Actually, I was under the impression that the interview was going to be posted on the BBC site, so that just about everyone could watch it, and then read my analysis...
You are right, of course - this is my opinion. It's my point of view, and it may or may not be correct. That is why most of the sentences begin with "I think..." or something similar.
Who knows - next week I may acquire, read or be told some piece of information that leads me to change my mind! I always keep an open mind, and if someone turns around to me and says "That's fucking bollox!", I'll listen to them instead of automatically arguing with them.
When I have the time, I'll read through the 360-odd replies this thing generated... And I may choose to email some people directly with replies to their points.
In the meantime, all I hope is that my analysis has provided you guys with some food for thought - an alternative and different take on Gates which you can think about and weigh up and either accept or reject as you see fit.
D. Warez... Porn... A hacker craves not these things...
You could be right - perhaps I am reading too much into a short interview, but please bear in mind that this interview has merely provided the icing on the cake - I've been following Microsoft and Bill Gates for years now. It was seeing the man himself being quizzed by an experienced interviewer, and witnessing his reactions to various questions and the answers he (as opposed to the Microsoft PR department) gave to those questions.
Now, admittedly, he could be pulling the wool over all our eyes (myself included), but I doubt it. He has no need to stick to the "party line", because he effectively is the party; he runs Microsoft, pretty much single-handedly, I suspect.
The interview was a bunch of practiced answers to questions he has been asked before, nothing more
I don't completely agree. I think that, whilst a lot of the questions were ones he's been asked dozens of times before, some of them really made him stop and think.
In any case, whether his answers were practised or not, they still give an insight into the man and his motivations. I pride myself on my ability to judge people - to figure out what sort of person they are, where they're coming from, etc. - within a very short space of time after meeting them. Now, obviously, I've not met Gates, but watching this interview was as close as I'm likely to get to him.
Like I said, these are my opinions and impressions. Your mileage may vary. If nothing else, I hope they provide food for thought to other people out there who are trying to figure out why Gates and Microsoft do the things they do.
A quote which I should have included in my article. I agree completely. However, there is an extra factor here, in that the good intentions come with a fair amount of arrogance.
Will Gates be remembered as one of the Great Names of computer science? I like to think not. [...] Gates will be remembered only as a great businessman...
I don't think Gates wants to be remembered as a great businessman. I think he will want to be remembered in the same way as we remember great scientists like Einstein and Marie Curie - people who made a difference in terms of the way we live our lives.
I'll bet that Bill Gates wants the memory of his name to be synonomous with the shift from the industrial or consumer age, to the information age.
this was the worst piece of prose I've ever read on Slashdot
Really? You mean I beat Jon Katz!!! Wow! Cool!:-)
For the record, the number of "I (don't) think"s in there is due to the fact that I wanted to make it very clear that these are my opinions, instead of stating them as fact.
With regard to SBus vs. PCI, keep in mind that SBus is a very dated technology compared to PCI.
In addition to the limitations you've mentioned, I'd like to add the fact that it's a circuit switched bus, while PCI is packet switched.
How about the UPA bus, though - 2.75 GBytes/second on *500 servers...:-)
I think one of the reasons Sun stuck with SBus so long (and continues to in some of its Enterprise level servers, notably the 4x00 models) is because of SBus's small footprint, which works nicely with the system tray design Sun has been using in its machines for years now.
I don't disagree, but I think that another important factor may have been the fact that there is a huge SBUs userbase out there. To drop SBus completely would leave a lot of people pretty pissed off.
I've heard tell about some sort of IO standard that Intel's been pushing of late that supposedly 'replaces all current bus technology'.
This wouldn't be the Dual Independent Bus, by any chance? This is a slight alteration to your traditional cache/bus architecture, which was first introduced on the Pentium Pro. Given the level to which systems caches can affect system performance, it's possible that Intel's PR & Marketing guys got a bit carried away.:-)
On the other hand, I could be completely wrong, in which case, I'd like to hear about this wonderful new bus as well!
It appears to me that we may be seeing a certain hierarchy of industry bus standards emerging - USB for the low-level consumer stuff, 1394 for the more specialist stuff (but still on workstations), and Fibre Channel for the real high-end stuff.
Obviously, USB and Firewire are being aimed at the PC market, but I wonder if they'll end up getting adopted by Unix workstation manufacturers like Sun, SGI, etc.
Also, I'll be interested in seeing whether anything arises to mount a serious challenge to PCI, which appears to have managed to defeat SBus, seeing as how Sun's workstation-level machines are all PCI-based now.
Does anyone else think that the current standard PC design is hopelessly outdated, and that it may be time for industry to move forward and develop a new architecture to take advantage of new technologies, architectures and developments, like the Internet?
Or is this idea too close to the NC for comfort?:-)
This article reminds me of a Microsoft white paper I first downloaded a few years back. It was so funny that I printed it out, bound it, and it now sits on my desk alongside white papers on Sun Enterrpise server architecture, the Virtual Interface architecture, storage architectures, a few of the crucial RFCs (like RFC 1878 and the really important one - 1924), some stuff on clusters... *smack* Get on with it, you fool!
Anyway, the white paper compares the Unix and NT architectures, supposedly demonstrating why NT is so much better than Unix. However, it does this by saying the equivalent of "NT is a hugely complicated OS, which uses dodgy abstraction layers, which Unix does not have. This is why NT is better than Unix..." (that's a metaphor, not a quote, by the way).
It's worth downloading if you have to work with NT a lot and wonder why it, urm, is the way it is...:-)
All a company would have to do would be to publish and illegally patent hundreds of modules that broke the GPL on an open source product. Then build the product out of the patented "proprietary" modules. Challengers to the legality of this maneuver would have to prove one by one that the modules were not legal, costing them thousands of dollars. And if they suceed for some module, well, it's simple enough to produce a legitimately proprietary version for one small part. Pretty soon you exhaust the original open source devs and they give up. Viola!
I think you're forgetting one important points - many, many hackers are Linux supporters.
I would not want to be the information security director for a company which tried this tactic. In fact, given the level of sanity which some Linux zealots display, I wouldn't want to even work for that company. (This is assuming that I was lame enough to not resign the moment I found out they were trying to proprietarise Linux anyway!).
I think that Lawrence may be over-analysing the cyberpunk genre and perceiving a new genre (which he calls post-cyberpunk), which is really only a development of the cyberpunk genre, in the same way as the SF genre has developed over many decades, and continues to develop.
I think there are many different facets to cyberpunk, just as there are to science-fiction. Anyone who read my "Mirrorshades of Cyberpunk" web-page from about five years back, will know what I mean - cyberpunk means different things to different people.
I think it's disingenuous to attempt to effectively create an entirely new genre. It isn't necessary and I don't think it's correct.
Perhaps Lawrence wants to be able to say in five years time that he invented the term "postcyberpunk", but if he wants to do that, I think he'll need to come up with something a bit better than this.
Whoahg! Light dawns opn marble head! I understand dit now! YEAH! COOL! I LOIKE IT!
ok, check 9ut the table bwelow first columnis the angle of the filter Aloce (foxxy chick thst she is) uses to transmit her hard core pr0n to Bobby.
2nd colum is the filter bobby uses the REceivne the photon. the result comlung is the result - yes means he gets it, no means it's clobked and maybe merans its in a quantum stat like Shcrindongers pussy, baybeeeee...
Trans Rec Result ----- --- ------ 0 0 yes +45 0 maybe
0 +45 maybe +45 +45 yes
0 90 no +45 90 maybe
0 -45 maybe +45 -45 no
so i;m wrpng about the noninvqsive maninthemiddle attak, but not about the full mitm attack1
Coming soon to a website mear ytou: WHEN MEN I~N THE ~MIDDLE ATTACK!~!
Wow.. its amazxingwhat this amoumt of alcogol can fdo for one's emtna;l faculties.
She doesn't need a "photon duplicator", although you're on the right track. All Eve has to do is read the polarity of the photons (i.e. pretend to be Bob), and then send photons of the same polarity on to Bob (i.e. pretending to be Eve).
Then, even if she doesn't listen in on the conversation (or sniff the insecure ethernet), she probably has enough information (by having the entire list of photons and their bit-state, of which the key is a subset) to attack the message.
I'm wrong - I've got to be. These guys have PhDs and stuff... I don't even have a degree. I just want to know where I've gone wrong, but I can't figure it out from the article. Admittedly, it's not exactly a white paper, so maybe it's leaving something out. Or maybe I'm just being particularly obtuse and stupid.
Couldn't a man-in-the-middle attack theoretically be launched on this type of encryption?
Obviously, the practicality of intercepting the photons between the ground station and sattelite are isn't the best (visions of NSA blimps), but, in theory, wouldn't this be possible, if we accept that PKC doesn't form part of the system?
Also, what happens when the photons pass from, say, a fibre, to an uplink. Or when they pass through the sattelite? Won't they lose their polarisation?
And, finally, what about a pure mathematical attack, based on probability and stochastic principles?
I'm not a mathematician or cryptography expert, so I'm not just dissing this idea for the sake of it - it sounds really cool, but I'd like to know more.
The excerpt from the Jane's article (also check out the full article) demonstrates the errors of judgement that are made by so-called "experts" who are approaching the concept of information warfare from the military/intelligence arena.
First of all, classifying infowar/infoterror alongside nuclear, biological and chemical attacks is wrong. They are completely different things, although there are some vague similarities in the skills and expertise needed to successfully carry out attacks.
Secondly, many analysts are failing to appreciate the differences between hacktivism, infoterror and infowar.
Hacktivism is about drawing attention to one's cause and spreading propaganda. It's most often achieved by defacing websites. We've seen an awful lot of hacktivism, from the 'Free Kevin' campaign to the Mexican Zapatistas. For hacktivists, hacking is merely a means to the end of getting exposure in the mass media.
Infoterror is the use of information warfare tactics to disrupt a nation's information and communications infrastructure in such a way as public opinion turns against the Government, forcing the government to accede to your demands. This can be equated to the IRA's tactics in the lead-up to their final ceasefire, where they disrupted motorways, postal deliveries, etc. in the UK - instead of actually causing physical harm to buildings and people, they disrupted the country's infrastructure, causing hassle for ordinary citizens, but without incurring the righteous indignation which accompanies terrorist bombs which kill innocent people. The attacks upon various internet sites belonging to NATO, the US and the UK during the Kosovan conflict were an example of a hacktivism campaign which was trying to be an infoterror campaign (but failing miserably).
Full infowar is an out-and-out attempt to completely disrupt or destroy an enemy nation's critical information, communications, command and control infrastructures, both civilian and military, and is likely to include attacks upon the physical infrastructure (e.g. bombing telecoms exchanges) as well as logical attacks (hacking, viruses, worms, etc.).
There's another complication in that the intelligence community is worried that terrorists are beginning to use the Internet for communications and to organise themselves (see the RAND report on Netwar for more on this). This use of the Internet by the Bad Guys muddies the water and obfuscates the threat presented to the 'Net by Other Bad Guys.
Thirdly, few so-called "experts" are realising that, as we move into the 21st century, a country's national security doesn't rely so much on the strength of it's armed forces, but instead upon it's economic strength and well-being, and as the economy begins to rely upon information and communications technologies more and more, the threat is growing.
Fourthly, just as soldiers know next to nothing about conducting naval battles, and sailors aren't exactly experts in air combat, existing military and intelligence people know next to nothing about information warfare. You have to turn to the hackers and their equivalent on the other side of the fence (i.e. system and network administrators who have the same skills as the hackers).
Even then, there's a world of difference between a script kiddie (the equivalent of a foot soldier who knows how to march and shoot, but little else), a real hacker (the equivalent of, say an officer, who can formulate tactics, etc.) and an information warfare strategist, who understands the big picture.
Finally, I will say this - this is a threat and, at the moment, it's a significant one, because our information and communications infrastructures are vulnerable and poorly defended. However, reducing the risk is neither particularly difficult nor expensive.
More significantly, the role for the military and intelligence communities in reducing the risk, is much smaller than most people think (and much smaller than the military and intel guys want it to be.
I've been studying information warfare for over six years. I've had articles published in military magazines, I've written reports, I'm even currently writing an article for a government magazine and I've spoken at security conferences, both white- and black-hat. I don't claim to know everything about information warfare, but I'm pretty sure I know a hell of a lot more about it that the guy who wrote that article.
I don't think you've grasped this concept. The CIA is going to be investing (indirectly) in hi-tech companies, not actually starting companies itself. What they want is to form relationships with Silicon Valley, so they can gain access to new technologies.
I'd say it's unlikely that they'll get the companies they invest in to do work directly for the CIA. It's more likely that they'll work out special deals whereby the CIA take the source code, chip designs, blueprints, whitepapers, etc. and hand them over to someone like MITRE, to product the actual stuff that CIA wants.
I'm not sure how the secret service can use a product that is freely available to the entire world. This is a direct contradiction.
No it's not, you twonk. The CIA has two sides - Operations (i.e. gathering the intelligence) and Intelligence (i.e. collating and analysing the information gathered). Intelligence officers use a lot of communications and encryption technology. So do a lot of other people. It's just the application that's different.
The Intelligence Directorate uses computers to store and analyse information. Private companies do the same thing. One of the systems I've set up is a library system which stores and indexes 4 million news stories and up to 70 people can search through the entire 4m. stories via a webpage. You don't think the CIA would have a uses for that sort of technology? You don't think they're interested in the technologies being developed by companies like Inktomi and Verity?
And obviously, the CIA has a long and distinguished track record of sticking to the letter of the law... (-:
Seriously, though, as this involves National Security (tm), the letter of the law doesn't necessarily always apply, but that doesn't make it illegal. As long as the proper procedures are followed and Congressional Oversight is maintained, the CIA is probably going to be allowed to bend the rules slightly, as long as the end justifies the means. And the end has and always will be to protect the United States against nasty foreigners like me, no matter what the paranoid conspiracy theorists say.
Now, there may have been some extortion attempts against banks recently by script-kiddies. During the Secondary DNS Con, civic minded hackers announced that the Scottish National Party's web site had no security. They then gave the web masters 2 weeks to fix it (the idiots applied a single M$ patch), then cracked the system and defaced the home page with some very funny stuff. Obviously the hack was long in the making.
That is a lie.
The individuals who made the announcement and DNSCon had warned both the Scottish Executive and the Post Office well in advance, and did not announce that their websites were vulnerable until after they had received confirmation that their warnings had been received.
The people who "outed" the Scottish Executive did not hack their website.
You don't know what you're talking about, so please refrain from pretending that you do.
I've heard a lot of people dismissing this story as pure fabrication and, whilst I do suspect that Ungoed-Thomas doesn't have a clue about what he's writing about (do a search for "Ungoed" on
NTK for my reasons for thinking this), I'm inclined to suspect that there may be some truth behind the story.
Back in '95 I wrote a couple of articles on on information warfare, battlefield technology, etc. for an international military magazine. In April '96, I was contacted and asked if I could supply an EMP device which could "wipe out all computers within a 100m radius in a built-up area", for a certain amount of money (in excess of $15k).
Obviously, I refused the "commission", and thought no more of it, but several weeks later, the Sunday Times led with this story.
Needless to say, I've kept an open mind about these things since, especially as, since then, I've been asked to do all manner of illegal things, from hacking into the mail servers of competitors, takeover-targets and companies planning IPOs, to monkeywrenching - i.e. causing crashes, glitches and other problems in a company's systems and networks to make them look bad).
The methods of blackmail are very simple as most of the systems run over standard high bandwidth lines. It's a simple enough problem to get into these systems by going through the exchange points rather than walking through the front door of a bank (just like breaking into most company networks is actually much easier to break the PABX system and then jump across into the data stream that contains the network link rather than trying to attack the firewall directly).
That's true enough, and it's also true that companies' phone systems are often a lot less secure that their data networks, but that sort of hacking is quite low-level and requires a level of knowledge which, luckily, isn't as easy to acquire as normal hacking scripts are.
You'd be surprised as just how lax most banks are with thier internal security.
I don't have any experience with banks, but I've been involved in testing the security at other financial institutions, and I've been completely astonished at things like an insurance company with a wide open RAS dialup into their internal network. Senior executives can and do crap themselves when they realise just how vulnerable they are and, perhaps more importantly, that they are legally responsible for the security of their company's information systems and networks and the data (financial and personal) held on them.
Another interesting whole to watch out for in the future will be the increasing use of direct fibre channel connections. Some of the setups that I've seen put the mainframe connection in one site and the drives and backdrives in two separate sites. The drives are hooked up using fibre channel as though they were local hard drives to the machine. If you know what you're doing, getting inside one of these links can be quite easy.
I work with FCAL technology (Sun A5*00 arrays, mostly) and so on and I've heard of these type of set-ups as well. I think that the security of SANs and NAS devices will become an issue over the next couple of years.
Despite repeated demonstrations of how easy some of these systems are to break, the banks just don't seem to be interested in trying to make it more secure. They don't want to spend the extra money because it eats into the profit margin. Security through obscurity seems to be their favourite mantra.
Agreed. There's a huge amount of complacency in the UK regarding computer security. In August, a bunch of guys at DNSCon "outed" a couple of websites which were vulnerable to hackers, including the Scottish Government's site. Unfortunately, although they claimed to have tightened security, the new measures obviously weren't quite secure enough, as they were hacked not long afterwards.
There's a growing feeling in the UK that companies are failing to place enough emphasis on information security, and that a lot of so-called information security consultancies are incompetent. Many of them are formed by IT auditors, who might know how to count computers, but know fuck-all when it comes to effective information security risk management. Even the British Standards Institute's BS7799 standard for information security management is widely acknowledged to be a joke. The majority of systems which are certified as conforming to BS7799 are still vulnerable to attack.
The recent revision of the UK's Data Protection Act has taken a step towards making the directors of companies directly responsible for ensuring that the private information which is held on their companies' information systems, is adequately protected.
However, I feel that it won't be until the shareholders realise that their companies' profits are in danger, because of management incompetence, that we'll see real moves towards implementing effective information security practices.
Let's take a closer look at this idea of it being fair for companies to patent discoveries they make, so that they can recoup their R&D costs.
Let's say Dodger Genetics Corporation is doing gene research. I'm pumping millions of dollars into research labs, paying scientists, etc. Then, one day, my chief scientist comes into my office and tells me that his guys have discovered the gene that causes cancer.
I pat him on the back and get my lawyers working on a patent application, but when I get to the Patent Office, I discover that Monsanto was there that morning, and _they've_ got the patent on that gene.
So, even though I've forked out what was probably a similar amount as Monsanto, in funding the research, etc., I'm left with nothing, and if I want to make use of my company's discovery, I have to pay Monsanto.
How can that be fair?
The real argument is whether a discovery (as opposed to an invention), should be patentable. Einstein discovered that E=mc^2, but should he have been allowed to patent it?
I'm reminded of the novel 'Friday' by Robert A Heinlein. It's set in the near future, and mentions a power storage technology called Bridgestone, which was named after it's inventor. Daniel Bridgestone figured out a way of storing power - a kind of an improved battery, but in the sense that a thermonuclear bomb can be described as an improved firecracker.
In the novel, Daniel Bridgestone never patented his invention. He simply started churning out "Bridgestones", for use in everything from flashlights to houses. Those who tried to reverse-engineer the devices failed, because they ceased to function when disassembled. There were accusations of monopoly, under-hand tactics, etc., but, when it came down to it, Bridgestone had done nothing wrong. He wasn't even being anti-competitive. There was nothing to stop others from doing exactly what he'd done.
Now that strikes me as fair.
Going back to Dodger Genetics Corporation - would it not be fairer if I were granted a joint patent on the gene, along with Monsanto? And, extending that idea, might it not be better, for scientific discoveries of this nature, for joint ownership to be granted to anyone who can prove that they discovered the whatever, independently?
Now, obviously, this doesn't apply to patents granted for ideas or mathematical formulae, but I feel that there is a strong argument for refusing patents on ideas (such as Priceline.com's "name your price" model) and formulae (E=mc^2), because these type of patents ultimately repress innovation, in my opinion. If someone had patented the idea of electronic mail, or hypertext, where would we all be?
Science shouldn't be patentable. It's noone's Intellectual Property. If Governments are worried about lack of innovation, they should establish and fund research labs, and charge companies for being allowed access to the resulting data.
This commercialism of science is rather worrying. Everything is increasingly geared towards making a profit, and the consumers suffer in the long run.
D. ..is for Dastardly.
"Most of the world's motherboards..." -- Bollox
on
Taiwan Earthquake
·
· Score: 1
Jesus, Slashdot is going seriously downhill... I find you Yanks' ignorance farcical. Anyone heard of a small country off the coast of western Europe called Ireland? Well, as well as leprechauns and Guinness, the "Silicon Isle" happens to be the world's second-largest exporter of software, and companies like Microsoft, Compaq/DEC, Intel, Dell and Gateway have R&D, sales, support and manufacturing facilities there. Taiwan... Sheesh...
D. ..stands for Dumb Yanks!
Actually, this situation is more like the grown-up attrition.org being constantly pestered by the juvenile Vranesevich.
I'm just wondering why noone's taken AntiOnline to court yet. Perhaps they're just giving Vranesevich enough rope so they can be sure of stomping him into the ground for once and for all.
Slashdot Mirror
Really? You mean I beat Jon Katz!!! Wow! Cool! :-)
For the record, the number of "I (don't) think"s in there is due to the fact that I wanted to make it very clear that these are my opinions, instead of stating them as fact.
With this article, as in life, YMMV.
D.
Whoahg! Light dawns opn marble head!
I understand dit now!
YEAH!
COOL!
I LOIKE IT!
ok, check 9ut the table bwelow
first columnis the angle of the filter Aloce (foxxy chick thst she is) uses to transmit her hard core pr0n to Bobby.
2nd colum is the filter bobby uses the REceivne the photon. the result comlung is the result - yes means he gets it, no means it's clobked and maybe merans its in a quantum stat like Shcrindongers pussy, baybeeeee...
Trans Rec Result
----- --- ------
0 0 yes
+45 0 maybe
0 +45 maybe
+45 +45 yes
0 90 no
+45 90 maybe
0 -45 maybe
+45 -45 no
so i;m wrpng about the noninvqsive maninthemiddle attak, but not about the full mitm attack1
Coming soon to a website mear ytou: WHEN MEN I~N THE ~MIDDLE ATTACK!~!
Wow.. its amazxingwhat this amoumt of alcogol can fdo for one's emtna;l faculties.
I stillthink it sucks, thiough..
D. is for superca;lifrajizsmbegeckspiladiocious.