1. Set up e-commerce web site with Thawte 'self-verifying' SSL certificate image 2. Advertise site in your slashdot comment using a hostname Thawte doesn't recognize 3. ??? 4. Profit!
Seriously, if you're gonna stick that Thawte logo on the HOME PAGE of your commerce site, either get the cert for your hostname with and without the 'www.' or always advertise your site with the 'www.' Having a big red X with the words "Thawte Invalid Certificate" on your site probably doesn't inspire much confidence in your potential customers.
Why can I use windows networking paths [...] not in cmd.exe?
In point of fact you can. If I say 'copy \\server\share\foo.txt c:\' it will work fine, as long as I'm able to authenticate against that share. Granted, you can't change to a network directory unless you mount it somewhere, but I'm pretty sure that's the case on Mac and Unix as well.
One thing you can do if you really like to change directories to network paths is use pushd instead of cd. pushd supports \\server\share terminology - it will auto-map a drive (as long as you have permissions, of course) and put you there.
It's left as an exercise for the reader to create a command script to automatically substitute pushd for cd when moving to a network share.
You can open the Run box, but you can't get Properties.
Which Properties dialog are you referring to? If you want the System Properties box, it's Win + Break. If you want the properties of the currently selected item (file in Windows Explorer, etc), use Alt + Enter. Or you can use the "context menu" key (typically to the immediate left of the left Ctrl key) + r. If you don't have a Windows keyboard, Shift + F10 is the equivalent of the context menu key.
I would really like MS to bite off things in smaller chunks. I do recognize the fact that every part of the 329MB download is probably necessary but why not roll out in both a large chunk and small chunks to accomidate different enterprise configurations? I like having options on rollout but I constantly find Windows rollouts very lacking.
This is exactly what they do. The large 300+ MB download is designed for network administrators who want to download the whole thing to apply to multiple machines. If you're just going to be updating a single machine, use Windows Update to get SP1. It uses a smart installer to only download the pieces you need (typically one-third to one-half the size of the full update).
Maxthon isn't really a theme on IE. It's a separate 32 bit executable, written to look strikingly similar to IE, that hosts a trident (Internet Explorer) frame to display content. Microsoft wants to protect the Windows/IE brand, which is why theming support is so limited.
For the record, I'm not trying to knock Maxthon, it's my preferred browser of choice at home and at work for over a year, but it's important to understand what it is and isn't.
Any app that seriously wants to have more than a passing glance by Fortune 500 Windows shops needs GPO support. It's not difficult - true support means reading preferences from the registry in a location like HKCU\Software\Vendor\Application\Version\ and policies from a mirror location in HKCU\Software\Policies\Vendor\Application\Version. The application must use the policies if present, but also respect the user preferences if policies are absent.
Then all that's left is to create.adm files that describe the actual registry keys for administrators to import on their servers.
There's nothing magic about GPO. Technically you could test it by manually setting keys in the \Policies tree, no AD environment required, although you would probably want to get some environment testing before blindly releasing.
My point is that even without a law, this behavior is perfectly reasonable and occurred even before this mystery law was put in place. The law isn't what's causing the behavior, so why devote so much effort into reversing it?
The agent misspoke, and there's no law requiring travelers to show ID. It's still perfectly within reason for airlines/airports to request identification for passengers - if only to ensure that the ticket was sold to the same person making use of it. Don't like it? Don't fly. If you want to take a stand on something, why not those ridiculous security stations I'm forced to walk through barefoot?
Not sure why this was modded funny - it's true. From the Windows 2000 EULA (oldest one I have handy):
14. LIMITATION OF LIABILITY AND REMEDIES. Notwithstanding any damages that you might incur for any reason whatsoever (including, without limitation, all damages referenced above and all direct or general damages), the entire liability of Microsoft and any of its suppliers under any provision of this EULA and your exclusive remedy for all of the foregoing (except for any remedy of repair or replacement elected by Microsoft with respect to any breach of the Limited Warranty) shall be limited to the greater of the amount actually paid by you for the Product or U.S.$5.00. The foregoing limitations, exclusions and disclaimers (including Sections 11, 12 and 13 above) shall apply to the maximum extent permitted by applicable law, even if any remedy fails its essential purpose.
Windows XP includes the same clause. The Anti-Spyware EULA differs slightly, because it falls into the class of products that Microsoft does not charge for:
10. LIMITATION ON AND EXCLUSION OF DAMAGES. Microsoft's liability under this agreement is limited. You can recover from Microsoft and its suppliers your direct damages up to U.S. $5.00. You cannot recover any consequential damages, lost profits, special, indirect or incidental damages from Microsoft and its suppliers. This limitation applies to: anything related to the software, services, content (including code) on third party Internet sites, or third party programs, and claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law. It also applies even if Microsoft knew or should have known about the possibility of the damages.
I was the one who pointed out that page. What I don't think you understand is that the longer Longhorn is delayed, the longer Windows XP remains in mainstream support. So even if Longhorn shipped tomorrow, mainstream support for Windows XP would continue through the end of 2007, and extended support through 2012.
But my only issue is with your original statement:
"We're going to see the same thing in a few years...because it too [Windows XP] will be EOL'ed"
The page you point out states that extended support (meaning the product has NOT yet reached end of life) will be available until at least 31 Dec 2011. If by "a few" you meant "more than 7", then your point may be valid, but in general "a few" indicates a quantity closer to 3 or 4.
"...when Microsoft starts refusing to issue activation keys when you reinstall XP because it too will be EOL'ed."
What is your basis for making this sort of statement? When you buy a boxed copy of XP, you're purchasing a perpetual license. As in, it's valid in perpetuity, unless you violate the license terms. Microsoft may be a big bad evil company in your eyes, but they're not going to stop allowing you to use the software you've paid for. We covered that a few posts up. If you're so thoroughly convinced otherwise, would you object to a gentleman's wager on the subject?
The last time Microsoft changed the policy, they increased the support from 7 years to 10 years. They're committed to at least 10 years of support.
Mainstream support ending basically means you don't get free support incidents anymore. You can still pay per incident, and security hotfixes are still released.
Lastly, mainstream support will NOT end next year, 31 Dec 2006 is the very EARLIEST it could have ended. Per the Lifecycle Policy FAQ, "Microsoft will provide mainstream support* for either 5 years after the date of general availability, or for 2 years after the successor product (N+1) is released, whichever is longer." For Windows XP, this means support will end 2 years after Longhorn is released. Current estimates put Longhorn in 2006, which would push mainstream support out to the end of 2008. Extended support will continue for at LEAST 5 years after that, but will be at least 2 years after Longhorn's successor is released. I don't think you need to worry about your support options running out any time soon.
We're going to see the same thing in a few years when Microsoft starts refusing to issue activation keys when you reinstall XP because it too will be EOL'ed.
1) Microsoft has committed to supporting business products like Windows XP Professional for 10 years. Considering Microsoft counts from the end of the year, we've barely started into year 4. You've still got till 31 Dec 2011 before Microsoft can pull out the "not supported" card.
"Microsoft will not use activation as a tool to force people to upgrade. Activation is merely an anti-piracy tool, nothing else.
Microsoft will also support the activation of Windows XP throughout its life and will likely provide an update that turns activation off at the end of the product's lifecycle so users would no longer be required to activate the product."
The Mormon church already takes a huge chunk of his earnings. They made a cool $200,000 from his initial run on the show.
On the contrary, tithing contributions to The Church of Jesus Christ of Latter-day Saints are voluntary donations. A tithe is calculated at the rate of 10% of one's income, but contribution is not required to maintain membership in the church.
The solution on your website [Last-Modified: Sat, 04 Dec 2004 08:52:13 GMT] mislabels move 69 as move 68, and move 72 is noted as 6DR but should be 6DL.
Despite that, the instructions were quite helpful. Thank you.
Before we proceed, let me make the point that I agree with this statement completely. Of course, it could be applied to any corporation as well.
You ever seen a Microsoft donate sums of money and not see it prominently advertised?
That said, this is a pretty feeble argument. Suppose, for a moment, that Microsoft only publicizes 50% of the donations it makes. The other half it funnels down to worthy charities in amounts small enough and/or channels obscure enough that the general public never finds out. Would you know about those? Of course not! Claiming we only know about the publicized donations is akin to claiming a product is secure because we've fixed all the known security holes in it. Well, yes, that may be true, but it doesn't rule out the possibility that there are undiscovered or undisclosed flaws.
Mormon != LDS. The Latter Day Saints split from the Mormon church when polygamy was outlawed (as far as i know).
"Mormon" is the acceptable-but-not-encouraged nickname for members of The Church of Jesus Christ of Latter-day Saints, numbering about 11 million strong. Those who split off a century ago are typically referred to as "fundamentalist Mormon" or members of the The Reorganized Church, and I'd be surprised if there's significantly more than a few thousand of them.
To learn more about The Church, www.mormon.org is a good starting point.
If you go buy a copy of XP at retail right now (at least the OEM copies that I buy) then you get XP w/SP1. If it hasn't already happened, it won't be long before that's XP w/SP2.
It has happened. I was at Fry's the other day and saw all their boxes of XP Pro and Home are the new SP2-style (white folding page in the upper left corner). Royalty OEM's (Dell, HP, etc.) are already required to ship SP2 preinstalled on all machines. Select and other volume license customers have already received SP2-slipstreamed copies. It's shipped out to MSDN customers so developers can start using it. System Builders acquiring OEM licenses from major resellers should for the most part be getting SP2 copies only by now - every geek's favorite online retailer is headlining its software page with SP2 copies of both Home and Pro edition. Any retailers still selling SP1 copies are just trying to deplete their onhand stock - let them know Microsoft has a trade-in program where they can exchange unsold SP1 copies for SP2 boxes. Technet and MSDN subscribers were carpetbombed with not only regular subscription copies of the SP2 patch, but also an extra copy to hand out to friends.
You can fault Microsoft for many things, but not aggressively getting SP2 out there is not one of them.
Wow that article's old - from 1999, when the latest server offering from Microsoft was NT4. The story remains mostly the same for Windows 2000, but in Windows Server 2003 things get complicated quickly.
For Terminal Services running on Windows servers, clients require a separate TS CAL. For NT4 and Windows 2000, this TS CAL requirement is waived if the client OS is of an equal or greater version. For Windows Server 2003, Microsoft discontinued this free TS CAL. A transition plan was made available for all Windows XP licenses owned prior to April 2003 (when Windows Server 2003 was released), granting XP license owners a free TS CAL, but any licenses acquired after that date are not granted the complimentary TS CAL. Part of the reasoning was due to an expansion of TS CAL types - TS CAL's can now be either per-device or per-user (previously only per-device was available).
Terminal Services licensing can be quite tricky, but the best thing to do is keep clear the distinction between normal Windows CAL's (not free; allow authenticated clients to access services like file and print shares) and TS CAL's (used to be free, not anymore; only allow access to Terminal Services).
So, where do you store the pads if you want to keep the encrypted messages??
The same place you keep all your secret keys. Locked up in a secure place. Secrecy requirements for keys are hardly unique to one-time pads.
Thats why I said OTP isn't really secure. (In practice. I know it's secure in theory.)
It's still, when used properly, 100% secure in practice.
Cryptography, when it comes down to it, is simply a matter of exchanging big secrets for smaller ones. The amount of security you desire can be viewed as a trade-off.
One time pads: large key size (equal to the size of the data you wish to protect) but truly impenetrable security. Public/private key-based systems: greatly reduced key size but may be vulnerable to brute force or other forms of analysis.
And if you get arrested, the spooks will find the DVD with the pad(s).
I'm not sure why a one-time pad will be more vulnerable than your private key. Either way, if the spooks get your keys, the jig is up.
(Note: if your counter-argument here is the "size" of the keys relative to the pads, I have a 1 GB flash memory card here roughly the size of a postage stamp. And this is consumer-grade equipment. Governments and multi-national organizations most certainly have access to technology orders of magnitude greater.)
OTP is a LOT less practical for general use than people here seem to think.
I'm not arguing the relative practicality of one-time pads. Yes, it's cumbersome. We all know that. That's why it's only used in situations requiring the utmost security (typically international diplomatic matters, nuclear warfare administration, etc.).
Your earlier statements regarding using "commonly available documents, images, binaries, whatever as the pad" indicate you do not have even the most basic understanding of cryptographic theory. Try chapter 1 of any cryptography text.
Re:Nope, wrong, invalid.. nothing to see here.
on
The End of Encryption?
·
· Score: 2, Interesting
Therefore, OTP isn't really unbreakable either.
On the contrary, a real (see rules below) one-time pad is truly the only unbreakable cryptosystem. Without access to the key, no amount of brute-forcing or analysis will ever recover the plaintext.
OTP could partially be helped by using commonly available documents, images, binaries, whatever as the pad, but then you increase the chances of someone else finding the pad, and you still have to store an index of which document uses which pad somewhere.
People keep suggesting this sort of thing - eliminate the cumbersome difficulties of a genuine one-time pad by using some sort of public data. Dictionaries, encyclopedias, or virtually any other store of information are NOT suitable for use as one-time pads. Using non-random data for your pad destroys the inherent security of the one-time pad. There is no shortcut.
Rules of one-time pads: 1) Data MUST be completely random. Pseudo-random does not count. "Looks random to me" does not count. "Comes from a much larger set of data" (a la phone book, etc) does not count. How to generate this random data is left as an exercise to the reader. 2) Data must NEVER be reused. Not to the same recipient, not on the same message, not when you run out of pads. 3) Data must only be known to those who can be trusted with the plaintext of the message (duh!).
Re:Nope, wrong, invalid.. nothing to see here.
on
The End of Encryption?
·
· Score: 2, Informative
There's nothing stopping one from sending more than one "one time pad" through that initial secure channel... Or for that matter, an agreement to use the King James Bible as a pad, starting at Exodus 9:3
Bzzzzzt. Wrong answer. The security of a one-time pad lies in the fact that the pad contains truly random data and that the pad is only used once. Pseudo-random number generators, or, worse, English text can NOT substitute for real random data. Read the first chapter of any cryptography text for more details. (Personally I recommend Schneier.)
Your digital cable probably comes to your TV via a leased (cable company-owned) set-top box. The point of the box is to decrypt the premium channels, and there's nothing that Media Center can do about it. Here's how a MCE box normally works. You feed coax cable from the wall to the set-top box. The box decrypts the feed, and you connect another coax cable from the set-top box to a tuner card installed in the MCE PC. At this point the MCE PC is functioning as your TV. You would then use a MCE remote pointed at a small USB receiver to control the MCE interface and change channels. To enable the MCE PC to change channels on the cable box, you connect a small IR emitter from the aforementioned USB IR receiver to your set-top box's front panel, directly in front of its remote sensor. The MCE PC will then "relay" commands to the set-top box as needed.
Tivo is a subscription service, you'll have to pay to use their guide data either monthly or a large lifetime fee. MCE PC's get guide data for free.
MCE 2004 (currently only available purchased with a new machine from the likes of Dell or HP) allows you to watch DVD's, display pictures and slideshows, play and visualize music, listen to radio, and watch and record TV (1 tuner maximum).
MCE 2005 (available later this year from large OEM's and local 'white box' dealers alike) does all of the above, and adds support for dual (that's two ONLY) tuners. You can reportedly watch HDTV but only if your signal is over-the-air. Also, you'll be able to do all your media tasks on other TV's around the house by purchasing MCE extender devices.
I'm not sure about the integrated DVD-burning capabilities of MCE, but perhaps someone else can comment on that. I doubt I'd use it myself; I would use real video editing software to strip commercials and then pack as much content as possible on each DVD.
Or perhaps you'd like to nuke all the games at once? You could of course run the Uninstall section for each game. But since we're so fixed on the "one command" notion, we'll need a file c:\nogames.txt with the following contents (disregard the spaces added by slashcode):
Slashdot Mirror
We http://theboyz.biz/ don't sell much Garmin...
1. Set up e-commerce web site with Thawte 'self-verifying' SSL certificate image
2. Advertise site in your slashdot comment using a hostname Thawte doesn't recognize
3. ???
4. Profit!
Seriously, if you're gonna stick that Thawte logo on the HOME PAGE of your commerce site, either get the cert for your hostname with and without the 'www.' or always advertise your site with the 'www.' Having a big red X with the words "Thawte Invalid Certificate" on your site probably doesn't inspire much confidence in your potential customers.
Why can I use windows networking paths [...] not in cmd.exe?
In point of fact you can. If I say 'copy \\server\share\foo.txt c:\' it will work fine, as long as I'm able to authenticate against that share. Granted, you can't change to a network directory unless you mount it somewhere, but I'm pretty sure that's the case on Mac and Unix as well.
One thing you can do if you really like to change directories to network paths is use pushd instead of cd. pushd supports \\server\share terminology - it will auto-map a drive (as long as you have permissions, of course) and put you there.
It's left as an exercise for the reader to create a command script to automatically substitute pushd for cd when moving to a network share.
You can open the Run box, but you can't get Properties.
Which Properties dialog are you referring to? If you want the System Properties box, it's Win + Break. If you want the properties of the currently selected item (file in Windows Explorer, etc), use Alt + Enter. Or you can use the "context menu" key (typically to the immediate left of the left Ctrl key) + r. If you don't have a Windows keyboard, Shift + F10 is the equivalent of the context menu key.
I would really like MS to bite off things in smaller chunks. I do recognize the fact that every part of the 329MB download is probably necessary but why not roll out in both a large chunk and small chunks to accomidate different enterprise configurations? I like having options on rollout but I constantly find Windows rollouts very lacking.
This is exactly what they do. The large 300+ MB download is designed for network administrators who want to download the whole thing to apply to multiple machines. If you're just going to be updating a single machine, use Windows Update to get SP1. It uses a smart installer to only download the pieces you need (typically one-third to one-half the size of the full update).
Maxthon isn't really a theme on IE. It's a separate 32 bit executable, written to look strikingly similar to IE, that hosts a trident (Internet Explorer) frame to display content. Microsoft wants to protect the Windows/IE brand, which is why theming support is so limited.
For the record, I'm not trying to knock Maxthon, it's my preferred browser of choice at home and at work for over a year, but it's important to understand what it is and isn't.
Any app that seriously wants to have more than a passing glance by Fortune 500 Windows shops needs GPO support. It's not difficult - true support means reading preferences from the registry in a location like HKCU\Software\Vendor\Application\Version\ and policies from a mirror location in HKCU\Software\Policies\Vendor\Application\Version. The application must use the policies if present, but also respect the user preferences if policies are absent.
.adm files that describe the actual registry keys for administrators to import on their servers.
Then all that's left is to create
There's nothing magic about GPO. Technically you could test it by manually setting keys in the \Policies tree, no AD environment required, although you would probably want to get some environment testing before blindly releasing.
By seperating the prefs from the card, you can update the card without losing the prefs.
(Slashbots: Notice that the word is losing, not loosing!)
(Notice that the word is separating, not seperating!)
Sorry, couldn't resist, seperate is my peeve.
My point is that even without a law, this behavior is perfectly reasonable and occurred even before this mystery law was put in place. The law isn't what's causing the behavior, so why devote so much effort into reversing it?
The agent misspoke, and there's no law requiring travelers to show ID. It's still perfectly within reason for airlines/airports to request identification for passengers - if only to ensure that the ticket was sold to the same person making use of it. Don't like it? Don't fly. If you want to take a stand on something, why not those ridiculous security stations I'm forced to walk through barefoot?
Not sure why this was modded funny - it's true. From the Windows 2000 EULA (oldest one I have handy):
14. LIMITATION OF LIABILITY AND REMEDIES.
Notwithstanding any damages that you might incur for any
reason whatsoever (including, without limitation, all
damages referenced above and all direct or general damages),
the entire liability of Microsoft and any of its suppliers
under any provision of this EULA and your exclusive remedy
for all of the foregoing (except for any remedy of repair or
replacement elected by Microsoft with respect to any breach
of the Limited Warranty) shall be limited to the greater of
the amount actually paid by you for the Product or
U.S.$5.00. The foregoing limitations, exclusions and
disclaimers (including Sections 11, 12 and 13 above) shall
apply to the maximum extent permitted by applicable law,
even if any remedy fails its essential purpose.
Windows XP includes the same clause. The Anti-Spyware EULA differs slightly, because it falls into the class of products that Microsoft does not charge for:
10. LIMITATION ON AND EXCLUSION OF DAMAGES. Microsoft's liability under this agreement is limited. You can recover from Microsoft and its suppliers your direct damages up to U.S. $5.00. You cannot recover any consequential damages, lost profits, special, indirect or incidental damages from Microsoft and its suppliers. This limitation applies to:
anything related to the software, services, content (including code) on third party Internet sites, or third party programs, and
claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages.
"the end date is from Microsoft's site, not some factoid pulled out of the air (unlike longhorn)
http://support.microsoft.com/gp/lifewin"
I was the one who pointed out that page. What I don't think you understand is that the longer Longhorn is delayed, the longer Windows XP remains in mainstream support. So even if Longhorn shipped tomorrow, mainstream support for Windows XP would continue through the end of 2007, and extended support through 2012.
But my only issue is with your original statement:
"We're going to see the same thing in a few years...because it too [Windows XP] will be EOL'ed"
The page you point out states that extended support (meaning the product has NOT yet reached end of life) will be available until at least 31 Dec 2011. If by "a few" you meant "more than 7", then your point may be valid, but in general "a few" indicates a quantity closer to 3 or 4.
"...when Microsoft starts refusing to issue activation keys when you reinstall XP because it too will be EOL'ed."
What is your basis for making this sort of statement? When you buy a boxed copy of XP, you're purchasing a perpetual license. As in, it's valid in perpetuity, unless you violate the license terms. Microsoft may be a big bad evil company in your eyes, but they're not going to stop allowing you to use the software you've paid for. We covered that a few posts up. If you're so thoroughly convinced otherwise, would you object to a gentleman's wager on the subject?
The last time Microsoft changed the policy, they increased the support from 7 years to 10 years. They're committed to at least 10 years of support.
Mainstream support ending basically means you don't get free support incidents anymore. You can still pay per incident, and security hotfixes are still released.
Lastly, mainstream support will NOT end next year, 31 Dec 2006 is the very EARLIEST it could have ended. Per the Lifecycle Policy FAQ, "Microsoft will provide mainstream support* for either 5 years after the date of general availability, or for 2 years after the successor product (N+1) is released, whichever is longer." For Windows XP, this means support will end 2 years after Longhorn is released. Current estimates put Longhorn in 2006, which would push mainstream support out to the end of 2008. Extended support will continue for at LEAST 5 years after that, but will be at least 2 years after Longhorn's successor is released. I don't think you need to worry about your support options running out any time soon.
1) Microsoft has committed to supporting business products like Windows XP Professional for 10 years. Considering Microsoft counts from the end of the year, we've barely started into year 4. You've still got till 31 Dec 2011 before Microsoft can pull out the "not supported" card.
2) As clearly stated in the activation FAQ:
The Mormon church already takes a huge chunk of his earnings. They made a cool $200,000 from his initial run on the show.
On the contrary, tithing contributions to The Church of Jesus Christ of Latter-day Saints are voluntary donations. A tithe is calculated at the rate of 10% of one's income, but contribution is not required to maintain membership in the church.
The solution on your website [Last-Modified: Sat, 04 Dec 2004 08:52:13 GMT] mislabels move 69 as move 68, and move 72 is noted as 6DR but should be 6DL.
Despite that, the instructions were quite helpful. Thank you.
They don't do things for altruistic purposes.
Before we proceed, let me make the point that I agree with this statement completely. Of course, it could be applied to any corporation as well.
You ever seen a Microsoft donate sums of money and not see it prominently advertised?
That said, this is a pretty feeble argument. Suppose, for a moment, that Microsoft only publicizes 50% of the donations it makes. The other half it funnels down to worthy charities in amounts small enough and/or channels obscure enough that the general public never finds out. Would you know about those? Of course not! Claiming we only know about the publicized donations is akin to claiming a product is secure because we've fixed all the known security holes in it. Well, yes, that may be true, but it doesn't rule out the possibility that there are undiscovered or undisclosed flaws.
Mormon != LDS. The Latter Day Saints split from the Mormon church when polygamy was outlawed (as far as i know).
"Mormon" is the acceptable-but-not-encouraged nickname for members of The Church of Jesus Christ of Latter-day Saints, numbering about 11 million strong. Those who split off a century ago are typically referred to as "fundamentalist Mormon" or members of the The Reorganized Church, and I'd be surprised if there's significantly more than a few thousand of them.
To learn more about The Church, www.mormon.org is a good starting point.
If you go buy a copy of XP at retail right now (at least the OEM copies that I buy) then you get XP w/SP1. If it hasn't already happened, it won't be long before that's XP w/SP2.
It has happened. I was at Fry's the other day and saw all their boxes of XP Pro and Home are the new SP2-style (white folding page in the upper left corner). Royalty OEM's (Dell, HP, etc.) are already required to ship SP2 preinstalled on all machines. Select and other volume license customers have already received SP2-slipstreamed copies. It's shipped out to MSDN customers so developers can start using it. System Builders acquiring OEM licenses from major resellers should for the most part be getting SP2 copies only by now - every geek's favorite online retailer is headlining its software page with SP2 copies of both Home and Pro edition. Any retailers still selling SP1 copies are just trying to deplete their onhand stock - let them know Microsoft has a trade-in program where they can exchange unsold SP1 copies for SP2 boxes. Technet and MSDN subscribers were carpetbombed with not only regular subscription copies of the SP2 patch, but also an extra copy to hand out to friends.
You can fault Microsoft for many things, but not aggressively getting SP2 out there is not one of them.
Wow that article's old - from 1999, when the latest server offering from Microsoft was NT4. The story remains mostly the same for Windows 2000, but in Windows Server 2003 things get complicated quickly.
For Terminal Services running on Windows servers, clients require a separate TS CAL. For NT4 and Windows 2000, this TS CAL requirement is waived if the client OS is of an equal or greater version. For Windows Server 2003, Microsoft discontinued this free TS CAL. A transition plan was made available for all Windows XP licenses owned prior to April 2003 (when Windows Server 2003 was released), granting XP license owners a free TS CAL, but any licenses acquired after that date are not granted the complimentary TS CAL. Part of the reasoning was due to an expansion of TS CAL types - TS CAL's can now be either per-device or per-user (previously only per-device was available).
Terminal Services licensing can be quite tricky, but the best thing to do is keep clear the distinction between normal Windows CAL's (not free; allow authenticated clients to access services like file and print shares) and TS CAL's (used to be free, not anymore; only allow access to Terminal Services).
So, where do you store the pads if you want to keep the encrypted messages??
The same place you keep all your secret keys. Locked up in a secure place. Secrecy requirements for keys are hardly unique to one-time pads.
Thats why I said OTP isn't really secure. (In practice. I know it's secure in theory.)
It's still, when used properly, 100% secure in practice.
Cryptography, when it comes down to it, is simply a matter of exchanging big secrets for smaller ones. The amount of security you desire can be viewed as a trade-off.
One time pads: large key size (equal to the size of the data you wish to protect) but truly impenetrable security.
Public/private key-based systems: greatly reduced key size but may be vulnerable to brute force or other forms of analysis.
And if you get arrested, the spooks will find the DVD with the pad(s).
I'm not sure why a one-time pad will be more vulnerable than your private key. Either way, if the spooks get your keys, the jig is up.
(Note: if your counter-argument here is the "size" of the keys relative to the pads, I have a 1 GB flash memory card here roughly the size of a postage stamp. And this is consumer-grade equipment. Governments and multi-national organizations most certainly have access to technology orders of magnitude greater.)
OTP is a LOT less practical for general use than people here seem to think.
I'm not arguing the relative practicality of one-time pads. Yes, it's cumbersome. We all know that. That's why it's only used in situations requiring the utmost security (typically international diplomatic matters, nuclear warfare administration, etc.).
Your earlier statements regarding using "commonly available documents, images, binaries, whatever as the pad" indicate you do not have even the most basic understanding of cryptographic theory. Try chapter 1 of any cryptography text.
Therefore, OTP isn't really unbreakable either.
On the contrary, a real (see rules below) one-time pad is truly the only unbreakable cryptosystem. Without access to the key, no amount of brute-forcing or analysis will ever recover the plaintext.
OTP could partially be helped by using commonly available documents, images, binaries, whatever as the pad, but then you increase the chances of someone else finding the pad, and you still have to store an index of which document uses which pad somewhere.
People keep suggesting this sort of thing - eliminate the cumbersome difficulties of a genuine one-time pad by using some sort of public data. Dictionaries, encyclopedias, or virtually any other store of information are NOT suitable for use as one-time pads. Using non-random data for your pad destroys the inherent security of the one-time pad. There is no shortcut.
Rules of one-time pads:
1) Data MUST be completely random. Pseudo-random does not count. "Looks random to me" does not count. "Comes from a much larger set of data" (a la phone book, etc) does not count. How to generate this random data is left as an exercise to the reader.
2) Data must NEVER be reused. Not to the same recipient, not on the same message, not when you run out of pads.
3) Data must only be known to those who can be trusted with the plaintext of the message (duh!).
There's nothing stopping one from sending more than one "one time pad" through that initial secure channel ... Or for that matter, an agreement to use the King James Bible as a pad, starting at Exodus 9:3
Bzzzzzt. Wrong answer. The security of a one-time pad lies in the fact that the pad contains truly random data and that the pad is only used once. Pseudo-random number generators, or, worse, English text can NOT substitute for real random data. Read the first chapter of any cryptography text for more details. (Personally I recommend Schneier.)
Your digital cable probably comes to your TV via a leased (cable company-owned) set-top box. The point of the box is to decrypt the premium channels, and there's nothing that Media Center can do about it. Here's how a MCE box normally works. You feed coax cable from the wall to the set-top box. The box decrypts the feed, and you connect another coax cable from the set-top box to a tuner card installed in the MCE PC. At this point the MCE PC is functioning as your TV. You would then use a MCE remote pointed at a small USB receiver to control the MCE interface and change channels. To enable the MCE PC to change channels on the cable box, you connect a small IR emitter from the aforementioned USB IR receiver to your set-top box's front panel, directly in front of its remote sensor. The MCE PC will then "relay" commands to the set-top box as needed.
Tivo is a subscription service, you'll have to pay to use their guide data either monthly or a large lifetime fee. MCE PC's get guide data for free.
MCE 2004 (currently only available purchased with a new machine from the likes of Dell or HP) allows you to watch DVD's, display pictures and slideshows, play and visualize music, listen to radio, and watch and record TV (1 tuner maximum).
MCE 2005 (available later this year from large OEM's and local 'white box' dealers alike) does all of the above, and adds support for dual (that's two ONLY) tuners. You can reportedly watch HDTV but only if your signal is over-the-air. Also, you'll be able to do all your media tasks on other TV's around the house by purchasing MCE extender devices.
I'm not sure about the integrated DVD-burning capabilities of MCE, but perhaps someone else can comment on that. I doubt I'd use it myself; I would use real video editing software to strip commercials and then pack as much content as possible on each DVD.
You want one command? Done. Run this as a local admin:Or perhaps you'd like to nuke all the games at once? You could of course run the Uninstall section for each game. But since we're so fixed on the "one command" notion, we'll need a file c:\nogames.txt with the following contents (disregard the spaces added by slashcode):Once we have that, run this command to blow away all the games at once. (Add
Just because YOU don't know how to administer a Windows network doesn't mean it's not possible.
I believe "thw" word you were straining for was "the."
And your periods and commas belong inside the quotation marks.