Even on Macs, I prefer to zero out the HDD and install completely cleanly, as a matter of course [1]. In fact, on any hardware, be it POWER7, SPARC, x86, and others, zeroing out the storage and installing clean is a good idea. This not just ensures that one has a clean OS, but anything that was stashed previously is gone. No cruft, no oddball transient stuff that might have accidently wound up on the HDD during QA or testing (assuming the box was tested), just a working OS (hopefully.)
[1]: It isn't hard to download the install image of the latest OS X, write it to a USB flash drive, then use a Linux drive to boot, TRIM the entire SSD, boot from the OS X drive, and install from scratch.
I'm the same way. The recovery partition is just a chunk from the HDD, so malware can easily seize control of that. Plus, I prefer server operating systems (paid for, of course.) Some laptop makers like Dell can ship a business-line model with a server OS, and since it comes from the OEM, there is a good chance the OS can just activate from the BIOS certificates. I have yet to see a machine shipping with a server OS have any crapware on it, other than maybe some administration tools.
I wish laptop makers could do what Tandy did in the early 80s... put an OS instance in ROM. Have a read-only SSD section set aside that would boot up Windows PE or even an image of whatever Windows edition came with the machine, with drivers merged in as well (easy to do with Vista and newer's WIM functionality.) This way, the box can be completely reinstalled and barring a flash of BIOS or other firmware, there can be high confidence a malware infection is eradicated.
The only AV products I've found which actually do anything are SpywareBlaster and Malwarebytes, because MB actually blocks by IPs, and SpywareBlaster doesn't actively run, but sets kill bits and blocklists in browsers.
However, with an adblocking browser extension, Web based malware should never hit your system in the first place, and with click to play functionality, should not have a chance of being activated... and with a VM or sandbox, even if the browser does get compromised, it won't get past that.
As for Android, the weakness is that a lot of Chinese stores have little to no curation or filtering out bad stuff. Google does a decent job in stomping out the bad stuff, but I still think they need to go with two tiers, one tier as things are currently, and one tier where developers have to agree to more stringent rules, and the software has to pass more tests... that way, if a user sticks to the more curated tier, there is less chance of an infection happening.
One note -- the exploits we read about with Android almost always are related to either pirate repositories or "app stores" with little to no moderation. Even something like Cydia's ecosystem would be highly unlikely to have malware like this ever hit it it in the first place, and if it did, the devs would have it pulled in minutes to hours.
As for AV software, I use it on machines to make legal eagles happy. I've yet to see it actually actively stop a compromise of a machine. At best, it is good for scanning for 1+ day stuff. The real defense are the IP blacklists, hosts files, kill bits (SpywareBlaster is quite useful), Web browser extensions and click-to-play. The best mitigation if an infection happens are sandboxes (SandboxIE), virtual machines, and jails. AV was useful back when one scanned a floppy with the latest copy of Doom on it, but these days, it is more for the checkbox in paperwork than actual protection.
Even wiping the box may not work. For example in the case of LoJack for Laptops, there is BIOS support that can get a machine to reload the utility even if the main BIOS is reflashed and all media (hard disks, SSD, etc.) are erased. In the case of this product, it can be a good thing, but this same technology that can protect a laptop can be used to reinstall spyware.
Sad thing, the PIN part here in the US is optional. However, it does stop the sales clerk who swipes the card and uses it for mail order stuff.
As for mail order, I'm sure Visa/MC will continue to have a web object that pops up, asks for a PW or PIN, which is used for shopping via the Internet.
Is this a security increase? Yes, and much needed. Cloning a chip is a heck of a lot harder than writing down numbers or writing a magnetic strip on a blank.
However, because PINs are an option in the US, it won't be as big a security boost as it is in Europe.
I wonder if the latest generation of filesystems like ZFS, btrfs, and ReFS would be useful, so a corrupt file that wasn't completely written would be detected by the FS during a background scrub or garbage collection task. With RAID-Z, the corruption can be found. Z2, the corruption likely can be fixed.
There are some reviews of SSDs on the Net about what drives can stand the most in the way of being depowered while writes are in flight. The one thing about the review is that the Intel enterprise SSDs did not lose data or go into an unusable state. This was a few years ago, so I'm hoping that other drive makers have caught up, so a dirty power-off won't mean the entire SSD is destroyed... because recovering an SSD is orders of magnitudes harder than looking at the stored magnetic domains on a HDD.
The thing about SSDs is that backups are even more important because once the electrons are out of the gate, that's it. Data is gone.
The price is dropping. I'm seeing MacBook Pros ship with 1TB of SSD. It only is a matter of time before external SSDs become the storage medium of choice, just like USB flash drives are for small scale storage.
As for HDDs, I can see them winding up being re-engineered to be more for archival and backup storage as opposed to the role an external HDD does now.
The funny thing is that the random kicking of doors, breaking of clay pots, and killing anything that moved, was not the standard trope when I started. I am showing my age, but if PCs tried that in a town, the local watch would be on them in no time. If the PCs dispatched the watch, then they would be marked as bandits, and everyone and their brother would be going for them for the reward (and I'd have the "escape from the royal gaol" campaign at the ready.)
There also wasn't the element of opening a box and pulling out a +20 sword of omnislaying. Original 1E source had almost any magical items difficult to get, and highly coveted. That +1 sword may seem like a joke... but it would be the only thing that could damage various undead. Without it, it would take pouring holy water on weapons in order to have any hope of dispatching anything but a skeleton. A wight or wraith was unkillable by almost any melee, and required a wizard or cleric to hurt it.
With newer rulesets, it is easy for players to make magic weapons... but was lost is some of the original AD&D fantasy lore -- that magic was a rare phenomenon, and not really visible to the average level 0 or 1 human that wandered the surface.
I've never been a fun of TPW (er, TPK). This almost always causes the players to lose interest in the entire campaign. Of course, there was one thing about PCs dying and sub-plots to go out and get the crispy-crittered rogue back alive... but a wipeout did more harm than good......Unless it was scripted. I've used TPWs as a tool to further a campaign, which made things interesting, as opposed to "everyone hand me their character sheets and roll another level 1".
As an old school DM, I make the "trap" category fit the premise. As stated by the parent I'd have "traps" be a magic mouth that calls the guards. I also might have a "puzzle" that would be solvable for XP. For example, trying to "liberate" a magic sword from a statue. Sometimes I'd bring in a real life puzzle for the players to solve, just as a change of pace.
Of course, traps do come in handy. Grimtooth's books were fun, and I'd have something there so the players can think they outsmarted the DM, especially if it is a party killer.
I ended up keeping my campaigns dynamic (since my job as DM is to keep a running storyline going and the players entertained). Sometimes a trap might wind up running the PCs through an "escape" or "get out of this pocket world" campaign.
I have used dungeon generators in the past... but what ends up is something that has to get honed to a point of suspension of disbelief. For example, random square and round rooms might have been fine back in the 1980s... but these days, a cave should have cave rooms... unless there is a reason why something or someone decided to carve out a perfectly rectangular room.
Maybe there is still room for dungeon generators... but ones that can keep in mind a gestalt, an over-reaching premise for the level. This is a solved problem (D1/D2/D3, Torchlight), but for a paper/pencil campaign, it would be nice to make a dungeon, and have it hold together with some global rules (for example, the king's bedroom will not be directly off the kitchen in a castle.) This, and have levels in a round keep have the same spots for the stairs as the place downstairs. One level having 1,1 for the stairs, and the next level in the keep having 20,20 just doesn't make sense unless there is some magical teleportation involved (and this can wind up being too much of a cliche.)
It might be something a college student might be able to devote time and effort to. Obviously, it won't pay directly, but after graduating, being able to point to a module in the kernel with one's name on it is a good way to find jobs, since there are a lot of companies that need niche programming needs (good luck getting a H-1B fresh off the boat to make usable, bug-free code for SCADA, life-safety, and limited environmental systems. Even pushing code to FPGA cards is something that takes some work, as you are not going to find a cookie-cutter MCSD who knows Verilog/VHDL.
There is also how it gets read. There are languages out there which at best there are a few words decoded, since there was not a Rosetta Stone offering a decent translation.
Take something relatively simple... an all text PDF stored on a MFM floppy disk. There are so many layers that need to be explained, from the placement of magnetic domains to soft/hard sectoring to what encoding mechanism is in use, to what letters correspond to what bit streams, to the filesystem and PDF format. This all needs to be somehow explained somehow for a future society to decode stuff.
To boot, it has to be placed with redundancy in mind. Some civilizations destroy everything in sight. For example, the Aztecs and Incas wound up with every single piece of paper burned because their culture was pagan. In modern times, the Taliban destroy other cultures (Buddhist statues, film archives.) Placing redundant libraries, with varying difficulties of being found (be it in sealed containers under the sea, in inaccessible glaciers, in the desert) may be the best thing to do, so if a future culture is repressive and views everything else not theirs as something to be destroyed... the culture after that one that might be less xenophobit still has a chance of recovering archives.
Same here. One of my biggest gripes in IT is the "for someone with a hammer, everything is a nail" philosophy. For example, a MCSE wants to toss everything on a MS solution. A Big Iron person will have a zSeries solution. A UNIX person will have Linux or Solaris. It could be that the best solution is not one that a consultant is familiar with.
I see this almost everywhere in IT. The Windows guys have some Linux servers or appliances, and they sit unpatched because nobody wants to touch them. The Linux people just have all the production Windows boxes fetch patches from Windows Update instead of using WSUS. The Hyper-V people wonder why the heck the VMWare appliances ask for so much RAM without realizing VMWare has the ability to deal with overcommits.
The hard part is finding people who have enough of a clue to know that their favorite solution is not the right one for a job. Mistakes because someone likes one RDBMS or loves NoSQL based DBs for everything, even rigid financial transactions [1], can be extremely costly.
I see this in internal enterprise apps. The SolarWinds people, versus the Splunk people, versus the SCOM guys, versus the Xymon guys. The people who loved one PC maker's servers coming into another shop that uses another PC maker's stuff, and then tossing the existing PC maker's servers for no real reason, other than lack of knowledge about them.
Once an IT person realizes that all solutions suck, it is finding what sucks the least, that is someone who actually worth having on board.
[1]: MarkLogic is the only exception that I know of where a NoSQL DB is ACID compliant.
IMHO, it falls on what the device's role is going to be. For example, a Surface Pro, even though technically a tablet, can do a full desktop role if plugged into a port replicator.
Some Motorola phones also fell into that category as well. The Atrix and Atrix 2 offered a Linux distribution and basic desktop functionality, although it required a special docking station to do this.
I'd probably say the definite answer would be to have the device have a hypervisor. If one is using it as a phone, a VM with a phone OS would be used. If it is used with an external monitor and keyboard, it would run a desktop OS, and be able to do both at the same time if need be.
Of course, a hypervisor gives some added benefits, be it the ability to deduplicate, encrypt VMs, back an entire VM up as a gestalt (makes installing a new ROM quite easy), and if needed, run an offline AV program to check for malware and remove it.
Once it was made known that the bad guys had real encryption, and banks were stuck with 56 bit DES (which was likely breakable by the well-heeled nations in the 1990s), ITAR eventually was killed.
The Clipper chip did teach some lessons though:
1: What happens if the bad guys can just do something like zero out the LEAF?
2: What happens if the algorithm, Skipjack, got broken? Well, since the Clipper chip was the only thing encrypting, by law, everyone using it would be severely hosed for months to years as physical chips had to be replaced.
3: What prevented the bad guys from just using their own encryption wrapped inside Skipjack? Yes, laws can be passed mandating Clipper/Skipjack only... but in some cases, enforcing those could be quite difficult. Plus, there are ways to encrypt with "just" signing and hashing algorithms.
We have had many, many technologies that were supposed to stop reverse engineering.
I remember back in the Apple ][ days, a program called "Lock it Up" by Double Gold Software had anti-reverse-engineering things in it, and was advertised as sending the bad guys packing (one of which was doing "poke 214, 128" which would disable the BASIC prompt). Then we had obfuscators for C++, BASIC, Java, and other languages, same thing.
This technology looks like it will be broken by running it in a VM, so I'm sure the next generation will have anti-VM stuff in it, and someone will just run a Bochs emulator (dog slow, but emulates everything 100%) to bypass that.
My take: How about companies spend money on improving their software instead of playing with DRM which will get broken anyway? In the enterprise, the fear of an audit is good enough to keep people in compliance with Oracle licenses. For games, using CD keys is good enough. They can play locally, but can't go multiplayer without a proper key.
If the code is so sensitive it -has- to be protected, put it in a tamper-resistant appliance, like a HSM.
You hit the nail on the head. The problem, especially with mature platforms, is that big changes tend to not happen. We are not seeing any new bus architectures, nor are we seeing anything that fundamentally changes the kernel's architecture, so there are two schools of thought:
The first is to only bump up a major version number only if something radical happened, which the Linux kernel used to do (I remember back in the 1.x days, seeing 1.1.100.) Then there is bumping the major number routinely.
I'm of the former school of thought. Historically, a major number bump meant groundbreaking territory and for shops running it to be prepared for major bumps and hurdles. This is a good thing, since there needs to be large updates every so often, and bumping a major number warns of that.
Bumping a major number because the revision number is getting into the triple digits is, IMHO, more something a marketing person would do versus having an actual need for it. For example, the Windows version I'm using should be called Windows 6.3.9600. (Of course, even MS bumped the numbers up in Windows 10 of even the kernel.)
If Linux has to move to 4.0, there should be some reason to explain the jump to non technical people, be it a major feature added or something that adds a line of demarcation.
Without getting in a pro/con flamewar, I'd propose maybe adding kernel level hooks for SystemD without affecting functionality of Android and distros not using it. This way, the #1 program in userland has better interaction with the kernel, either for process management, raising/dropping privs for security, or other uses.
The problem is that some phones get useful, permanent mods, such as the HTC One X, or the HTC One M8. Others start out as locked, such as the Moto X or the Motorola CLIQ, but eventually are easily updated. Still others never really get completely unlocked, such as the Motorola Atrix 2.
My next phone, I'll probably just place my bets on HTC, since I've had good luck with their products. Maybe LG is decent, but I've yet to research their stuff.
Motorola and Samsung? They can keep their expertly locked bootloaders and eFuses.
I do agree that AIX does stand for "Alien Interpretation of UNIX", but even though it is squirrely, if an application runs on it, it runs well.
I am not disagreeing with the fact that AIX and Solaris are bit players. However, I would say that one problem is that both Oracle and IBM at best are focused on retaining existing customers. Neither have any marketing focus on getting people from VMWare and OpenStack onto their platforms. And without expanding the market, just as the parent stated if the market isn't growing, it is shrinking.
This is a hard thing to do. The trend has been for businesses to have projects to get off of SPARC and POWER onto commodity x86 hardware, because x86 hardware has a price advantage, and can be sourced from a number of vendors. Both IBM and Oracle will have to have a good reason (good as in financially appealing), but it could be done.
There is the security aspect. Solaris and AIX have long since went through their teething problems when it comes to security and are quite robust in this regard. Solaris has tossed root (as a user) in Solaris 11, and uses roles (this functionality can be reversed if needed), and AIX can run completely root-less, as well as use signed executables/libraries/scripts. If Oracle could put some R&D into security... and a reasonable way to manage/audit things, they might just gain some ground back.
However, it would have to be a -major- improvement in security features, beyond the delta from Solaris 1.x to 2.x, something as major as the jump from Windows 3.1 to NT. Plus, it isn't just features, it is ease of implementation. Something where Solaris can be marketed as, "if it runs on this OS, it is secure".
What might have to happen is that Oracle might have to license things from Microsoft. Exchange and Active Directory come to mind. This way, even if there is a major Windows exploit, core AD servers would still be protected because they would be running on Solaris. It is doubtful MS would license this, and it would take some coding by Oracle... but it is going to take a Herculean effort to get SPARC's marketshare to grow again anyway, so might as well try to get businesses to move to the platform by offering an alternative to a Windows backend.
My suggestion to Oracle: Get SPARC's marketshare up. This might take some doing, but long term, expanding the ecosystem is a good way to keep revenue coming in, where customers buy new machines to upgrade, as opposed to "upgrading" to commodity x86 hardware.
This would require some work on the whole stack from the CPU on up to applications. For example, getting Solaris LDOMs and domains to work with SCVMM or the enterprise admin tool of choice. Another would be getting Linux applications to work on Solaris with low to minimal porting necessary. IBM did this with AIX starting at 5L (where it took a code recompile, but little else.)
As I mentioned before, Oracle has some pretty nice technologies which can shake up the market. SPARC servers have Infiniband, so if Oracle does some work with the hypervisor to allow one machine to access another box's disks via Infiniband, add redundancy (on both drives and nodes), this would completely get rid of a need for a SAN backend. Need more storage? Just add more drives to one of the machines, or add another node to the cluster, similar to how Isilons are updated. ZFS is also a crown jewel, and can be used for a lot of things as well, especially backend deduplication.
I hope Oracle can reinvent itself. They have a lot of core technologies that they could use to eke out a definite niche in the enterprise. Combine that with the fact that SPARC and Solaris are mature technologies, and Oracle can bring to the table pretty decent security.
The ironic thing is that this setup has been in place for at least seven years, and is still working without issue. Otherwise, I'd definitely be made aware that it was not working.
I'll turn the question around... why does a device have to be onto the Internet if it doesn't have to? I do admit I did a low tech solution without going through extensive third party data diode, firewall, and other offerings... but it has worked without issue or need for upkeep for years now.
I may be a bit pedantic, but how can a general purpose laptop or desktop computer get bricked, unless part of the exploit overwrote the firmware, causing the machine to not be able to be booted?
The OS might need to be repaired or reinstalled, but generally the data should be recoverable.
I don't get why these devices are on the Internet in the first place. If access is needed to read statistics, have an internal server scoop the info from the SCADA servers, hand it to a DMZ server, and the external applications use SSL with client authentication (both sides authenticate to each other using keys), to fetch the data, or if it has to be a person doing this, have a web server on the DMZ that is accessed via 2FA for this info. If the SCADA boxes have to be controlled through the Internet, then there is always a high security VPN that uses smart cards or USB crypto tokens.
One project I had a few years ago was to get data from manufacturing systems (systems which could be on the Internet, but at best, had security strapped on at the last moment... so they were not secure) to remote receivers. I ended up putting the systems on one isolated subnet with a Linux box that would scan them, then shove the data through a serial port with the Rx line cut (so it could only transmit, not receive.) The machine on the other end of the cable would take the data from the serial port and format it into useful reports, which wound up on a decently secure webserver.
No, this system wasn't fast, but it did the job where info could be read but a blackhat couldn't tamper with the isolated network without physical access.
Slashdot Mirror
Even on Macs, I prefer to zero out the HDD and install completely cleanly, as a matter of course [1]. In fact, on any hardware, be it POWER7, SPARC, x86, and others, zeroing out the storage and installing clean is a good idea. This not just ensures that one has a clean OS, but anything that was stashed previously is gone. No cruft, no oddball transient stuff that might have accidently wound up on the HDD during QA or testing (assuming the box was tested), just a working OS (hopefully.)
[1]: It isn't hard to download the install image of the latest OS X, write it to a USB flash drive, then use a Linux drive to boot, TRIM the entire SSD, boot from the OS X drive, and install from scratch.
If it isn't firmware level, a blkdiscard /dev/sda on a SSD should purge anything for good, and definitely not recoverable by any known means.
I'm the same way. The recovery partition is just a chunk from the HDD, so malware can easily seize control of that. Plus, I prefer server operating systems (paid for, of course.) Some laptop makers like Dell can ship a business-line model with a server OS, and since it comes from the OEM, there is a good chance the OS can just activate from the BIOS certificates. I have yet to see a machine shipping with a server OS have any crapware on it, other than maybe some administration tools.
I wish laptop makers could do what Tandy did in the early 80s... put an OS instance in ROM. Have a read-only SSD section set aside that would boot up Windows PE or even an image of whatever Windows edition came with the machine, with drivers merged in as well (easy to do with Vista and newer's WIM functionality.) This way, the box can be completely reinstalled and barring a flash of BIOS or other firmware, there can be high confidence a malware infection is eradicated.
The only AV products I've found which actually do anything are SpywareBlaster and Malwarebytes, because MB actually blocks by IPs, and SpywareBlaster doesn't actively run, but sets kill bits and blocklists in browsers.
However, with an adblocking browser extension, Web based malware should never hit your system in the first place, and with click to play functionality, should not have a chance of being activated... and with a VM or sandbox, even if the browser does get compromised, it won't get past that.
As for Android, the weakness is that a lot of Chinese stores have little to no curation or filtering out bad stuff. Google does a decent job in stomping out the bad stuff, but I still think they need to go with two tiers, one tier as things are currently, and one tier where developers have to agree to more stringent rules, and the software has to pass more tests... that way, if a user sticks to the more curated tier, there is less chance of an infection happening.
One note -- the exploits we read about with Android almost always are related to either pirate repositories or "app stores" with little to no moderation. Even something like Cydia's ecosystem would be highly unlikely to have malware like this ever hit it it in the first place, and if it did, the devs would have it pulled in minutes to hours.
As for AV software, I use it on machines to make legal eagles happy. I've yet to see it actually actively stop a compromise of a machine. At best, it is good for scanning for 1+ day stuff. The real defense are the IP blacklists, hosts files, kill bits (SpywareBlaster is quite useful), Web browser extensions and click-to-play. The best mitigation if an infection happens are sandboxes (SandboxIE), virtual machines, and jails. AV was useful back when one scanned a floppy with the latest copy of Doom on it, but these days, it is more for the checkbox in paperwork than actual protection.
Even wiping the box may not work. For example in the case of LoJack for Laptops, there is BIOS support that can get a machine to reload the utility even if the main BIOS is reflashed and all media (hard disks, SSD, etc.) are erased. In the case of this product, it can be a good thing, but this same technology that can protect a laptop can be used to reinstall spyware.
Sad thing, the PIN part here in the US is optional. However, it does stop the sales clerk who swipes the card and uses it for mail order stuff.
As for mail order, I'm sure Visa/MC will continue to have a web object that pops up, asks for a PW or PIN, which is used for shopping via the Internet.
Is this a security increase? Yes, and much needed. Cloning a chip is a heck of a lot harder than writing down numbers or writing a magnetic strip on a blank.
However, because PINs are an option in the US, it won't be as big a security boost as it is in Europe.
I wonder if the latest generation of filesystems like ZFS, btrfs, and ReFS would be useful, so a corrupt file that wasn't completely written would be detected by the FS during a background scrub or garbage collection task. With RAID-Z, the corruption can be found. Z2, the corruption likely can be fixed.
There are some reviews of SSDs on the Net about what drives can stand the most in the way of being depowered while writes are in flight. The one thing about the review is that the Intel enterprise SSDs did not lose data or go into an unusable state. This was a few years ago, so I'm hoping that other drive makers have caught up, so a dirty power-off won't mean the entire SSD is destroyed... because recovering an SSD is orders of magnitudes harder than looking at the stored magnetic domains on a HDD.
The thing about SSDs is that backups are even more important because once the electrons are out of the gate, that's it. Data is gone.
The price is dropping. I'm seeing MacBook Pros ship with 1TB of SSD. It only is a matter of time before external SSDs become the storage medium of choice, just like USB flash drives are for small scale storage.
As for HDDs, I can see them winding up being re-engineered to be more for archival and backup storage as opposed to the role an external HDD does now.
The funny thing is that the random kicking of doors, breaking of clay pots, and killing anything that moved, was not the standard trope when I started. I am showing my age, but if PCs tried that in a town, the local watch would be on them in no time. If the PCs dispatched the watch, then they would be marked as bandits, and everyone and their brother would be going for them for the reward (and I'd have the "escape from the royal gaol" campaign at the ready.)
There also wasn't the element of opening a box and pulling out a +20 sword of omnislaying. Original 1E source had almost any magical items difficult to get, and highly coveted. That +1 sword may seem like a joke... but it would be the only thing that could damage various undead. Without it, it would take pouring holy water on weapons in order to have any hope of dispatching anything but a skeleton. A wight or wraith was unkillable by almost any melee, and required a wizard or cleric to hurt it.
With newer rulesets, it is easy for players to make magic weapons... but was lost is some of the original AD&D fantasy lore -- that magic was a rare phenomenon, and not really visible to the average level 0 or 1 human that wandered the surface.
I've never been a fun of TPW (er, TPK). This almost always causes the players to lose interest in the entire campaign. Of course, there was one thing about PCs dying and sub-plots to go out and get the crispy-crittered rogue back alive... but a wipeout did more harm than good... ...Unless it was scripted. I've used TPWs as a tool to further a campaign, which made things interesting, as opposed to "everyone hand me their character sheets and roll another level 1".
As an old school DM, I make the "trap" category fit the premise. As stated by the parent I'd have "traps" be a magic mouth that calls the guards. I also might have a "puzzle" that would be solvable for XP. For example, trying to "liberate" a magic sword from a statue. Sometimes I'd bring in a real life puzzle for the players to solve, just as a change of pace.
Of course, traps do come in handy. Grimtooth's books were fun, and I'd have something there so the players can think they outsmarted the DM, especially if it is a party killer.
I ended up keeping my campaigns dynamic (since my job as DM is to keep a running storyline going and the players entertained). Sometimes a trap might wind up running the PCs through an "escape" or "get out of this pocket world" campaign.
I have used dungeon generators in the past... but what ends up is something that has to get honed to a point of suspension of disbelief. For example, random square and round rooms might have been fine back in the 1980s... but these days, a cave should have cave rooms... unless there is a reason why something or someone decided to carve out a perfectly rectangular room.
Maybe there is still room for dungeon generators... but ones that can keep in mind a gestalt, an over-reaching premise for the level. This is a solved problem (D1/D2/D3, Torchlight), but for a paper/pencil campaign, it would be nice to make a dungeon, and have it hold together with some global rules (for example, the king's bedroom will not be directly off the kitchen in a castle.) This, and have levels in a round keep have the same spots for the stairs as the place downstairs. One level having 1,1 for the stairs, and the next level in the keep having 20,20 just doesn't make sense unless there is some magical teleportation involved (and this can wind up being too much of a cliche.)
It might be something a college student might be able to devote time and effort to. Obviously, it won't pay directly, but after graduating, being able to point to a module in the kernel with one's name on it is a good way to find jobs, since there are a lot of companies that need niche programming needs (good luck getting a H-1B fresh off the boat to make usable, bug-free code for SCADA, life-safety, and limited environmental systems. Even pushing code to FPGA cards is something that takes some work, as you are not going to find a cookie-cutter MCSD who knows Verilog/VHDL.
There is also how it gets read. There are languages out there which at best there are a few words decoded, since there was not a Rosetta Stone offering a decent translation.
Take something relatively simple... an all text PDF stored on a MFM floppy disk. There are so many layers that need to be explained, from the placement of magnetic domains to soft/hard sectoring to what encoding mechanism is in use, to what letters correspond to what bit streams, to the filesystem and PDF format. This all needs to be somehow explained somehow for a future society to decode stuff.
To boot, it has to be placed with redundancy in mind. Some civilizations destroy everything in sight. For example, the Aztecs and Incas wound up with every single piece of paper burned because their culture was pagan. In modern times, the Taliban destroy other cultures (Buddhist statues, film archives.) Placing redundant libraries, with varying difficulties of being found (be it in sealed containers under the sea, in inaccessible glaciers, in the desert) may be the best thing to do, so if a future culture is repressive and views everything else not theirs as something to be destroyed... the culture after that one that might be less xenophobit still has a chance of recovering archives.
Same here. One of my biggest gripes in IT is the "for someone with a hammer, everything is a nail" philosophy. For example, a MCSE wants to toss everything on a MS solution. A Big Iron person will have a zSeries solution. A UNIX person will have Linux or Solaris. It could be that the best solution is not one that a consultant is familiar with.
I see this almost everywhere in IT. The Windows guys have some Linux servers or appliances, and they sit unpatched because nobody wants to touch them. The Linux people just have all the production Windows boxes fetch patches from Windows Update instead of using WSUS. The Hyper-V people wonder why the heck the VMWare appliances ask for so much RAM without realizing VMWare has the ability to deal with overcommits.
The hard part is finding people who have enough of a clue to know that their favorite solution is not the right one for a job. Mistakes because someone likes one RDBMS or loves NoSQL based DBs for everything, even rigid financial transactions [1], can be extremely costly.
I see this in internal enterprise apps. The SolarWinds people, versus the Splunk people, versus the SCOM guys, versus the Xymon guys. The people who loved one PC maker's servers coming into another shop that uses another PC maker's stuff, and then tossing the existing PC maker's servers for no real reason, other than lack of knowledge about them.
Once an IT person realizes that all solutions suck, it is finding what sucks the least, that is someone who actually worth having on board.
[1]: MarkLogic is the only exception that I know of where a NoSQL DB is ACID compliant.
IMHO, it falls on what the device's role is going to be. For example, a Surface Pro, even though technically a tablet, can do a full desktop role if plugged into a port replicator.
Some Motorola phones also fell into that category as well. The Atrix and Atrix 2 offered a Linux distribution and basic desktop functionality, although it required a special docking station to do this.
I'd probably say the definite answer would be to have the device have a hypervisor. If one is using it as a phone, a VM with a phone OS would be used. If it is used with an external monitor and keyboard, it would run a desktop OS, and be able to do both at the same time if need be.
Of course, a hypervisor gives some added benefits, be it the ability to deduplicate, encrypt VMs, back an entire VM up as a gestalt (makes installing a new ROM quite easy), and if needed, run an offline AV program to check for malware and remove it.
Once it was made known that the bad guys had real encryption, and banks were stuck with 56 bit DES (which was likely breakable by the well-heeled nations in the 1990s), ITAR eventually was killed.
The Clipper chip did teach some lessons though:
1: What happens if the bad guys can just do something like zero out the LEAF?
2: What happens if the algorithm, Skipjack, got broken? Well, since the Clipper chip was the only thing encrypting, by law, everyone using it would be severely hosed for months to years as physical chips had to be replaced.
3: What prevented the bad guys from just using their own encryption wrapped inside Skipjack? Yes, laws can be passed mandating Clipper/Skipjack only... but in some cases, enforcing those could be quite difficult. Plus, there are ways to encrypt with "just" signing and hashing algorithms.
We have had many, many technologies that were supposed to stop reverse engineering.
I remember back in the Apple ][ days, a program called "Lock it Up" by Double Gold Software had anti-reverse-engineering things in it, and was advertised as sending the bad guys packing (one of which was doing "poke 214, 128" which would disable the BASIC prompt). Then we had obfuscators for C++, BASIC, Java, and other languages, same thing.
This technology looks like it will be broken by running it in a VM, so I'm sure the next generation will have anti-VM stuff in it, and someone will just run a Bochs emulator (dog slow, but emulates everything 100%) to bypass that.
My take: How about companies spend money on improving their software instead of playing with DRM which will get broken anyway? In the enterprise, the fear of an audit is good enough to keep people in compliance with Oracle licenses. For games, using CD keys is good enough. They can play locally, but can't go multiplayer without a proper key.
If the code is so sensitive it -has- to be protected, put it in a tamper-resistant appliance, like a HSM.
You hit the nail on the head. The problem, especially with mature platforms, is that big changes tend to not happen. We are not seeing any new bus architectures, nor are we seeing anything that fundamentally changes the kernel's architecture, so there are two schools of thought:
The first is to only bump up a major version number only if something radical happened, which the Linux kernel used to do (I remember back in the 1.x days, seeing 1.1.100.) Then there is bumping the major number routinely.
I'm of the former school of thought. Historically, a major number bump meant groundbreaking territory and for shops running it to be prepared for major bumps and hurdles. This is a good thing, since there needs to be large updates every so often, and bumping a major number warns of that.
Bumping a major number because the revision number is getting into the triple digits is, IMHO, more something a marketing person would do versus having an actual need for it. For example, the Windows version I'm using should be called Windows 6.3.9600. (Of course, even MS bumped the numbers up in Windows 10 of even the kernel.)
If Linux has to move to 4.0, there should be some reason to explain the jump to non technical people, be it a major feature added or something that adds a line of demarcation.
Without getting in a pro/con flamewar, I'd propose maybe adding kernel level hooks for SystemD without affecting functionality of Android and distros not using it. This way, the #1 program in userland has better interaction with the kernel, either for process management, raising/dropping privs for security, or other uses.
The Atrix 2 has a locked bootloader, and is several years old. I'd go for the M8, but HTC should be releasing the next flagship phone in 4-8 weeks.
The problem is that some phones get useful, permanent mods, such as the HTC One X, or the HTC One M8. Others start out as locked, such as the Moto X or the Motorola CLIQ, but eventually are easily updated. Still others never really get completely unlocked, such as the Motorola Atrix 2.
My next phone, I'll probably just place my bets on HTC, since I've had good luck with their products. Maybe LG is decent, but I've yet to research their stuff.
Motorola and Samsung? They can keep their expertly locked bootloaders and eFuses.
I do agree that AIX does stand for "Alien Interpretation of UNIX", but even though it is squirrely, if an application runs on it, it runs well.
I am not disagreeing with the fact that AIX and Solaris are bit players. However, I would say that one problem is that both Oracle and IBM at best are focused on retaining existing customers. Neither have any marketing focus on getting people from VMWare and OpenStack onto their platforms. And without expanding the market, just as the parent stated if the market isn't growing, it is shrinking.
This is a hard thing to do. The trend has been for businesses to have projects to get off of SPARC and POWER onto commodity x86 hardware, because x86 hardware has a price advantage, and can be sourced from a number of vendors. Both IBM and Oracle will have to have a good reason (good as in financially appealing), but it could be done.
There is the security aspect. Solaris and AIX have long since went through their teething problems when it comes to security and are quite robust in this regard. Solaris has tossed root (as a user) in Solaris 11, and uses roles (this functionality can be reversed if needed), and AIX can run completely root-less, as well as use signed executables/libraries/scripts. If Oracle could put some R&D into security... and a reasonable way to manage/audit things, they might just gain some ground back.
However, it would have to be a -major- improvement in security features, beyond the delta from Solaris 1.x to 2.x, something as major as the jump from Windows 3.1 to NT. Plus, it isn't just features, it is ease of implementation. Something where Solaris can be marketed as, "if it runs on this OS, it is secure".
What might have to happen is that Oracle might have to license things from Microsoft. Exchange and Active Directory come to mind. This way, even if there is a major Windows exploit, core AD servers would still be protected because they would be running on Solaris. It is doubtful MS would license this, and it would take some coding by Oracle... but it is going to take a Herculean effort to get SPARC's marketshare to grow again anyway, so might as well try to get businesses to move to the platform by offering an alternative to a Windows backend.
My suggestion to Oracle: Get SPARC's marketshare up. This might take some doing, but long term, expanding the ecosystem is a good way to keep revenue coming in, where customers buy new machines to upgrade, as opposed to "upgrading" to commodity x86 hardware.
This would require some work on the whole stack from the CPU on up to applications. For example, getting Solaris LDOMs and domains to work with SCVMM or the enterprise admin tool of choice. Another would be getting Linux applications to work on Solaris with low to minimal porting necessary. IBM did this with AIX starting at 5L (where it took a code recompile, but little else.)
As I mentioned before, Oracle has some pretty nice technologies which can shake up the market. SPARC servers have Infiniband, so if Oracle does some work with the hypervisor to allow one machine to access another box's disks via Infiniband, add redundancy (on both drives and nodes), this would completely get rid of a need for a SAN backend. Need more storage? Just add more drives to one of the machines, or add another node to the cluster, similar to how Isilons are updated. ZFS is also a crown jewel, and can be used for a lot of things as well, especially backend deduplication.
I hope Oracle can reinvent itself. They have a lot of core technologies that they could use to eke out a definite niche in the enterprise. Combine that with the fact that SPARC and Solaris are mature technologies, and Oracle can bring to the table pretty decent security.
The ironic thing is that this setup has been in place for at least seven years, and is still working without issue. Otherwise, I'd definitely be made aware that it was not working.
I'll turn the question around... why does a device have to be onto the Internet if it doesn't have to? I do admit I did a low tech solution without going through extensive third party data diode, firewall, and other offerings... but it has worked without issue or need for upkeep for years now.
I may be a bit pedantic, but how can a general purpose laptop or desktop computer get bricked, unless part of the exploit overwrote the firmware, causing the machine to not be able to be booted?
The OS might need to be repaired or reinstalled, but generally the data should be recoverable.
Of course, having backups is a wise idea.
I don't get why these devices are on the Internet in the first place. If access is needed to read statistics, have an internal server scoop the info from the SCADA servers, hand it to a DMZ server, and the external applications use SSL with client authentication (both sides authenticate to each other using keys), to fetch the data, or if it has to be a person doing this, have a web server on the DMZ that is accessed via 2FA for this info. If the SCADA boxes have to be controlled through the Internet, then there is always a high security VPN that uses smart cards or USB crypto tokens.
One project I had a few years ago was to get data from manufacturing systems (systems which could be on the Internet, but at best, had security strapped on at the last moment... so they were not secure) to remote receivers. I ended up putting the systems on one isolated subnet with a Linux box that would scan them, then shove the data through a serial port with the Rx line cut (so it could only transmit, not receive.) The machine on the other end of the cable would take the data from the serial port and format it into useful reports, which wound up on a decently secure webserver.
No, this system wasn't fast, but it did the job where info could be read but a blackhat couldn't tamper with the isolated network without physical access.