Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Windows 8 and Microsoft's store? on Beware the Garden of Steven · · Score: 1

    What about Microsoft and their app store in Windows 8 which does similar functionality?

    I think what Microsoft and Apple are doing is getting a reliable and historically clean distribution mechanism (glorified repositories) working on their platforms. This way, Joe Sixpack either realizes he is doing something very wrong when a pr0n site is demanding he manually download and install something that isn't easily available from the store/repo.

    Repos/stores like this make life easy for small developers. Application updates are easily propagated, and even if the store doesn't advertise the app, the vendor can always link to it and users can know it was at least vetted by someone before installing it.

  2. Re:Best thing I ever did on Recommendations For Home Virtualization? · · Score: 1

    All the VM solutions are decent. I like VMWare Workstation because it allows for multiple snapshots, snapshots taken in the background automatically, encryption of the VM disk files, etc. Similar with VMWare Fusion on the Mac. VirtualBox is good for personal use.

    The only solution nobody has mentioned, (but there is a special case where it is the only game in town) is Hyper-V on Windows Server 2008 R2. There are cases where I use this in combination with BitLocker to secure virtual machines on a server (or its drives) in a remote location from physical theft, but still allow the server to reboot without having to wait for a password. This also prevents tampering of the MBR and other items as well.

    If one wants a dedicated machine for VMs, and ESXi doesn't do the trick, the next best game in town would likely be a Linux distro and some form of virtual machine manager. I'm most familiar with VirtualBox and VMWare's offerings, but I'm sure Xen or others would work quite well here.

  3. Re:California Taxes on Why Silicon Valley Won't Be the Green Car Detroit · · Score: 4, Insightful

    I would also choose to build cars somewhere else for the following reasons, even not bothering with taxes:

    1: Heavy industry is not popular in CA. I'd encounter NIMBY syndrome everywhere I wanted to place a heavy duty factory.

    2: Detroit has lots of fresh water. Most of California does not. This is a make or break, because if push came to shove, the spigots would be turned off on the factory's water supply so the golf course down the street can water their lawns.

    3: Energy problems. California has brownouts aplenty. I'd either have to have large batteries to make up for the poor power grid there, or move to a place that has more reliable power.

    4: Traffic. I would not be able to move cars out to the rest of the nation and the world as readily as if the plant was located in a less populated region.

    Where would I put a factory? Michigan and Texas both come to mind. Detroit, Abilene, or San Antonio would be ideal spots. From there, I can get vehicles onto ships, I can get supplies from both coasts easily. Texas also has the advantage of being "open for business" all year around with few days of snow or bad weather.

  4. Re:No web browsers on Bicycle Thief Barred From Using Encryption · · Score: 1

    Decrypts passwords? I know early versions of Windows which did that, but no modern OS ever would decrypt a password. Instead, the OS will take the inputted password, encrypt that against a random number (salt) a number of times (1000 for TrueCrypt for example), then check if the result is the same as a stored value. If it matches, the user is authenticated. The stored value can never be turned back into the user's password, just like a vat full of zombie parts can't be put together into an undead army by a chainsaw running in reverse.

  5. Re:Well, duh. on Why Facebook Won't Stop Invading Your Privacy · · Score: 2, Interesting

    The social stuff can work, but FB's app model is all or nothing. You hand over not just your info to any app developer who comes along, but your friends' info too. I have yet to see a FB app developer ask for anything less than the whole shebang for their stuff.

    The "love it or leave it" argument isn't valid either. I know when I was looking for work that I was turned down for jobs because I didn't have a FB profile, thus HR reps thought I was a dinosaur. I was even asked about it in interviews, and when I stated that I had no FB account, I'd get looked at like I just farted out a radioactive bunny which was playing the DN3D theme song. Employers actually look at candidate FB/Twitter/MySpace profiles these days. Some even demand full friend access. So, not having an account means hurting one's chances at finding gainful employment.

  6. Re:need more input on Bicycle Thief Barred From Using Encryption · · Score: 1

    I was stating attacks in general, be it local or remote. I can see a blackhat making a U3 USB flash drive that would if booted from check to see what encryption software (if any) was present and modify the MBR/boot track to save the passphrase for later pickup. If the machine was on, have it enumerate a keyboard or other device for various compromises.

    In any case, it is far easier to attack the endpoint than the cryptographic algorithm.

  7. Re:Well, rationally speaking... on Bicycle Thief Barred From Using Encryption · · Score: 5, Insightful

    I don't want bike thieves in jail. It wastes tax dollars having to give them room and board when there are tons of homeless people who would love a meal and a bunk somewhere.

    I rather see bike thieves pay restitution to the victim, and then have to work for community services, such as IMBA, to keep trails maintained. Perhaps a project to get new fixtures out for people to lock their bikes to, or just a good old fashioned litter patrol on bike paths. Or perhaps deploy and keep clean Porta-Potties on bike commute routes.

    Perhaps even teach some basic bike mechanics or other trade skills so they actually have something to offer an employer other than a mouth and an attitude. Even with an entry level job, they are paying taxes, and this is better than someone spending their lives watching TV 24/7 on the taxpayer dime.

    Keep the jails and the prisons for the violent criminals and repeat offenders. The others can be put on a work crew and actually do something useful and not draining taxpayer dollars.

  8. Re:need more input on Bicycle Thief Barred From Using Encryption · · Score: 1

    That battle was fought and lost in the mid 1990s. We came perilously close to becoming dependent on the Clipper Chip for encryption needs, even with the fact that Skipjack was broken quickly, and the LEAF fields could be zeroed out by blackhats.

    The front has moved from the encryption algorithm itself (the safe) to how it is implemented (the lock on the safe). A few ways to decrypt these days:

    1: Rubber hose decryption. Cheap, has an XKCD panel, low tech, and generally almost always works given enough "rounds". If really important, the rubber hose "decryption operators" can "invite" family and friends to the get together.

    2: Compromise of the host computer. This can be by a keylogger in software, a hardware keylogger (KeyKatcher), pushing out malware via an operating system's update facility just to one certain GUID or computer serial number, evil maid attack, or one of many numerous ways. In fact, the first thing the blackhats will do is gun for the endpoint because computers are so easy to compromise. TrueCrypt present? Easy to replace the MBR with a keylogger that sets aside the passphrase to part of the boot track for pickup later, and there are zero defenses against this [1].

    3: Compromise of the algorithm's implementation. If the algorithm is used in ECB mode, it is a lot less secure than modes which use block numbers and HMACs so two blocks with identical data have different cyphertext outputs.

    4: CAs. How can one be sure that some of the offshore CAs in your Web browser actually are honest in saying www.bank.com is really that, and not being paid to hand a www.bank.com cert to www.blackhatsrus.org? Only defense against this is the Certificate Patrol add-on to Firefox which notices different certificates, but because servers use different certs, this doesn't help much.

    So, yes, we have secure encryption, but where the blackhats gun for is the endpoints, the key management, and the actual users.

    [1]: The only defense against this type of attack is BitLocker and a TPM chip. Nothing else checks the integrity of the starting tracks in a tamper resistant way before starting the boot process. Yes, one can add CRCs to the MBR, but any good blackhat will just edit those checks out.

  9. Re:Well, duh. on Why Facebook Won't Stop Invading Your Privacy · · Score: 4, Insightful

    I am cynical, but if a site comes along that does respect user privacy, they won't make the ad revenue, unless other funding is obtained.

    FB does not make a dime from the people who have accounts with them, other than the gift services. The real customers are the advertisers and the developers like Zygna. To FB, account-holders are considered whining maggots, a necessary evil so advertisers can be handed their information and in return, hand FB cash.

    TANSTAAFL. Want to know how to change this? Have a social networking site paid for by either subscription fees, or by grants from governments/universities/funds in return for privacy/security guarantees of user data?

  10. Re:Encrypte Everything on UK To Track All Browsing, Email, and Phone Calls · · Score: 2, Informative

    Problem is that the Brits can hold someone they want indefinitely until they cough up an encryption key under the RIPA act. All they have to do is ask the person once a day for 20-30 days, and essentially that would be sentence to life in prison because each refusal is 2-5 years in the slammer.

  11. Re:That's it ? it's called Lion ? on Apple Announces iLife '11, FaceTime Mac, Lion, Mac App Store, MacBook Air · · Score: 1

    I wonder if 10.7 is going to be an evolutionary release like 10.6. I hope not. At least throw us poor end users a bone and have a filesystem made this millennium, such as ZFS. Windows has new versions of NTFS. AIX has JFS2. Linux has ext4 and btrfs. BSD has ZFS. Solaris has ZFS. OS X needs to get with the times.

  12. Re:USB thumb drive for OSX install disk! on Apple Announces iLife '11, FaceTime Mac, Lion, Mac App Store, MacBook Air · · Score: 1

    Call me insane, but I like the idea of having the OS on a read-only USB flash drive. What I'd do is buy 3-4 of those puppies. No worry about scratched DVDs if I have to restore from TM.

    I just hope Lion has the option to ship with those too. I'd buy multiple copies just so I have the OS available on a format that takes some expertise to kill. It beats trying to hack a U3 drive to have an ISO image on it.

  13. App Store looks interesting... on Apple Announces iLife '11, FaceTime Mac, Lion, Mac App Store, MacBook Air · · Score: 2, Interesting

    It gets rid of a lot of developer headaches, including finding a place with high bandwidth mirrors for consumers to download and fetch updates.

    Yes, Apple gets a 30% chunk, but IMHO, it is a good thing to have long term.

  14. Re:News? Not news. on Degraded Electrodes Observed In Aging Batteries · · Score: 1

    Very true, and an important concern. However, the average lifespan of a cap is definitely longer than a battery, especially if coupled with charging circuitry that can tell the dielectric is about to arc across and not keep stuffing farads in the thing.

    The problem is that caps don't have enough energy/weight to make them a battery replacement yet.

  15. Re:News? Not news. on Degraded Electrodes Observed In Aging Batteries · · Score: 1

    This is where we need supercap technology to actually get working and usable for small devices. This way, we can replace the batteries in hard to access devices with supercaps that don't depend on a chemical reaction to store charge, and can be charged/discharged millions more times than a battery.

  16. Re:Open? People break both open. on Steve Jobs Lashes Out At Android · · Score: 1

    The iPhone and Android are two different environments.

    My biggest gripe about iOS is that there is not a really good terminal program once it is jailbroken. The Mobile Terminal program available via Cydia bombs out on launch, so one has to either find the right repository, or manually ssh into the phone and fire off dpkg -i for a bare-bones terminal emulator that does somewhat work. On Android, terminal emulators are top notch, especially being able to handle tons of symbols needed for basic UNIX work.

    My second biggest gripe about iOS is that it is tied to iTunes. Android doesn't give a rat's ass what it is hooked up to. It is just as happy hanging off a Power Systems 795 as it is a Windows machine or a Mac. If I want to back up an Android device completely, I fire off nandroid and pop an image to the SD card. iTunes is required to activate/update/format iOS devices, and is needed if you want to copy apps, or back up your phone's data.

    Hardware-wise, Android phone makers need to find a standard port that can go against Apple's 30 pin connector. The reason why this connector is better than mini or micro USB is because it provides structural integrity, making it easy to use the device in a dock. One of the biggest selling points about iOS devices is that TVs, stereos, clock radios, and even some cars have a docking station with Apple's 30 pin connector ready to go. This standardization of accessories isn't present anywhere else.

    Software-wise, Google has done an awesome job with Android and security. My only complaint is that Android needs encryption of data, and the only encryption it does is to protect apps stored on the SD card. Android needs to be able to encrypt Exchange data and data stored on the SD card [1] for it to be taken seriously in the business world.

    Of course, the other concern is that there are no developer friendly phones being sold in the US. The N1 is discontinued, and there needs to be a developer phone that has a recent CPU and solid specs for Android 2.3, if not 3.0. As of now, there isn't one, and consumer phones are becoming more and more modder hostile every passing month. Google needs to get an ADP3 and ADP4 phone available for sale soon (one with a hardware keyboard, one without) in order to keep with the times. I would consider paying full price for a GSM based Android phone that has the latest generation of CPUs and other specs and doesn't do signed kernels, eFuses, reinstalls, and other crap. However, there exists no phone that can do this in the Android world as of now.

    [1]: This is easy to do -- loopback mount a card using LUKS, and the complete card is protected. An attacker would only be able to get a MBR filesystem table, and that is that. If this isn't the best thing, then go with a file based encryption system like EncFS. This is what Blackberries and Windows Mobile do for external memory card encryption.

  17. Tweetdeck's reply? on Steve Jobs Lashes Out At Android · · Score: 5, Insightful

    Didn't Dodsworth from Tweetdeck say that he had only two guys on the Android port, and fragmentation wasn't really an issue?

  18. Re:we dont need more processing power tho on One Step Closer To Speedier, Bootless Computers · · Score: 1

    I can see a lot of uses for CPU power:

    1: Shift to real time ray tracing in games. This is a task easily split up among a number of cores.

    2: Compression. This is a good way to maximize the use of RAM.

    3: Virtualization at the CPU instruction level. Want to P2V that old SGI Indy sitting around with Wavefront on it and have it function exactly as the hardware? Takes a lot of CPU cycle to do all the translation.

    4: Security. If every application on a machine could run in its own copy of Windows, using copy on write and deduplication to minimize the disk space impact, combined with Finder/Explorer showing only files in the application's document directory that are relevant, this would mean that an application, or an application instance can get completely roasted, but not affect anything other than that one VM. Right now, running desktop applications isolated at the VM level is slow due to the context shifts, even with paravirtualization. We get CPU speed up, this becomes a non-issue.

    5: More OS smarts. An OS can bundle an IDS, an integrity checker, better filesystem checking (64-128 bit checksums to find damaged/corrupted files), deduplication, and other tasks. With enough CPU power, the OS can periodically run a mini-fsck on filesystems to check for damage, as well as check system files against a manifest, and if one is damaged, replace it from either a stored file, or go out and grab a signed version from a repository.

    6: Technologies like ksplice to allow for security updates to be patched in without reboots.

    7: Software RAID. The advantage of having RAID handled by the OS is that it makes recovery of volumes easier if a controller card fails. With hardware RAID, one essentially is stuck trying to find the exact model and vintage of a controller because the RAID data stored on the drives is stored in a number of ways [1], or one hands it to a recovery expert team which hand pieces the bits together. Of course, there are other advantages of hardware RAID, but having software as a viable option is always a plus, especially on filesystems like ZFS which do more than just arrange incoming documents onto disk blocks.

    [1]: Metadata can be stored on the drives, just on the controller's flash, or both places, and this can change at any time, as well as the format of the metadata.

  19. Re:Wishful thinking... on One Step Closer To Speedier, Bootless Computers · · Score: 1

    Two reasons for that:

    1: End users value graphics over all else. Developers only have so many man-hours, so they either make their game work right, or they make it look pretty. Prettiness gets the games off the shelves and past the cash register. Having a game work in a tiny amount of RAM doesn't do this.

    2: Software developers are paid not to care about the size or quality of their code, but getting the job done. In most companies, all that matters is getting their product out to market with features promised by salespeople included. A developer won't get recognition if their code is small and works perfectly. They are better off financially writing code quickly and then once the release is done, handing it off to a maintaining group to deal with

    So, because of wanting features and wanting them now, as well as low expectations of consumers (who expect even console games to crash every couple hours, a market that used to *thoroughly* test their offerings before shipping, as there was only one chance to get a game right.), it is no wonder why we get such poor quality code. There is just no financial gain to actually do the job right. If you need something done right, it likely will be in the F/OSS market where people are writing code because they like to, and their release schedule is their own with no pressure to ship at a deadline.

  20. Re:Wishful thinking... on One Step Closer To Speedier, Bootless Computers · · Score: 1

    I can compare computer technology to a city like Houston or Dallas where it can expand in any direction. If computer hardware design hits a wall in one direction, say CPU clock cycles, another direction can be used (bigger caches, more cores, deeper pipelines.) Sometimes technology goes in a pendulum as well. Of course, eventually we will run out of room spreading out. Then it will be time for innovations that are not financially feasible now to come into play. Holographic storage for example. Right now, it tops at 1.6TB by InPhase's offering. I'm sure that if other methods of storage start to have diminishing returns, drive companies will go that route and we will see large scale improvements in removable storage.

    If nothing else, maybe the fundamental CPU architectures may end up redesigned, where RAM ends up bifurcated into an address space just for data and an address space for code.

    We also may see hardware computing innovate less for MIPS or MFLOPS, but instead focus on cost and energy conservation. For example, getting die sizes smaller means that more are able to be put on a wafer, as well as having more redundant areas on a die so that during testing if parts of the chip fail, others can be used and the chip still be shipped out and work reliably. (For example, a die would have 20 cores, but only 16 would be functioning so an imperfection that renders some cores unusable will not keep the CPU from being shipped.)

    What will stifle hardware innovation will not be research hurdles. It will be companies going with "good enough", or believing that their product is too good for end users like a Mac Pro Mini would be. A good example of this is innovation of the desktop. Os X still uses the NeXT application dock, although it looks completely different. Depending on the interface, Linux uses a dock-like panel. Windows still essentially has the same UI since Windows 95, except the Start button has become round. Another point of stagnation are games. There is little to no interest in writing anything groundbreaking, so in 10 years, we will have another Halo sequel, a Doom or Quake game, a Madden sequel, and sequels to the usual FPS games.

    Another concern is that what might force people to buy new hardware to keep the hardware companies may not be new GPUs or faster processors. It might be customers having to keep up to date with the DRM stacks. Jane buys a new copy of a must have FPS. Her PC doesn't have HDCP 2015, but only HDCP 2014, so can't run the game, and would have buy a new computer to run it.

  21. Re:FB Privacy...FWIW on Top Facebook Apps Violate Privacy Terms · · Score: 1

    At the extreme end, have a virtual machine with a Web browser in it that uses a proxy server, and have an account with zero friends whose only purpose in life is for FB apps. This way, they can send all the marketing crap they want to 22 acacia avenue. To boot, the VM will stop essentially all malware when rolled back, not to mention the persistent shared crap.

    This will work up to a point... if someone has to purchase cow clicks, most likely they will have to give their real ID info, which will immediately be added to existing profiles and up for sale in seconds.

  22. Re:wrong OS? on Desktop Linux Is Dead · · Score: 1

    Linux on the desktop has one main hurdle, the problem of Joe Sixpack.

    When Joe Sixpack wants a computer, he doesn't think or care about the OS on it. To him, the computer and the software are the same thing, just like the embedded program which gives the basic UI for his TV is. If Word or Windows has an issue, to him it is the same as a hardware problem. Joe won't actively seek out another OS. If he does, it will be because of Apple's ad campaigns.

    Of course, the "default" OS for any PC -- most likely Windows 7. Until Joe Sixpack mentally separates out the OS from the hardware, this problem will be with us.

  23. Re:We chose to build on Generic PCs For Corporate Use? · · Score: 1

    Careful on the Microsoft licensing. Most VLK agreements state that the box must have an OEM or retail license of Windows on it, either a COA sticker on the machine, or a COA card. OEM licenses do not transfer to new machines. Just make sure you are OK in this department regardless of buying from Dell, HP, Foxconn, or a system builder.

  24. Re:It's happening. No more "long tail". on Why the Web Mustn't Become the New TV · · Score: 1

    It is only going to get worse if nothing is done:

    IPv6 is paralyzed in adoption. This means that v4 addresses will go up in price, eventually to a point where average people can't have their own website.

    No such thing as net neutrality. ISPs can easily refuse to carry traffic of people they don't like, or charge their customers per byte for any sites not their blessed tier.

    Closed environments are going to migrate from devices to the desktop in operating systems like ChromeOS, except without a developer toggle.

    Laws are starting to affect people in regions far away from where they live and do business. It is only a matter of time before some post by a guy in California is against the law in some city in another state, resulting in the poster being arrested and shipped to that other state for trial.

    Long term, if nothing is done, we will see the desktop computer evolve into a TV set-top box, and the Internet changing into Compuserve, with a login before one can send a single packet. Of course, this will be easily hacked by anyone with a clue, but the days are coming to an end of being able to post something in privacy castigating some policy in one country without worrying about being extradited to that country if nothing is done.

  25. Re:Nothing you cannot already get. on Verizon Will Sell iPad+MiFi Bundles, Starting Oct 28th · · Score: 1

    Sprint had a deal for a week or so for a MiFi like device for $25, then $25 a month. The downside? It checked the MAC address, and only allowed iOS devices to connect.

    Best of all worlds? Buy a 3G iPad, and a Clear device (like the Rover Puck.)