From what I read, the ChromeOS devices will be locked down with a TPM system similar to the PS3. But, if the Wiki is right, you just flip a switch on the bottom of the machine, and you can get root access. I like the idea, because Joe Sixpack can watch pr0n and not get his system trashed because he has no clue, nor inclination to follow basic security guidelines.
Personally, I wish Google could allow apps on it with a similar security model as Android. This way, if my Web browser gets compromised though an add-on exploit, it won't be able to access my word processing documents, nor my Thunderbird E-mail files. And if any of these apps demanded root, unless it had a specific reason for asking for it (like a backup program or a root file manager), it most likely is compromised.
OB Car analogy: There are far more wrecks done in Honda Civics than Chevy Corvettes. Therefore, Hondas are not safe. This logic is flawed because there are a lot more Hondas on the roads than Corvettes, so if a Honda is a lot more safe, because there are far more people driving them, they will have more smash-ups.
I'm not a MS shill, but this applies to Windows. There are a lot of people out there who don't care to, or don't know how to properly admin a computer. This is why on Windows Phone 7, Microsoft chose a completely locked down app model, so they don't continue to get brickbats for security issues that are not their fault.
Statistically, MS gets some very unclued users. People buy a cheap PC at Wally World, plug it in, maybe get their IT bud down the street to get it on some form of broadband (or have the cable/DSL company do it for them), and they start browsing pr0n. Eventually they will click on some site that requires a "nudie viewer" or something like that that requires installation. From there, their machine is compromised and handed over to botnets. The only way to deal with the dancing bunny problem is either user education or wholesale lockdown of machines. And user education does not work for a lot of people.
This is the classic dancing bunnies problem. Clued users would know what to do. Joe Sixpack will click "deny", find that his app doesn't work, so will just click "allow all" so he can see the dancing bunnies, just as he clicks "install" on his Windows box, then wonders why his WoW account's password got changed.
Of course, the most idiot-resistant way is Apple's method. I'm sure one of the reasons that MS is going with the walled garden approach is that they are tired of getting the blame when people install Windows, don't follow any basic security principles (like not installing random.EXE files pushed on them from pr0n sites), and MS gets a black eye for their failure to zip their fly in public. For Joe Sixpack, taking away the decision of allow or denying by rights may be a very good one, just like (obligatory car analogy) not everyone is allowed to drive unless they at least take a test to know the rules of the road.
This is why install-time asking of privs is probably the best compromise out there between complete lockdown and no protection against malware. If an app needs to do something that it doesn't have current ability to do with security settings, the developer can push out an update that will have the added permissions required in the manifest. This way, a user that sees a game ask for contact access, phone access, SMS access, access to network, and access to read/write other app files would likely at least start wondering, if not actually not install the app in the first place.
I do wish for finer grained access controls with Android. It would be nice to have apps be able to list in their manifest if they just communicate with one site (say a game that uploads high scores), multiple sites (a MMO), or anywhere on the Internet (a Web browser.) This way, a game can be locked down to not be useful as a botnet client. Of course, if the dev needs more servers, it is easy to push another update to the Android Market that would specify the new server array in the manifest.
I am actually a bit miffed at MS for taking the easy way out and doing this. Why couldn't they make a permission/security system that would both work with legacy programs, but still provide protection against rogue apps on legacy systems? There are already third party firewall programs for WM, it wouldn't be hard for Microsoft to integrate that functionality in and have apps either request permission on install (like Android), or before use (like Blackberries).
What made Windows Mobile so attractive for a platform pre-7 is the fact that I could run almost anything on my WM device, including onboard E-mail that supported client certificates. Since WM 7 is another walled garden, it means that if I want custom apps, I have to look elsewhere.
Android isn't perfect either. I wish Google would come out with an ADP3 that is already rooted, has a quality fastboot and recovery mode, and would support custom ROMs out of the box without needing a "gold card" exploit. Android developers are not the ones pirating apps [1], and someone who buys a phone from the Android Store is clued enough to know the ramifications of the "#" prompt, fastboot, and custom ROM issues. The N1 comes close, but it still requires an exploit to get rooted, and the warranty on the phone is voided as soon as one does that. I'd love to see a slider with a hardware keyboard, but that's just my personal taste.
[1]: As a modder, I have nothing but contempt for app pirates. Apps are not expensive. Pirates are one of the reasons that make phone makers and cellular carriers put more and more roadblocks to make custom ROMs, much less even root their devices. The only excuse/justification of this would be that an app might be available on one country and not in another.
Android's permissions are either all or nothing when it comes to Internet access. And some apps just ask for that permission for no real reason.
Best way to deal with that is to have a rooted phone and Droidwall. However, this won't protect against an app that was installed that was given capabilities of dialing and sending/receiving SMS/MMS items.
Another item to have is an app called autostarts. You would be surprised on what apps want to hook where.
I was waiting for people to make apps using it as a DAW. The first time I saw it announced, I thought it would make an excellent control surface for a musician. It can either be used via BlueTooth or the connector as a graphical "dumb terminal" telling the music program running on a computer what dials and sliders the user has changed, or it has enough CPU to mix and do effects on some amount of music (I'd probably say at least 4 tracks at CD quality, possibly a lot more.)
No, it wouldn't replace a 48 track mixing deck with motorized faders, but it can offer a musician a lot of control for a decent price that they wouldn't have otherwise.
There is one way to deal with an application that requires multiple UAC prompts because it runs a number of sub-programs that need elevation: Run an elevated command prompt (right click on the command prompt, select run as administrator). This way, the application installs happily with whatever rights it needs, and doesn't continue to prompt.
Of course, this assumes a known, trusted application installer where the Authenticode signature matches.
Even better would be a guide for modders for Android phones. It would feature things critical to technical people:
Rootability. If all it takes is one procedure to do it and it stays rooted, without the maker doing OTA updates to close holes or trip already rooted installs, this is vital. Devices which are root hostile (having signed Linux kernels, disabled fastboot, etc) should be steered away from.
Availability of images and source code. HTC has a vibrant modding community because of this. Other makers of handsets tend to not put out much for modders to build on, or have active roadblocks in the way.
This way, people can steer clear of devices that are locked down so much they are unusable, while allowing people to patronize companies and models that allow for this type of customization. It isn't like the phone makers are losing money, as most people end up with 2-3 year contracts. By then people change out their phones anyway.
There are a lot of other things fast connections can provide. One of which is a hybrid render/stream service. This way, a game that has very detailed 3D graphics can have the frames rendered on a large server somewhere, then the result streamed to the machine. This would allow people to play games with excellent resolutions on old hardware. Of course, there would be latency issues, but this would be something ideal for playing 3D games on 2D devices, such as tablets, or smartphones without having to have the requirement of a state of the art GPU array.
The parent is right. I can see three devices people would buy:
A Web appliance: This has been tried repeatedly in the past and has failed. But I can see people wanting a limited function machine with a similar architecture like the iPad and iPhone, but with the ability to print. Couple this with automatic backups to the cloud, and this would be something that people would buy, just to have some way of doing computing on a decent-sized monitor, keyboard, and mouse, but with a closed architecture protecting against malware. People are tired of worrying if their computer got hacked on Windows. Already, I know people who have bought iPads to try to replace their main computers because there is almost no risk of getting malware or a keylogger on the machine, and they can do basic Internet stuff like E-mail, banking, and reading the Web.
A lot of people are just tired of worrying about getting their computer hacked, and are not interested in doing basic security tasks. Them moving to a closed platform might be an improvement. At least browsing pr0n sites wouldn't insta-infect them. It would be a net gain for everyone. They benefit by not being compromised and their computer not a botnet client. They also benefit by knowing a platform that likely will not change much. Other people on the Net benefit by one less machine that is a potential spambot. Of course, no environment is 100% secure, but for a user that can't/won't do basic computer security procedures, having it done for them is a benefit to everyone.
A set-top box: Take an AppleTV. Add to it a gaming console where games are both downloaded to it as well as purchased on discs (BD-ROM comes to mind.) If Apple got some solid game companies behind them (EA, Atari, etc.), they would sweep the console market like they did the MP3 player market. If Apple had a good downloadable game market, indie game makers would flock to this platform and make decent games, both demos and full versions. The big names would also come in for a share too. Look at the money the larger iPhone app makers are getting every day. If Apple allowed indies to make games for a console, they might end up sweeping this market.
A home server: This would be a machine that would have some sort of RAID array in it (two mirrored drives at the least, or perhaps an ultra-reliable SLC flash drive at the high end), and stream music and movies to the set top boxes. Apple would have a deal with movie producers that Blu-Ray disks could be read and the contents stored on the machine, so anyone connected could stream the movie to their TV or device without facing the wrath of the MPAA. This would be more than just a Time Capsule or wireless NAS. It would offer Time Machine like transparent backups on Windows, and using deduplication, a number of machines can be backed up, with only the documents taking more than one copy. It might even back up documents to the cloud as an extra layer of security and accessibility. Of course, there exist devices which do all this, but I'm sure Apple would have a market with a device like this that has a solid UI.
Now for blue-sky stuff which wouldn't be in Apple's business market:
Printers: Apple used to have some excellent laser printers. Maybe its time for a new Color LaserWriter, a printer that has a price premium, but used PostScript and has drivers that work across Linux, Windows, OS X, and even allows iPhones and iPads to print to it. I know a number of people who would love to have an Apple printer because they remember the old workhorses of the past, either the LaserWriters, or even the ImageWriter dot matrix series back when the Mac came out. Even if Apple made an inkjet printer that had a standardized cartridge format, and decent capacity cartridges so 1-2 color pages wouldn't exhaust them, I'm sure they would wind up in a lot of households. I know people who would love to have everything be all Apple.
External hard disks: Not just storage for Time Machine backups like Time Capsules, but external hard d
Sony was also on the cutting edge of devices. I remember a MP3 (well, technically ATRAC3 because any music you had, had to be transcoded to the DRM-ed format) player from Sony that was shaped like a pen, and played a decent amount of music for its day. However, Sony made the mistake of going insane with SDMI compliant DRM, which caused people to just not bother. (Early on, you couldn't copy/delete files. You had to check in and out music, since it only allowed three copies per song.) Sony finally learned their lesson and started making "normal" MP3 players, but by that time, it was too late. The fact that Sony went ape over DRM has only done them long term harm, and even today it is causing them lawsuits with the disabling of advertised features on the PS3.
Because of the heavy DRM by Sony, when Apple came on the market, people picked up their offering and liked it since it didn't treat them like prison inmates. You could copy files to your device, and you could copy files from the device with a little bit of know-how. The next generation of iPod cemented this lead and gave Apple the mantle of leadership. Apple's music store had DRM, but it wasn't in your face, limiting you to three songs, demanding you authorize to restore your collection, allowing you to use more than one machine or hard disk, and not preventing you from upgrading your OS. It also allowed a person to burn a CD, which obviously gave quality loss, but it was a way to use FairPlay protected songs on a non Apple player, compared to no way on the early software Sony shipped. You even could use the first iPod as a backup hard disk for vital files, which at the time, few MP3 players allowed without special drivers.
Where Apple succeeded where others failed is by not just going into new markets and making it popular to have a smartphone, a tablet device, or a MP3 player, but by offering what people want or need. As soon as the tablet device market slows down and enters a saturation phase, Apple is going to find somewhere new to create a market. Perhaps it might be media PCs with a service like Hulu or Netflix effortlessly streaming movies to peoples' TVs. Perhaps they will get the rollup LCD technology into a marketable product and make large screen TVs that can take up a wall without much hassle. Perhaps it might be an "all in one" TV set top box, where it acts as a game console with downloadable apps, a DVR, a streaming movie service, a file server similar to a Time Capsule which automatically backs up to a cloud. Regardless, Apple is going to do something new once existing markets for their devices reach saturation.
The critical thing are two numbers: Bandwidth and latency. Right now, 3G (and 3.5G) may use different protocols for voice and data, but you can do both on an AT&T and T-Mobile phone. True 4G runs everything on the IP network. However, that shouldn't be a big deal.
I have read some mention T-Mobile's "3.5g" performance, and they give Sprint/Clear's 4G a run for the money. Depending on location, T-Mobile can be significantly faster. Another advantage of HSPA+ is that updates require more of a "reflash" rather than hardware radio upgrades of towers, so in theory this should be easier for T-Mobile to roll out as opposed to new WiMax towers for Sprint.
So, taking a 3.5G network over a 4G one? Sure. If it can do the numbers and not have obnoxious bandwidth caps or charges, I don't care if the packets are going over HSPA+ or WiMax.
I'm sure eventually T-Mobile will end up moving to LTE, but being able to quickly roll out a speed boost without a major buildout will help in the interim.
I think it would be nice to have both. My experience with DSL is that it has low latency. Combine that with a 4G connection from an Evo, and bulk data transfers can go through the 4G network where latency isn't an issue. Time sensitive items such as video streaming, ssh sessions, and online gaming go through the DSL pipe.
4G has some very good advantages. One of the biggest is that no wiring is needed, other than plugging the WiMax router into a 120VAC source.
The good news is that the 4G appears to be already rooted, with YouTube videos showing a working su on the device. This means that if you don't get an official update to FroYo, some modder will have an unofficial update working on the platform, so you will be able to use some type of update.
Now, I wish someone can come out with a similar device, but with a sliding keyboard similar to the Droid. Maybe its just me, but doing a VT100 terminal without a hardware keyboard is a PITA, even with Swype, especially doing control characters.
The one thing I can say about HTC is that rooting their phones has been easy, not to mention that they give out reference stuff for their phones so modders can mix and match, as well as have the critical pieces in place to support the phone's core functions. Other Android handset makers are nowhere near as good in this area.
Maybe 5/6G would be worth it if in the US, we can get the CDMA and GSM providers to agree on a single standard. This way, they can do tower sharing as opposed to inundating an area with multiple antennas for coverage. I doubt it though -- if carriers make it impossible to jump to another carrier with the same unit (either differing bands for the same communication like 3G, or different radio protocols like GSM/CDMA), they make more money.
Historically, this is something I agree with you 100%, although I have not seen this issue with Windows 7 [1] yet so Microsoft might have finally put the final nail in this monster's coffin. The machine or laptop would suspend... then just not wake up, and require a complete power cycle. Since this always has plagued my laptops since I've been using them (from the windows 3.1 days), I thought it was par for the course...
Until the Macbook I bought for my student days never had this problem. Close the lid, it suspends. Open it, it pops back to life. If the batteries die, it reloads the hibernate image and starts working after power is restored. Never has it suspended and required a complete reboot, or just given up and blue-screened.
I do disagree about the viruses and such. Windows is the primary target for attackers, so more attention needs to be paid to security. For example, if you can, never browse the Web as an administrative user, or the same user that has all your documents. Or, always making sure to run some type of adblocking software, be it an extension like AdBlock or a loopback proxy server like Privoxy. Of course, knowing if a UAC request is valid or bogus is a help too. Running an alternative Web browser also helps too since even though IE has a good rep for security, it is what the bad guys are spending the most maggot-hours trying to compromise.
[1]: I can't blame MS on this exclusively. There are an almost infinite combinations of hardware, software, and drivers so it could be any type of program that screws a laptop's suspending. However with the overhaul of drivers in Vista and W7, this seemed to go a long way in addressing the suspend problem.
4: Students. For student life away from home, a 15" MacBook Pro or other laptop is ideal. Universities tend to have a large Mac installed base so it helps with getting documents just in the right format that profs want, and some professors prefer Pages to Word, and it might be the thing that sets one grade from another not having to convert a file. Other profs run Windows, and it is quite easy to install BootCamp or a VM program and run the needed applications there. Plus, Macs are built well, so a laptop can stand 4-5 years of college life without hopefully too much damage. This doesn't say that PC laptops are bad, but just Macs are better suited due to what tends to be the installed base at universities.
5: Dedicated tasks. If I were doing pro audio, there is something to be said about Logic Studio. This way, if something happens, I can call Apple. Since they make the hardware, OS, and application, no matter what happens, it is one number to handle the issue, regardless where the problem lies. I'm sure everyone has dealt with PC vendors and even UNIX vendors that the first thing they do is try go pass the buck. This is the same reason why some vendors go with a complete HP, IBM, or Sun/Oracle solution and pay the big bucks. They want the problem solved on production critical hardware, not bounced between companies. This also applies to photo work. For home users who are not technical, being able to call Apple or hit an Apple store to actually talk with someone alive is worth it, even if they just use Pages. One thing Apple has not cut corners on is customer support (and I don't mean usage questions), and this is one point about most other PC vendors that has gotten worse and worse.
Even if the SSID isn't broadcast, it is still findable by a decent wardriver.
My view on wireless security is twofold:
First, if nothing is using the wireless router, most routers have a checkbox to turn the wireless off, or just physically detach the power and network cords. An attacker can't attack what isn't available.
Second, WPA2-PSK at the minimum, maybe WPA if some old device can't be updated to use it. Ideal would be WPA2-Enterprise and a RADIUS server, and the best is authentication using smart cards, but some devices like Android phones don't work with WPA2-Enterprise. Of course, a random PSK passphrase goes without saying. Easy to do -- grab KeePass, tell it to do a random 63 character passphrase, copy and paste it to the AP and devices. Or if one doesn't trust a program, there is always DiceWare.
After these two things, stuff like hidden SSIDs and MAC address validation are icing on the cake. If it makes someone feel better that it might deter a casual attacker, go ahead. However, I just don't bother, because the security obtained isn't worth the hassle, and anyone who knows their stuff can easily bypass both methods.
The problem is that nuke plants have been at a standstill since the Carter days. What would be the best solution would be a large scale desalination plant system powered by nuclear reactors near enough so voltage losses are minimal, but far enough away that a disaster wouldn't contaminate the water supply. Combine both of these with a large pipeline similar to how oil gets across Alaska, and this would go a long way to ending the water fights in the western part of the US.
One thing I discovered is that some mainstream brands of wireless APs are *still* defaulting to wireless enabled, completely open. They could at least print some random diceware-esque code (so the words are easy to remember, but the WPA key is of a decent length) on the bottom of the machine (or even better, hot-stamp it into the plastic so the printing doesn't rub off.)
I also have seen devices grab a firmware upgrade without anyone knowing, reset to a default config, and since the LAN is so standard, nobody notices that the WPA settings dropped because all the machines ended up just connecting openly when the WPA2 preshared key didn't work.
My take: Grey area as the AC said. Mainly because an open wireless connection could be looked at as an invitation for anyone to hop on, as in a coffee shop (so permission is implicit), or it can be looked at as a personal connection because the router defaulted that way (so permission needs to be explicit like entering a house.) Most likely this would get settled in the courts how the side with the deepest pockets wants it settled, likely where the open wireless owner is responsible for everything and anything that goes through their device.
IIRC, even the CentOS tracker supports encryption. Granted, it is only RC4, but the reason it is present is to prevent an attacker in the chain from attacking what is being shared directly. Of course, the tracker will know IP addresses, as well as everyone in the swarm, so the encryption is useful for dealing with arbitrary throttling, but not hiding where one's origins are.
Barring either of those, I wonder with the advent of Linux VPS hosting that more people won't go in and create a Linux VM whose sole purpose in life is to host VPN services where all your Internet traffic goes to that remote place, including DNS. Perhaps at the minimum have a HTTP or SOCKS proxy.
From what I see, the jury is still out on commercial proxy services and packet log retention. There have been allegations of some not just logging packets but keeping IP logs permanently. Other proxies have a distinct log rotation policy because they need to keep some type of audit trail in case they get hacked. However, as of now, the only person I know that has ended up facing civil/criminal charges and caught while using a proxy was the guy who allegedly accessed Palin's Yahoo E-mail account.
Commercial proxy services are important to security. I use a proxy server when on my laptop, because there are a lot of dodgy open wi-fi points, and having a connection to strongvpn.com or another proxy means that a blackhat who owns the wireless AP only sees the encrypted VPN traffic and can't do much to the connection other than throttle or kill it. Since most Web based E-mail sites (except for Exchange OWA and Gmail) only use SSL for authentication, an attacker who owns an AP can get a lot of information about an individual, and a more sophisticated attacker could hijack the connection and use the account as launching points for ID theft. Having a proxy means that only the people between the VPN service and the E-mail service can sniff the connection, and there is far less chance of an attack happening there as opposed to a compromised wireless AP run by a blackhat, or a dodgy local ISP.
Since I don't use proxies for P2P, I have zero clue how well they actually will protect someone in case someone tries to trace an IP through one. Maybe someone else who is more clued into this might have the answer.
Clear is trying to compete with the cable and DSL companies. If they have a 5 GB/month quota, after Joe Sixpack gets his Windows boxes updated, his Adobe CS suite, World of Warcraft, and maybe downloads a DVD or pr0n, that limit would be more than used up, Joe Sixpack would be yelling at the Clear guys, and switching back to cable/DSL.
I'm sure eventually there will be metered pricing on all ISPs sometime. Lets just hope it doesn't add too much to the monthly bill.
Low level formatting used to be an essential part of daily life back in the days of SCSI1, MFM, floppies (8"/5.25"/3.5"), and Iomega Bernoulli drives. The reason is that it would do an erase pass, checking writability, then do a read, checking if there were bad sectors. In these days, drives had no sector relocation tables, so a bad block will show up as a bad block as opposed to a modern drive where an entry is put in a translation table, and the bad block is relocated to some good sectors [1]. So, having the bad sectors mapped out was important, and it was recommended to periodically reformat so any iffish sectors would be found and marked unusable.
The biggest use for a true low level formatting these days is to have a drive mark all the bad sectors as bad, and clear the relocation table out. This way, a drive that has a table almost full now has an empty place, the bad sectors won't be used, and data will get relocated if there are issues. However, only a few drives handle this type of low level formatting.
These days, if you issue a low level format command to a drive, most likely the drive will just read every sector, mark any marginal or unreadable sectors as bad and call it done, as opposed to a complete zero out. If you want a true zeroization, you need to do a secure erase, (HDDUtil is one product that even though it hasn't been maintained in a few years, will zero out a drive via this method.)
Flash drives, I have yet to hear of a low level format utility. Because things change in how raw memory cells are addressed, translated, etc, one utility won't fit all. However, it would be nice to have a format utility which would zap the translation tables, and start from scratch everywhere but the wear leveling data. Even better, it would zero all blocks regardless for maximum security, even those marked bad or relocated. Best of all would be a Flash drive that upon an erase would generate a new random key, and start storing data AES encrypted with that new key, so any old data would be completely useless.
[1]: This is in theory. Sometimes the relocation table does get full on drives which should tell the drive to tell SMART to go into pre-fail warning status, since bad blocks will start showing up.
2GB a month wouldn't handle my software updates, even if I used WSUS. Recently, my Mac slurped up a 300MB update, my Windows machines with their apps required a sizable amount of updates, my CentOS machine grabbed a large amount of updates. This alone would fill up a 2GB/month connection.
From what I read, the ChromeOS devices will be locked down with a TPM system similar to the PS3. But, if the Wiki is right, you just flip a switch on the bottom of the machine, and you can get root access. I like the idea, because Joe Sixpack can watch pr0n and not get his system trashed because he has no clue, nor inclination to follow basic security guidelines.
Personally, I wish Google could allow apps on it with a similar security model as Android. This way, if my Web browser gets compromised though an add-on exploit, it won't be able to access my word processing documents, nor my Thunderbird E-mail files. And if any of these apps demanded root, unless it had a specific reason for asking for it (like a backup program or a root file manager), it most likely is compromised.
OB Car analogy: There are far more wrecks done in Honda Civics than Chevy Corvettes. Therefore, Hondas are not safe. This logic is flawed because there are a lot more Hondas on the roads than Corvettes, so if a Honda is a lot more safe, because there are far more people driving them, they will have more smash-ups.
I'm not a MS shill, but this applies to Windows. There are a lot of people out there who don't care to, or don't know how to properly admin a computer. This is why on Windows Phone 7, Microsoft chose a completely locked down app model, so they don't continue to get brickbats for security issues that are not their fault.
Statistically, MS gets some very unclued users. People buy a cheap PC at Wally World, plug it in, maybe get their IT bud down the street to get it on some form of broadband (or have the cable/DSL company do it for them), and they start browsing pr0n. Eventually they will click on some site that requires a "nudie viewer" or something like that that requires installation. From there, their machine is compromised and handed over to botnets. The only way to deal with the dancing bunny problem is either user education or wholesale lockdown of machines. And user education does not work for a lot of people.
This is the classic dancing bunnies problem. Clued users would know what to do. Joe Sixpack will click "deny", find that his app doesn't work, so will just click "allow all" so he can see the dancing bunnies, just as he clicks "install" on his Windows box, then wonders why his WoW account's password got changed.
Of course, the most idiot-resistant way is Apple's method. I'm sure one of the reasons that MS is going with the walled garden approach is that they are tired of getting the blame when people install Windows, don't follow any basic security principles (like not installing random .EXE files pushed on them from pr0n sites), and MS gets a black eye for their failure to zip their fly in public. For Joe Sixpack, taking away the decision of allow or denying by rights may be a very good one, just like (obligatory car analogy) not everyone is allowed to drive unless they at least take a test to know the rules of the road.
This is why install-time asking of privs is probably the best compromise out there between complete lockdown and no protection against malware. If an app needs to do something that it doesn't have current ability to do with security settings, the developer can push out an update that will have the added permissions required in the manifest. This way, a user that sees a game ask for contact access, phone access, SMS access, access to network, and access to read/write other app files would likely at least start wondering, if not actually not install the app in the first place.
I do wish for finer grained access controls with Android. It would be nice to have apps be able to list in their manifest if they just communicate with one site (say a game that uploads high scores), multiple sites (a MMO), or anywhere on the Internet (a Web browser.) This way, a game can be locked down to not be useful as a botnet client. Of course, if the dev needs more servers, it is easy to push another update to the Android Market that would specify the new server array in the manifest.
I am actually a bit miffed at MS for taking the easy way out and doing this. Why couldn't they make a permission/security system that would both work with legacy programs, but still provide protection against rogue apps on legacy systems? There are already third party firewall programs for WM, it wouldn't be hard for Microsoft to integrate that functionality in and have apps either request permission on install (like Android), or before use (like Blackberries).
What made Windows Mobile so attractive for a platform pre-7 is the fact that I could run almost anything on my WM device, including onboard E-mail that supported client certificates. Since WM 7 is another walled garden, it means that if I want custom apps, I have to look elsewhere.
Android isn't perfect either. I wish Google would come out with an ADP3 that is already rooted, has a quality fastboot and recovery mode, and would support custom ROMs out of the box without needing a "gold card" exploit. Android developers are not the ones pirating apps [1], and someone who buys a phone from the Android Store is clued enough to know the ramifications of the "#" prompt, fastboot, and custom ROM issues. The N1 comes close, but it still requires an exploit to get rooted, and the warranty on the phone is voided as soon as one does that. I'd love to see a slider with a hardware keyboard, but that's just my personal taste.
[1]: As a modder, I have nothing but contempt for app pirates. Apps are not expensive. Pirates are one of the reasons that make phone makers and cellular carriers put more and more roadblocks to make custom ROMs, much less even root their devices. The only excuse/justification of this would be that an app might be available on one country and not in another.
Android's permissions are either all or nothing when it comes to Internet access. And some apps just ask for that permission for no real reason.
Best way to deal with that is to have a rooted phone and Droidwall. However, this won't protect against an app that was installed that was given capabilities of dialing and sending/receiving SMS/MMS items.
Another item to have is an app called autostarts. You would be surprised on what apps want to hook where.
I was waiting for people to make apps using it as a DAW. The first time I saw it announced, I thought it would make an excellent control surface for a musician. It can either be used via BlueTooth or the connector as a graphical "dumb terminal" telling the music program running on a computer what dials and sliders the user has changed, or it has enough CPU to mix and do effects on some amount of music (I'd probably say at least 4 tracks at CD quality, possibly a lot more.)
No, it wouldn't replace a 48 track mixing deck with motorized faders, but it can offer a musician a lot of control for a decent price that they wouldn't have otherwise.
There is one way to deal with an application that requires multiple UAC prompts because it runs a number of sub-programs that need elevation: Run an elevated command prompt (right click on the command prompt, select run as administrator). This way, the application installs happily with whatever rights it needs, and doesn't continue to prompt.
Of course, this assumes a known, trusted application installer where the Authenticode signature matches.
Even better would be a guide for modders for Android phones. It would feature things critical to technical people:
Rootability. If all it takes is one procedure to do it and it stays rooted, without the maker doing OTA updates to close holes or trip already rooted installs, this is vital. Devices which are root hostile (having signed Linux kernels, disabled fastboot, etc) should be steered away from.
Availability of images and source code. HTC has a vibrant modding community because of this. Other makers of handsets tend to not put out much for modders to build on, or have active roadblocks in the way.
This way, people can steer clear of devices that are locked down so much they are unusable, while allowing people to patronize companies and models that allow for this type of customization. It isn't like the phone makers are losing money, as most people end up with 2-3 year contracts. By then people change out their phones anyway.
There are a lot of other things fast connections can provide. One of which is a hybrid render/stream service. This way, a game that has very detailed 3D graphics can have the frames rendered on a large server somewhere, then the result streamed to the machine. This would allow people to play games with excellent resolutions on old hardware. Of course, there would be latency issues, but this would be something ideal for playing 3D games on 2D devices, such as tablets, or smartphones without having to have the requirement of a state of the art GPU array.
The parent is right. I can see three devices people would buy:
A Web appliance: This has been tried repeatedly in the past and has failed. But I can see people wanting a limited function machine with a similar architecture like the iPad and iPhone, but with the ability to print. Couple this with automatic backups to the cloud, and this would be something that people would buy, just to have some way of doing computing on a decent-sized monitor, keyboard, and mouse, but with a closed architecture protecting against malware. People are tired of worrying if their computer got hacked on Windows. Already, I know people who have bought iPads to try to replace their main computers because there is almost no risk of getting malware or a keylogger on the machine, and they can do basic Internet stuff like E-mail, banking, and reading the Web.
A lot of people are just tired of worrying about getting their computer hacked, and are not interested in doing basic security tasks. Them moving to a closed platform might be an improvement. At least browsing pr0n sites wouldn't insta-infect them. It would be a net gain for everyone. They benefit by not being compromised and their computer not a botnet client. They also benefit by knowing a platform that likely will not change much. Other people on the Net benefit by one less machine that is a potential spambot. Of course, no environment is 100% secure, but for a user that can't/won't do basic computer security procedures, having it done for them is a benefit to everyone.
A set-top box: Take an AppleTV. Add to it a gaming console where games are both downloaded to it as well as purchased on discs (BD-ROM comes to mind.) If Apple got some solid game companies behind them (EA, Atari, etc.), they would sweep the console market like they did the MP3 player market. If Apple had a good downloadable game market, indie game makers would flock to this platform and make decent games, both demos and full versions. The big names would also come in for a share too. Look at the money the larger iPhone app makers are getting every day. If Apple allowed indies to make games for a console, they might end up sweeping this market.
A home server: This would be a machine that would have some sort of RAID array in it (two mirrored drives at the least, or perhaps an ultra-reliable SLC flash drive at the high end), and stream music and movies to the set top boxes. Apple would have a deal with movie producers that Blu-Ray disks could be read and the contents stored on the machine, so anyone connected could stream the movie to their TV or device without facing the wrath of the MPAA. This would be more than just a Time Capsule or wireless NAS. It would offer Time Machine like transparent backups on Windows, and using deduplication, a number of machines can be backed up, with only the documents taking more than one copy. It might even back up documents to the cloud as an extra layer of security and accessibility. Of course, there exist devices which do all this, but I'm sure Apple would have a market with a device like this that has a solid UI.
Now for blue-sky stuff which wouldn't be in Apple's business market:
Printers: Apple used to have some excellent laser printers. Maybe its time for a new Color LaserWriter, a printer that has a price premium, but used PostScript and has drivers that work across Linux, Windows, OS X, and even allows iPhones and iPads to print to it. I know a number of people who would love to have an Apple printer because they remember the old workhorses of the past, either the LaserWriters, or even the ImageWriter dot matrix series back when the Mac came out. Even if Apple made an inkjet printer that had a standardized cartridge format, and decent capacity cartridges so 1-2 color pages wouldn't exhaust them, I'm sure they would wind up in a lot of households. I know people who would love to have everything be all Apple.
External hard disks: Not just storage for Time Machine backups like Time Capsules, but external hard d
Sony was also on the cutting edge of devices. I remember a MP3 (well, technically ATRAC3 because any music you had, had to be transcoded to the DRM-ed format) player from Sony that was shaped like a pen, and played a decent amount of music for its day. However, Sony made the mistake of going insane with SDMI compliant DRM, which caused people to just not bother. (Early on, you couldn't copy/delete files. You had to check in and out music, since it only allowed three copies per song.) Sony finally learned their lesson and started making "normal" MP3 players, but by that time, it was too late. The fact that Sony went ape over DRM has only done them long term harm, and even today it is causing them lawsuits with the disabling of advertised features on the PS3.
Because of the heavy DRM by Sony, when Apple came on the market, people picked up their offering and liked it since it didn't treat them like prison inmates. You could copy files to your device, and you could copy files from the device with a little bit of know-how. The next generation of iPod cemented this lead and gave Apple the mantle of leadership. Apple's music store had DRM, but it wasn't in your face, limiting you to three songs, demanding you authorize to restore your collection, allowing you to use more than one machine or hard disk, and not preventing you from upgrading your OS. It also allowed a person to burn a CD, which obviously gave quality loss, but it was a way to use FairPlay protected songs on a non Apple player, compared to no way on the early software Sony shipped. You even could use the first iPod as a backup hard disk for vital files, which at the time, few MP3 players allowed without special drivers.
Where Apple succeeded where others failed is by not just going into new markets and making it popular to have a smartphone, a tablet device, or a MP3 player, but by offering what people want or need. As soon as the tablet device market slows down and enters a saturation phase, Apple is going to find somewhere new to create a market. Perhaps it might be media PCs with a service like Hulu or Netflix effortlessly streaming movies to peoples' TVs. Perhaps they will get the rollup LCD technology into a marketable product and make large screen TVs that can take up a wall without much hassle. Perhaps it might be an "all in one" TV set top box, where it acts as a game console with downloadable apps, a DVR, a streaming movie service, a file server similar to a Time Capsule which automatically backs up to a cloud. Regardless, Apple is going to do something new once existing markets for their devices reach saturation.
The critical thing are two numbers: Bandwidth and latency. Right now, 3G (and 3.5G) may use different protocols for voice and data, but you can do both on an AT&T and T-Mobile phone. True 4G runs everything on the IP network. However, that shouldn't be a big deal.
I have read some mention T-Mobile's "3.5g" performance, and they give Sprint/Clear's 4G a run for the money. Depending on location, T-Mobile can be significantly faster. Another advantage of HSPA+ is that updates require more of a "reflash" rather than hardware radio upgrades of towers, so in theory this should be easier for T-Mobile to roll out as opposed to new WiMax towers for Sprint.
So, taking a 3.5G network over a 4G one? Sure. If it can do the numbers and not have obnoxious bandwidth caps or charges, I don't care if the packets are going over HSPA+ or WiMax.
I'm sure eventually T-Mobile will end up moving to LTE, but being able to quickly roll out a speed boost without a major buildout will help in the interim.
I think it would be nice to have both. My experience with DSL is that it has low latency. Combine that with a 4G connection from an Evo, and bulk data transfers can go through the 4G network where latency isn't an issue. Time sensitive items such as video streaming, ssh sessions, and online gaming go through the DSL pipe.
4G has some very good advantages. One of the biggest is that no wiring is needed, other than plugging the WiMax router into a 120VAC source.
The good news is that the 4G appears to be already rooted, with YouTube videos showing a working su on the device. This means that if you don't get an official update to FroYo, some modder will have an unofficial update working on the platform, so you will be able to use some type of update.
Now, I wish someone can come out with a similar device, but with a sliding keyboard similar to the Droid. Maybe its just me, but doing a VT100 terminal without a hardware keyboard is a PITA, even with Swype, especially doing control characters.
The one thing I can say about HTC is that rooting their phones has been easy, not to mention that they give out reference stuff for their phones so modders can mix and match, as well as have the critical pieces in place to support the phone's core functions. Other Android handset makers are nowhere near as good in this area.
Maybe 5/6G would be worth it if in the US, we can get the CDMA and GSM providers to agree on a single standard. This way, they can do tower sharing as opposed to inundating an area with multiple antennas for coverage. I doubt it though -- if carriers make it impossible to jump to another carrier with the same unit (either differing bands for the same communication like 3G, or different radio protocols like GSM/CDMA), they make more money.
Historically, this is something I agree with you 100%, although I have not seen this issue with Windows 7 [1] yet so Microsoft might have finally put the final nail in this monster's coffin. The machine or laptop would suspend... then just not wake up, and require a complete power cycle. Since this always has plagued my laptops since I've been using them (from the windows 3.1 days), I thought it was par for the course...
Until the Macbook I bought for my student days never had this problem. Close the lid, it suspends. Open it, it pops back to life. If the batteries die, it reloads the hibernate image and starts working after power is restored. Never has it suspended and required a complete reboot, or just given up and blue-screened.
I do disagree about the viruses and such. Windows is the primary target for attackers, so more attention needs to be paid to security. For example, if you can, never browse the Web as an administrative user, or the same user that has all your documents. Or, always making sure to run some type of adblocking software, be it an extension like AdBlock or a loopback proxy server like Privoxy. Of course, knowing if a UAC request is valid or bogus is a help too. Running an alternative Web browser also helps too since even though IE has a good rep for security, it is what the bad guys are spending the most maggot-hours trying to compromise.
[1]: I can't blame MS on this exclusively. There are an almost infinite combinations of hardware, software, and drivers so it could be any type of program that screws a laptop's suspending. However with the overhaul of drivers in Vista and W7, this seemed to go a long way in addressing the suspend problem.
I'd probably add two other market segments:
4: Students. For student life away from home, a 15" MacBook Pro or other laptop is ideal. Universities tend to have a large Mac installed base so it helps with getting documents just in the right format that profs want, and some professors prefer Pages to Word, and it might be the thing that sets one grade from another not having to convert a file. Other profs run Windows, and it is quite easy to install BootCamp or a VM program and run the needed applications there. Plus, Macs are built well, so a laptop can stand 4-5 years of college life without hopefully too much damage. This doesn't say that PC laptops are bad, but just Macs are better suited due to what tends to be the installed base at universities.
5: Dedicated tasks. If I were doing pro audio, there is something to be said about Logic Studio. This way, if something happens, I can call Apple. Since they make the hardware, OS, and application, no matter what happens, it is one number to handle the issue, regardless where the problem lies. I'm sure everyone has dealt with PC vendors and even UNIX vendors that the first thing they do is try go pass the buck. This is the same reason why some vendors go with a complete HP, IBM, or Sun/Oracle solution and pay the big bucks. They want the problem solved on production critical hardware, not bounced between companies. This also applies to photo work. For home users who are not technical, being able to call Apple or hit an Apple store to actually talk with someone alive is worth it, even if they just use Pages. One thing Apple has not cut corners on is customer support (and I don't mean usage questions), and this is one point about most other PC vendors that has gotten worse and worse.
Even if the SSID isn't broadcast, it is still findable by a decent wardriver.
My view on wireless security is twofold:
First, if nothing is using the wireless router, most routers have a checkbox to turn the wireless off, or just physically detach the power and network cords. An attacker can't attack what isn't available.
Second, WPA2-PSK at the minimum, maybe WPA if some old device can't be updated to use it. Ideal would be WPA2-Enterprise and a RADIUS server, and the best is authentication using smart cards, but some devices like Android phones don't work with WPA2-Enterprise. Of course, a random PSK passphrase goes without saying. Easy to do -- grab KeePass, tell it to do a random 63 character passphrase, copy and paste it to the AP and devices. Or if one doesn't trust a program, there is always DiceWare.
After these two things, stuff like hidden SSIDs and MAC address validation are icing on the cake. If it makes someone feel better that it might deter a casual attacker, go ahead. However, I just don't bother, because the security obtained isn't worth the hassle, and anyone who knows their stuff can easily bypass both methods.
The problem is that nuke plants have been at a standstill since the Carter days. What would be the best solution would be a large scale desalination plant system powered by nuclear reactors near enough so voltage losses are minimal, but far enough away that a disaster wouldn't contaminate the water supply. Combine both of these with a large pipeline similar to how oil gets across Alaska, and this would go a long way to ending the water fights in the western part of the US.
One thing I discovered is that some mainstream brands of wireless APs are *still* defaulting to wireless enabled, completely open. They could at least print some random diceware-esque code (so the words are easy to remember, but the WPA key is of a decent length) on the bottom of the machine (or even better, hot-stamp it into the plastic so the printing doesn't rub off.)
I also have seen devices grab a firmware upgrade without anyone knowing, reset to a default config, and since the LAN is so standard, nobody notices that the WPA settings dropped because all the machines ended up just connecting openly when the WPA2 preshared key didn't work.
My take: Grey area as the AC said. Mainly because an open wireless connection could be looked at as an invitation for anyone to hop on, as in a coffee shop (so permission is implicit), or it can be looked at as a personal connection because the router defaulted that way (so permission needs to be explicit like entering a house.) Most likely this would get settled in the courts how the side with the deepest pockets wants it settled, likely where the open wireless owner is responsible for everything and anything that goes through their device.
IIRC, even the CentOS tracker supports encryption. Granted, it is only RC4, but the reason it is present is to prevent an attacker in the chain from attacking what is being shared directly. Of course, the tracker will know IP addresses, as well as everyone in the swarm, so the encryption is useful for dealing with arbitrary throttling, but not hiding where one's origins are.
Barring either of those, I wonder with the advent of Linux VPS hosting that more people won't go in and create a Linux VM whose sole purpose in life is to host VPN services where all your Internet traffic goes to that remote place, including DNS. Perhaps at the minimum have a HTTP or SOCKS proxy.
From what I see, the jury is still out on commercial proxy services and packet log retention. There have been allegations of some not just logging packets but keeping IP logs permanently. Other proxies have a distinct log rotation policy because they need to keep some type of audit trail in case they get hacked. However, as of now, the only person I know that has ended up facing civil/criminal charges and caught while using a proxy was the guy who allegedly accessed Palin's Yahoo E-mail account.
Commercial proxy services are important to security. I use a proxy server when on my laptop, because there are a lot of dodgy open wi-fi points, and having a connection to strongvpn.com or another proxy means that a blackhat who owns the wireless AP only sees the encrypted VPN traffic and can't do much to the connection other than throttle or kill it. Since most Web based E-mail sites (except for Exchange OWA and Gmail) only use SSL for authentication, an attacker who owns an AP can get a lot of information about an individual, and a more sophisticated attacker could hijack the connection and use the account as launching points for ID theft. Having a proxy means that only the people between the VPN service and the E-mail service can sniff the connection, and there is far less chance of an attack happening there as opposed to a compromised wireless AP run by a blackhat, or a dodgy local ISP.
Since I don't use proxies for P2P, I have zero clue how well they actually will protect someone in case someone tries to trace an IP through one. Maybe someone else who is more clued into this might have the answer.
Clear is trying to compete with the cable and DSL companies. If they have a 5 GB/month quota, after Joe Sixpack gets his Windows boxes updated, his Adobe CS suite, World of Warcraft, and maybe downloads a DVD or pr0n, that limit would be more than used up, Joe Sixpack would be yelling at the Clear guys, and switching back to cable/DSL.
I'm sure eventually there will be metered pricing on all ISPs sometime. Lets just hope it doesn't add too much to the monthly bill.
Low level formatting used to be an essential part of daily life back in the days of SCSI1, MFM, floppies (8"/5.25"/3.5"), and Iomega Bernoulli drives. The reason is that it would do an erase pass, checking writability, then do a read, checking if there were bad sectors. In these days, drives had no sector relocation tables, so a bad block will show up as a bad block as opposed to a modern drive where an entry is put in a translation table, and the bad block is relocated to some good sectors [1]. So, having the bad sectors mapped out was important, and it was recommended to periodically reformat so any iffish sectors would be found and marked unusable.
The biggest use for a true low level formatting these days is to have a drive mark all the bad sectors as bad, and clear the relocation table out. This way, a drive that has a table almost full now has an empty place, the bad sectors won't be used, and data will get relocated if there are issues. However, only a few drives handle this type of low level formatting.
These days, if you issue a low level format command to a drive, most likely the drive will just read every sector, mark any marginal or unreadable sectors as bad and call it done, as opposed to a complete zero out. If you want a true zeroization, you need to do a secure erase, (HDDUtil is one product that even though it hasn't been maintained in a few years, will zero out a drive via this method.)
Flash drives, I have yet to hear of a low level format utility. Because things change in how raw memory cells are addressed, translated, etc, one utility won't fit all. However, it would be nice to have a format utility which would zap the translation tables, and start from scratch everywhere but the wear leveling data. Even better, it would zero all blocks regardless for maximum security, even those marked bad or relocated. Best of all would be a Flash drive that upon an erase would generate a new random key, and start storing data AES encrypted with that new key, so any old data would be completely useless.
[1]: This is in theory. Sometimes the relocation table does get full on drives which should tell the drive to tell SMART to go into pre-fail warning status, since bad blocks will start showing up.
2GB a month wouldn't handle my software updates, even if I used WSUS. Recently, my Mac slurped up a 300MB update, my Windows machines with their apps required a sizable amount of updates, my CentOS machine grabbed a large amount of updates. This alone would fill up a 2GB/month connection.