge it off your expenses, or file bankruptcy and let people who can do the job do it. The only reason Comcast is getting away with this is that Congress isn't tech savvy enough to know that Comcast just is too cheap to do what is needed to keep in business. Comcast needs to get the backhoes out there and get the long haul infrastructure that they are apparently promising, or contract with people who can do the job.
No other country in the world has these issues. You don't see Japanese ISPs complaining because they are streaming a different movie to tens of millions of cellphones in densely populated areas. Plenty of people watch streaming movies on their cellphones in Seoul and the ISP isn't screaming bloody murder about it.
Comcast has no excuse. They need to stop calling Congress about their issues, and start calling the Cisco reps for equipment upgrades.
Isn't carrying traffic the job of an ISP? This is what they are paid for by their subscribers, so the subscribers can go to the websites they choose and look at whatever they so want. If Comcast was unable to carry the subscriber traffic from netflix, they should not have advertised that they can carry that bandwidth. The car analogy would be a private company who owns a tollway, one lane north, one south, advertising that they can take on all the NAFTA traffic of I-35 from Mexico to Canada, then finding out they don't want to add more lanes. So they demand that both the place where the truck is going and where the truck was heading from pay the tollway company money or else the semi would be seized and the cargo sold off.
Comcast appears to be extorting; double-dipping because they can. If they truly couldn't handle Netflix's load, they should notify people that they are unable to hold up their end of the subscription process, and depending on SLA (if any), notify their customers of an anticipatory breach of contract and refund differences until Comcast can get the infrastructure up to par.
From what I see with dealing with users, it is less despair, but more than a nonchalance of "this is just a machine, why can't I push a button and have the pr0n pop up for me to ogle?"
Companies know this. Google has this user designed exactly in mind when designing ChromeOS (where the user will never have root on the desktop.)
I fear this path, although it is forced upon us in some ways by users who have zero interest in security and who then complain to companies (and Congress) about the lack of security in products. I wonder in 10-15 years, that having a "#" prompt on the desktop would be as much a memory as being able to desolder through-hole ICs without a wave soldering station so a whole board wouldn't need replaced because of one bad chip.
It is trivial to redirect anything going out port 53 to your DNS servers, so if someone is using Google's DNS or OpenDNS, it would end up with the query being returned from the ISP's servers.
That is probably the best solution we have... until ISPs wise up, go actively to war against their customers and start blocking ports.
The problem is what VPN services are worth using, versus the ones who would turn you in (or are already selling the user data) in a heartbeat? The guy who riffled through Palin's E-mail account was using a VPN.
I am sure someone would make a killing by having a VPN service that has a good reputation, with a fast connection and located offshore somewhere, perhaps with server farms to redirect traffic back to the US (so the offshore links are outputted domestically for Hulu access.)
Caveat: You have to trust your VPN provider because they know where all your traffic really goes.
Problem is that there are some people in IT don't understand backups. Other departments install the client (be it Avamar, TSM, NetBackup, Networker, BRU, Zmanda, or whatever solution), and assume their problems are magically solved.
However, there are three things that people forget about backups:
1: The backup server needs to be the most secure on the network, or at least more secure than the most secure machine it backs up. If a blackhat gets into the backup server, they don't just have access to everything present, they can push out bogus restores and overwrite/destroy production machines.
2: A key management system for encryption goes without saying. Even if one of the keys is put on multiple media (CD-ROMS, USB flash drives) and stuffed in a corporate safe deposit box, only accessible by the company officers (CEO, CFO, etc.) Almost any backup product for the enterprise supports encryption, but managing all the keys can be a daunting task if not done right.
3: Recovery scenarios. There is a world of difference between grabbing a file from an image that got accidentally deleted versus restoring a bare metal machine image onto different hardware (because the old machine completely died.)
4: Retention periods. If someone keeps data on disk indefinitely, it will make EMC or NetApp happy, but it may not be the best thing for the budget. Eventually the old stuff that has to be kept for 7 years (E-mail), or even 50 years (anything doing with aviation) needs to be migrated to media that doesn't have to be kept spinning. People say that disk is cheap; but enterprise SAN disk space where you want the data that you want to keep is definitely not, even if it space on the tier 3 platters. Tape isn't going away -- even the EMC Avamar units [1] which replicate their backups have tape out for offsite and offline storage.
Backups are one of those things that you never get 100% right, but you try to do what you can, and hope that when you get hit by a disaster, you can recover something. For example, you might have everything set up so you meet your offsite copy of media by a certain time (when the offsite storage guy comes around.) However, a machine glitches, keeps a disk or tape in use and you find your offsite doesn't complete by the time the media has to leave. You then learn to start splitting your offsite jobs so the machines that matter the least get their stuff copied last.
It is less a social issue than a security issue. It could be a disgruntled admin, but it could also be a blackhat who gets admin rights. Having everything stored on replicated disk pools means that the installation is one, perhaps two commands away from oblivion when it comes to the backup system. This is something affects every company; no matter who you are, there is someone who would love to see all your business's or organization's data be wiped if only just for brag rights in their section of Elbonia, or as an example to a crime ring to carry out extortion.
This doesn't mean that tapes are the be all and end all, but it takes a lot more to destroy a bunch of tapes than it does to blender a hard disk based solution.
Exactly. Copying to another server might help against hardware problems, but all it takes is an admin who wants to do some damage, root, and a dd command to ruin that completely.
The ideal system is D2D2T. Have lots of disk space onsite that backups to go. Then copy it every so often to a tape library, write-protect the tapes, and have those offsited. With WORM tapes (LTO and DLT have this capability), this also takes care of tamper-resistant archiving, as the data on the tapes can only be destroyed, not modified. Of course, two disk arrays replicating is what a lot of backup vendors sell... however, it just takes that one blackhat who gets admin access and the show is over.
+1
Backups are one of the most misunderstood and neglected concepts of computing as we know it. Between laziness and vendors selling their appliances and gadgets, there are a lot of misconceptions about proper backups.
Horror story #1: The guy with the term paper on the laptop which gets backed up to a USB flash drive. Roommate gets kicked out of the university, and grabs laptop + drive as a consolation prize. Result: Retaking a course. Moral: Backups to another drive are good, but don't address the problem.
Horror story #2: Business had two machine which rsynced with each other for offsites. One of the sysadmins was disgruntled, rm -rf-ed the files on one end, rsynced that, then rsynced some large blobs so the deleted files would be overwritten.
Backups are easily forgotten about... until they are needed. I have seen a lot of deer-in-the-headlights looks from people who thought they had working backup systems, but in reality, they backed up the wrong data, overwrote the wrong items, had great encryption and no recovery keys, or the tapes were safe at Iron Mountain... but nobody had an account to access there.
Like security, PHBs consider backups pointless because they have no obvious ROI. Of course, this comes to kill businesses if something does fail. Here in Austin, there was a textbook seller for the University of Texas called Texas Textbooks. They were on top of the market. Then they had HDD problems and lost all their data with no ability to recover. End result, a few months later, their doors were shuttered.
Backups are not rocket science. You have a way to copy data to an onsite repository, then a second way to copy it offsite (be it to a cloud, to tapes or other media that you move offsite) This applies to everyone from a SOHO business to the big guys. You then validate that the data is readable, and every link in the chain is present, from having the license keys for the backup software, to having the software somewhere, to the right hardware for reading the media, etc.
This is something I wonder about. The last MUA on a cellphone that supported S/MIME was Outlook on Windows Mobile 6.5.
Why do E-mail programs not support client certificates and secure messaging anymore on smartphones? Of course, not everyone uses it, but S/MIME is better than nothing and at least protects the mail from end to end. What would be ideal is both S/MIME support and PGP/gpg support with support for PGP/gpg key maintaining.
As for encryption, it would be nice if phones had a special segment of persistant memory for keys, and stored the encryption key to the root and data volumes in that. This way, a secure erase just means essentially unmounting all program and data filesystems, a zap of the key, a new key generated, a couple mkfs runs, remounting the program and data filesystems, and copying the OS back from a read-only area. This way, the data is unrecoverable that was there before, barring a complete breakage of AES.
We really need less of a PKI than a WOT.
PKIs are nice, but it is better to trust multiple people as trusted introducers than just one CA. This way, if a person decides to introduce Charlie as Bob, Alice will know because Mallory and Dave will show Bob's public key as different than what was stated, and the person who lied about the introduction can be marked as untrusted [1], and that info about the person being not trustworthy being propagated along the WoT chain.
[1]: Untrusted as in any keys signed by the person will not be considered useful unless someone else signs them. The person can be a raving loon, but if they are reliable in making sure whose keys they sign are really that person, they are trusted in this sense.
Perhaps a separate, burned ROM (that can't be tampered with) that boots if a button is pressed? This ROM would scan the other BIOS storage and do exactly as you say -- compare everything to known hashes, and if there is an issue, zero out the BIOS and slap a "1.0" image that originally shipped with it, or perhaps have another mechanism for writing a BIOS to the storage. This is similar to booting a Linux machine from a Knoppix CD, running a hash of all files, then permissions and comparing the two to a known good reading.
Perhaps even just having a standard connector and method for accessing the JTAG ports might be the way to go. Plug a connector in, check on a second device if the code stored matches what it should be. If not, copy over a version that does. This could be automated so the NIC maker can make a security tool with a green/yellow/red light about the size of a 1/8 to 1/4" audio jack adapter that plugs into cards, reads a green light if the ROM matches a known good one, red if it doesn't, and yellow to tell the user the device is reflashing the NIC to a known good BIOS load.
Don't have to turn it on for all cards, just like one of the prime vectors for malware are ad infected ad rotators where the ads just show to a small percentage -- just one in every several thousand cards with a bongoed ROM can bring in a superb ROI for blackhats.
I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.
I can see this happening with malware, especially on a NIC with DMA access. Even if a machine is completely DBAN-ed, the botnet client will silently reinstall itself. As more devices (keyboards and such) have ROMs that can be flashed, we will see more and more devices have this avenue for compromise.
How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.
I can also see an alternative #3: Attempting to remove browser history or identifying cookies is considered bypassing DRM under DMCA/ACTA/whatever future laws get made.
What I'd like to see is research on pseudo-anonymity. The ability to have an identity remain anonymous, but people are able to correlate posts/ideas. This way, someone anonymous ID (like the person posting under the nym Black Unicorn back in the Cypherpunk days) can start to have a reputation and some way of knowing posts were his/hers, but without the ability to tie it to a real person. A real person can have multiple of these nyms and change at will.
True anonymity is a good thing, but having a method of being able to have some sort of identity that isn't tied to the person would be nice too.
Jailbreak, use RemoveBG, an add-on for SBSettings. A lot faster than zapping jiggly little icons.
For me, journaling was the reason to move from ext2 to ext3. However, for an end user, ZFS has a few cool features that are significant:
1: Deduplication by blocks. For end users, it should save some disk space, not sure how much.
2: File CRCs. This means file corruption is at least detected.
3: RAID-Z. 'Nuff said. No worry about the LVM layer.
4: Filesystem encryption.
This is a good view. I can summarize it up in three words:
Innovate or die.
Right now, what is needed is R&D. R&D -> New stuff found in lab -> New stuff that can be adopted to commercial use -> markets -> expansion of overall economy -> jobs -> more people buying stuff -> more businesses starting/expanding -> more jobs.
What it is going to take is capital to seed R&D. Compared to other things the US government spends for, this is not a major expense. Of course, there are numerous places to start. No, the ROI on this wouldn't be in a quarter or two, but in several years, the payback will be far greater.
"There are no fleet management components or APIs.
There are no policy controls to prevent data theft of give data protection at all (aside from DRM).
There's no saction from Apple to use the iPad in business. They claim it's a consumer device, and not one for business. Ask them."
I just made a policy for a client using one of Apple's tools to ensure that a PIN is used on iPhones connected to Exchange servers, as well as erase the device after 10 failed attempts. It isn't a significant security policy, but stricter rules were needed, I could do a good amount more when it comes to enterprise iPhone lockdown, be it ensuring backups via iTunes are encrypted, using passwords for unlocking the device instead of PINs, etc. The Apple tools even allow disabling of the iTunes store, disallowing music, disallowing the camera to be used, and many other things that some businesses might need.
Apple's provisioning tools are not the greatest, but are decent.
As for Apple in the enterprise, I think the people who have the wheel at Apple know that their strong point is in the consumer level market. Inventing new markets in the enterprise is a lot harder than finding a new gadget for people to buy. So, Apple's presence is enough to get them past the bean counters (such as native Exchange support and policy adherence), but they are not going to make an XServe type of machine ever again. It sucks that one has to use 12Us of rack space for a machine that used to take up 1U, but Apple never sold that many XServes to keep that model going.
Apple knows its strengths and weaknesses. It knows it isn't going to be able to compete in the enterprise against the likes of MS or Oracle, the same way that IBM knows it can't compete in the commodity PC market and cut its losses.
I wonder if the US government should set up another backbone, similar to SIPRnet and NIPRnet. Call it "BIPRnet", this would be a backbone for large businesses to communicate with each other, for example bank "A" to credit card handler "B". It would be pre-assigned which machines could communicate to which, so if bank "A"'s machine tries to communicate to bank "C"'s machine without some form of process of opening ports, it will be automatically refused. This way, an attacker would have to find a gateway machine on the backbone to compromise, then try to find one of the relatively few machines on "BIPRNet" that the box can communicate with to try to break into.
This would narrow down greatly the way a box can be attacked, as well as remove critical business traffic off the Internet, unless going through an encrypted gateway [1].
[1]: A real encrypted gateway that both half-routers have a preshared key and/or a public key both know and not certificate based. This keeps someone from getting access to a third party master CA and firing up a MITM attack.
I keep wondering about just having a beefed up starter that can propel the vehicle for a small distance. This would take some engineering because of the cooling and added stresses, but this would be a lot easier to do than completely re-engineer a vehicle like the Prius or Insight.
This way, when idle, the ICE engine is off, but the car can be moved forward on the starter motor (similar to how you get a manual Jeep that is stalled off of train tracks).
IIRC, the diesel fuel particulate laws are stricter here in the US than abroad, a blowback from the Mercedes turbo diesels which could evacuate a city block with their sulphur belching.
This is pure pedantic-ism on my part: Accidents happen. Too much beer and no restrooms nearby may result in an accident. Trusting a fart when you are over 40 may result in an even worse accident.
However, when it pertains to vehicles, there is no such thing as an accident. Instead, they are wrecks or collisions where one or more parties broke the rules of the road and damage or personal injury resulted.
This is just a personal rant of mine, because I know people who have gotten in some serious collisions then try to blame anything and anyone but themselves.