I ran across some music I was looking for behind a "warning, dangerous and offensive" material warning a few weeks ago.
I was looking for a Ukrainian nationalist song - my translation is 'Kalina in the Valley' from one of the historical Ukrainian nationalist groups. Yes, the song was sung by a group that collaborated with the Germans in WW2. And singing or humming it during the Soviet era would get you a one-way ticked to Siberia. Doing so now in Russia would result in the same fate.
There may be a broad brush here. Simply banning material does not address the issues.
I have been expecting this for a while. The real question I have had is how they would implement the feedback weights. You can do it with switches and a bank or resistors, but a memristor as a feedback element would be much more efficient - and should be far denser.
Actually, the plug-in hybrids aren't likely to age out so fast. I had to replace my old Forrester. I got a Prius Prime, which gets > 25 miles on electric, handling most of my commuting. It then gets over 50 mpg on gas, making it well suited to long range driving - I will do well over 1000 miles a day when on the road. I bought it, not leased it. I figure in another 4 years I will replace my wife's Corolla with an all electric self-driving vehicle, as she is directionally challenged.
I have been using Brother workgroup printers for years. I will go long times without printing, and then print 60 page double sided docs. The printers are relatively cheap - and fast. And they are cheap to run. My current version eats full reams of paper. Even the Brother cartridges work out to about $.01 per side of print, and the no-name cartridges are far cheaper.
I have seen the mess of cables necessary to support electric trolleys in Seattle and elsewhere. With batteries, you could reduce the overhead wiring to straight streets and above bus stops,where it is cheap to install and power, allowing charging during normal operation. At stops, the bus stops for a while to take on and let off passengers, and buses have stops for a few minutes at the beginning and end of routs at terminals to allow the drivers to get up and use the facilities. All are good opportunities for high rate charging.
Systems submitted for evaluation under TCSEC B2 and better had to be designed for security - layering, TCB minimization,... were all mandated in addition to support for trusted MAC functionality. When I am designing for "SECURITY" I want to simplify the critical protocols so that they can be described by a state machine and then implement them in silicon.
I don't know. I am not involved with this. Clearly, the Air Force, or other customer can define what security policy they want to apply and have their systems configured to it.
I am a security program manager at Microsoft. The article gets much of it wrong. The Air Force wanted the machines preconfigured to a secure configuration so that they did not have to do this configuration. Such configurations are not distributed to the general public because of the impact on generalized consumer useability. Microsoft always publishes a security guide which provides guidance on configuring systems for different threat environments. For example in the Windows Vista Security Guide, Chapter 5 is titled "Specialized Security - Limited Functionality". Such security guides exist for NT on.
Users are free to configure their systems for higher security. Note that doing so may limit functionality you are used to. For example, you can configure your system so that all users run as normal users (no administrative functionality). Running users as normal users is part of all security guidance. Not all XP software will run if you do this. You can set IE to high security mode by default and disable Flash, etc. Doing so breaks much of the web but is more secure. You can get security, but it will impact your user experience.
It is easier to secure Vista and 2K8 server systems.
While the near-shore environment is reasonably suited to cables, the cost of long distance power transmission in the deep ocean environment may be problematic. This suggests that the power be stored into some transmissible fuel that can be picked up intermittently. One possibility would be Ammonia, NH3, which could be made by electrolysis of water to get the Hydrogen and nitrogen from the atmosphere. The heat of formation of NH3 is ~ 10% of the available energy in the Hydrogen (liquefying Hydrogen requires ~ 30%). Anhydrous ammonia is easily handled at moderate pressures in steel vessels, has a higher volumetric density than liquid Hydrogen, could be easily handled by tankers, and the Hydrogen can be easily released at moderate temperatures by catalytic reforming. Spills of NH3 are limited by its high solubility in water and lack of persistence - plants metabolize it rapidly.
The theory is quite strong in this case. As for the virtual electron and positron meeting and anhilating each other, that is what they do all the time all over the universe - look up a good introduction to quantum field theory, which is very well supported by experimental tests.
We have no evidence for black holes of less than multiples of the sun's mass and to the best of my knowledge, no evidence of black holes of masses on the order of many billions of solar masses. The rest is speculation, but not unreasonable.
There was a very interesting paper at the LANL archives last year on the energy release from small black holes on planetary bodies due to eddington-limited accretion. The impact would be correspondingly greater and more observable in white dwarfs and neutron stars.
Small black holes are far less dangerous than made out to be. I wouldn't like to be very near one due to its Hawking radiation (virtual photon creation near the event horizon where one of the virtual photons is absorbed and the other turns real as it escapes), but the fear mongers of black holes forget the limiting factor. Matter falling into a black hole is compressed and gets hot. The hot matter radiates light / gamma rays. While in some cases this radiation might be captured as well, it is far more likely that the radiation pressure will limit the rate of matter absorption by the black hole. The radiation pressure effect is known as the Eddinton effect and is a major factor in stellar stability. In the case of a small black hole, the size of the black hole is far smaller than the absorption length of gamma rays, preventing advection of the gammas. Since a non-rotating black hole is likely to convert on the order of 1% of the absorbed mass into gamma radiation, such a source would be more than capable of creating a near vacuum of hot matter about itself.
If such stable black holes were creatable / existed, we should see rather remarkable things with old white dwarfs and neutron stars, which would be greatly affected by such energy sources.
Strong passwords / keys for WPA is not much of a burden. You only have to enter the damm things once. I use a random 32 character hex string as my key. I wrote it down and stored it in a known location. I also have it stored in an old USB drive in a text file. I have to enter it far more than most people, as I dogfood WIndows releases, flattening my notebook each time. Thus I have to reinitialize it for my home WPA network each time I rebuild it. I am not worrying about brute force attacks against 128 bit key values.
Actually, it is rather more like the Zotob vuln than the Blaster vuln. It is a crit on earlier systems, but requires authenticated privledges on Vista and 2K8 server due to the implementation of the integrity level defenses in Vista and 2K8. That said, the potential for damage with this vulnerability is high and there were reports of attacks in the wild. Thus, Microsoft released out of the standard release cycle.
The "low degree" here may be a bit higher than most readers suspect. The abstract I have for the talk is:
ABSTRACT:
In this talk I will describe a new algebraic attack which is very powerful and very general. It can solve large systems of low degree polynomial equations with surprisingly low complexity. For example, solving dense random-looking equations of degree 16 in several thousand variables over GF(2) (which correspond to many types of LFSR-based stream ciphers) can now be practically done in less than 2^{32} complexity by the new technique.
That said, the algebraic degree associated with modern block codes is far beyond this. The possible uility of such approaches in reducing the complexity of collision generation in hashes is yet undetermined.
I would be rather cautious about simply trying to implement and support HTML5, which is no standardized yet. I attended BlackHat ~ 2 weeks ago and Stamos's talk "Living in the RIA World" had some interesting things to say about HTML5 in its current state. If you wait ~ 6 months, BlackHat will allow viewing. My notes concerning HTML 5 follow.
HTML 5: have DOM storage (session and local) and database storage. These should all be SameOrigin. Meant to block userâ(TM)s deleting of tracking cookies. Use of database storage, there can be SQL injection against the local database. Some browsers support GlobalStorage that donâ(TM)t have SameOrigin control. Lots of new attack surface in FF3. Websites can be protocol handlers (support spyware!!). Installation of protocol handler is one click. WebKit is a big supporter of HTML5 and supports these issues.
HTML5 has limited storage (~ 15 Mbytes total) allowing easy exhaustion attacks and there is no UI to manage this. DOS is easy. Can easily plant arbitrary evidence on a system. HTML 5: Security âoeneed to write this sectionâ.
We now have web developers making desktop apps without any security or privacy expertise. The Web is becoming more heterogeneous and far far more dangerous.
The high security settings are there to protect the system if some fool of an administrator browses to a malware site from a domain controller. While this is clearly a terminal offense, Microsoft doesn't want the organization to go down. Hence the protective settings.
I have been using server 2K8 on all my work systems (including my notebook) ever since Vista Beta 1. It has always been stable. On one of the systems I have installed the desktop experience pack because I need it to access the internal video feeds that are used for meetings. Otherwise, I run server without the experience pack.
Since I have IE locked down so that it doesn't run jscript and it won't download pdf's from my journals, I use firefox with NoScript installed to download them. With IE locked down as my default browser, hitting a link inadvertently will bring up my safe browser.
I run as a normal user and use the local machine administrator account for system management. I have to do a full elevation to do a management function, not a simple UAC prompt.
I have been told that a number of customers under enterprise licensing use Server 2K8 as secure managed desktops.
From what I see, the education requirements are highly variable. The schools were not demanding in Salinas. In the Seattle suburbs where I live, they seem to be quite good. I think my daughter's math education (she is in 5th grade) is at least equal to mine. She is in the middle college track and will be taking calculus in high school (which I did as well). If she qualifies for classes that the school doesn't have, she can take them at the local community college. I doubt that she will have the separate courses on trig and analytic geometry that I had.
It is not MS forcing the vendors to produce more cycle and memory intensive systems, but the vendors trying to sell new HW to people who already have existing systems looking to MS to provide some set of features that can provide a marketing justification for "upgrading" your system. To the extent that users are content with basic functionality, even 10 year old systems are quite functional.
The ISV's are still going to want to sell users new systems, regardless of the choice of OS. I expect that they will find the open source community to be much less supportive of their ambitions that it appears MS has been.
I found my old Dell Win ME system (1.7 P4), which I had upgraded to XP 3 years ago, could be upgraded to be able to run Vista Home Basic for ~$50 in parts (no Vista drivers for the old parts). Performance is more than acceptable, but I am not doing video transcoding on it and I am not a gamer.
Technical defenses will not protect against wetware vulnerabilities. As long as people click on things and say install that new thing, you are going to have system malware installs.
While I strongly disagree with the court's opinion, I believe Bruce's approach to be the wisest. I do not own a personal notebook, but I do haul a notebook PC around that was issued me by Microsoft, where I work. When I cross the border for business, I take the notebook, but it does not have any work files on it at that time. I always clean it thoroughly. And not just for customs. When I do these trips, it is for security conferences, and I do not need my PC to be stolen and have attacker's scrutinizing my work files and tools.
As for customs, if they have me boot the system, they will not take long to find a directory, helpfully named "images". When they look in it, they will find a very large collection of high resolution astrophotographs. Some approaching 100 MBytes in size. They are welcome to make copies. After all, the government funded the acquisition of the images.
I hope that this unreasonable approach is rapidly dropped.
If you need access to information that you don't want people accessing, store it on a server in a trusted location / jurisdiction and get at it over an SSL / VPN / IpSec channel.
No you are are not a tech dropout, at least I don't see you as one. But then again, I may viewed as one as well. When I was doing startups we would use IM to send messages to one another while engaging in conference calls, as it gave us a second channel to make sure that critical points were adequately covered.
That is the only situation I have used IM in. Otherwise, I do not install the client if I can avoid it. Never log in if the client is installed, and never respond to invitations. In general, e-mail is responsive enough and I want the time to respond thoughtfully and accurately. You never know when an e-mail is going to surface much later and somebody is going to ask you how you came to be such an idiot.
Outlook does a good job with voice mail now as well. So at my convenience I can check my voice mail.
I also don't have a web page, nor do I maintain public pages advertising my interests, status, etc. A web search on my name will return hits to published articles (all technical). My family knows what I do and what my interests are. I don't need to advertise / promote myself to the outside world.
It was obvious more than 20 years ago that terrorist organizations were notable for their lack of strategic as well as technical competence. Mind you, this is rather common among the various groups that consider themselves to be social, religious, and political leaders. Legitimate organizations can hire the technical expertise that they need, and find scientists and engineers to be invaluable in accomplishing various objectives - the scientists are needed if you need to develop new technologies to accomplish your objectives.
As an undergraduate physics student in the late 60's I made a number of comments about the total incompetence of the various radical groups. When one radical tried to get me to provide guidance for one of the groups (I still don't know if he actually had the contact) I replied that if I wanted to get into that business, I would go to work for the feds and that the group in question would either get arrested or blow themselves up, both logical and deserved consequences of their stupidity. They did. And they didn't even take out any innocent bystanders.
If you are scared of change, you are not going to like dealing with engineers and scientists. They enable it. Build it up, tear it down, secure it, penetrate it. Engineering can do both good and bad. So can science. Different organizations may have different definitions of good and bad.
From the reference point of the earth, a space elevator will stay above its base on earth, co-rotating with it and vibrating somewhat(we hope). The problem is that satellites orbit the earth and gradually sweep across all earth spots allowed by their inclination (in general). Thus, given long enough, satellites (other than geo-sync ones) may cross the elevator.
A practical elevator is going to need a lot of armor to protect it from debris for a considerable portion of the low earth orbital space.
Cosmic rays have far far higher energies than any issue that will ever come out of a man-made accelerator. The intensities are far lower, but the energies are far higher.
Microsoft does make digital appliances. Look at Server 2003 and even more so, Server 2008. With Server 2008, you can install the core functionality (without a GUI) and then install your server role to enable a headless server. If you find the GUI useful, you install the standard server functionality and then install the roles and features that you want. I run standard server on my desktop with the search indexer (from the file server role) and the wireless feature installed. It runs fast, stable, and does what I need.
I know nothing about any plan to implement the consumer componentization that is being discussed here. I wish we would componetize the client the way we have the server and then add a wizard to appropriately configure the system with reasonable defaults.
I would note the interesting observation that if MS ships a unified SKU, it is criticized for its lack of componentization. If people think that MS is going to componentize, MS is criticized for not shipping everything and planning on per-feature charging. Clearly, for many in this crowd, whatever MS does is wrong - by definition.
Slashdot Mirror
I ran across some music I was looking for behind a "warning, dangerous and offensive" material warning a few weeks ago. I was looking for a Ukrainian nationalist song - my translation is 'Kalina in the Valley' from one of the historical Ukrainian nationalist groups. Yes, the song was sung by a group that collaborated with the Germans in WW2. And singing or humming it during the Soviet era would get you a one-way ticked to Siberia. Doing so now in Russia would result in the same fate. There may be a broad brush here. Simply banning material does not address the issues.
I have been expecting this for a while. The real question I have had is how they would implement the feedback weights. You can do it with switches and a bank or resistors, but a memristor as a feedback element would be much more efficient - and should be far denser.
Actually, the plug-in hybrids aren't likely to age out so fast. I had to replace my old Forrester. I got a Prius Prime, which gets > 25 miles on electric, handling most of my commuting. It then gets over 50 mpg on gas, making it well suited to long range driving - I will do well over 1000 miles a day when on the road. I bought it, not leased it. I figure in another 4 years I will replace my wife's Corolla with an all electric self-driving vehicle, as she is directionally challenged.
I have been using Brother workgroup printers for years. I will go long times without printing, and then print 60 page double sided docs. The printers are relatively cheap - and fast. And they are cheap to run. My current version eats full reams of paper. Even the Brother cartridges work out to about $.01 per side of print, and the no-name cartridges are far cheaper.
I have seen the mess of cables necessary to support electric trolleys in Seattle and elsewhere. With batteries, you could reduce the overhead wiring to straight streets and above bus stops,where it is cheap to install and power, allowing charging during normal operation. At stops, the bus stops for a while to take on and let off passengers, and buses have stops for a few minutes at the beginning and end of routs at terminals to allow the drivers to get up and use the facilities. All are good opportunities for high rate charging.
Systems submitted for evaluation under TCSEC B2 and better had to be designed for security - layering, TCB minimization, ... were all mandated in addition to support for trusted MAC functionality. When I am designing for "SECURITY" I want to simplify the critical protocols so that they can be described by a state machine and then implement them in silicon.
I don't know. I am not involved with this. Clearly, the Air Force, or other customer can define what security policy they want to apply and have their systems configured to it.
Users are free to configure their systems for higher security. Note that doing so may limit functionality you are used to. For example, you can configure your system so that all users run as normal users (no administrative functionality). Running users as normal users is part of all security guidance. Not all XP software will run if you do this. You can set IE to high security mode by default and disable Flash, etc. Doing so breaks much of the web but is more secure. You can get security, but it will impact your user experience.
It is easier to secure Vista and 2K8 server systems.
While the near-shore environment is reasonably suited to cables, the cost of long distance power transmission in the deep ocean environment may be problematic. This suggests that the power be stored into some transmissible fuel that can be picked up intermittently. One possibility would be Ammonia, NH3, which could be made by electrolysis of water to get the Hydrogen and nitrogen from the atmosphere. The heat of formation of NH3 is ~ 10% of the available energy in the Hydrogen (liquefying Hydrogen requires ~ 30%). Anhydrous ammonia is easily handled at moderate pressures in steel vessels, has a higher volumetric density than liquid Hydrogen, could be easily handled by tankers, and the Hydrogen can be easily released at moderate temperatures by catalytic reforming. Spills of NH3 are limited by its high solubility in water and lack of persistence - plants metabolize it rapidly.
We have no evidence for black holes of less than multiples of the sun's mass and to the best of my knowledge, no evidence of black holes of masses on the order of many billions of solar masses. The rest is speculation, but not unreasonable.
There was a very interesting paper at the LANL archives last year on the energy release from small black holes on planetary bodies due to eddington-limited accretion. The impact would be correspondingly greater and more observable in white dwarfs and neutron stars.
If such stable black holes were creatable / existed, we should see rather remarkable things with old white dwarfs and neutron stars, which would be greatly affected by such energy sources.
Strong passwords / keys for WPA is not much of a burden. You only have to enter the damm things once. I use a random 32 character hex string as my key. I wrote it down and stored it in a known location. I also have it stored in an old USB drive in a text file. I have to enter it far more than most people, as I dogfood WIndows releases, flattening my notebook each time. Thus I have to reinitialize it for my home WPA network each time I rebuild it. I am not worrying about brute force attacks against 128 bit key values.
Actually, it is rather more like the Zotob vuln than the Blaster vuln. It is a crit on earlier systems, but requires authenticated privledges on Vista and 2K8 server due to the implementation of the integrity level defenses in Vista and 2K8. That said, the potential for damage with this vulnerability is high and there were reports of attacks in the wild. Thus, Microsoft released out of the standard release cycle.
ABSTRACT: In this talk I will describe a new algebraic attack which is very powerful and very general. It can solve large systems of low degree polynomial equations with surprisingly low complexity. For example, solving dense random-looking equations of degree 16 in several thousand variables over GF(2) (which correspond to many types of LFSR-based stream ciphers) can now be practically done in less than 2^{32} complexity by the new technique.
That said, the algebraic degree associated with modern block codes is far beyond this. The possible uility of such approaches in reducing the complexity of collision generation in hashes is yet undetermined.
HTML 5: have DOM storage (session and local) and database storage. These should all be SameOrigin. Meant to block userâ(TM)s deleting of tracking cookies. Use of database storage, there can be SQL injection against the local database. Some browsers support GlobalStorage that donâ(TM)t have SameOrigin control. Lots of new attack surface in FF3. Websites can be protocol handlers (support spyware!!). Installation of protocol handler is one click. WebKit is a big supporter of HTML5 and supports these issues.
HTML5 has limited storage (~ 15 Mbytes total) allowing easy exhaustion attacks and there is no UI to manage this. DOS is easy. Can easily plant arbitrary evidence on a system. HTML 5: Security âoeneed to write this sectionâ.
We now have web developers making desktop apps without any security or privacy expertise. The Web is becoming more heterogeneous and far far more dangerous.
I have been using server 2K8 on all my work systems (including my notebook) ever since Vista Beta 1. It has always been stable. On one of the systems I have installed the desktop experience pack because I need it to access the internal video feeds that are used for meetings. Otherwise, I run server without the experience pack.
Since I have IE locked down so that it doesn't run jscript and it won't download pdf's from my journals, I use firefox with NoScript installed to download them. With IE locked down as my default browser, hitting a link inadvertently will bring up my safe browser.
I run as a normal user and use the local machine administrator account for system management. I have to do a full elevation to do a management function, not a simple UAC prompt.
I have been told that a number of customers under enterprise licensing use Server 2K8 as secure managed desktops.
From what I see, the education requirements are highly variable. The schools were not demanding in Salinas. In the Seattle suburbs where I live, they seem to be quite good. I think my daughter's math education (she is in 5th grade) is at least equal to mine. She is in the middle college track and will be taking calculus in high school (which I did as well). If she qualifies for classes that the school doesn't have, she can take them at the local community college. I doubt that she will have the separate courses on trig and analytic geometry that I had.
It is not MS forcing the vendors to produce more cycle and memory intensive systems, but the vendors trying to sell new HW to people who already have existing systems looking to MS to provide some set of features that can provide a marketing justification for "upgrading" your system. To the extent that users are content with basic functionality, even 10 year old systems are quite functional.
The ISV's are still going to want to sell users new systems, regardless of the choice of OS. I expect that they will find the open source community to be much less supportive of their ambitions that it appears MS has been.
I found my old Dell Win ME system (1.7 P4), which I had upgraded to XP 3 years ago, could be upgraded to be able to run Vista Home Basic for ~$50 in parts (no Vista drivers for the old parts). Performance is more than acceptable, but I am not doing video transcoding on it and I am not a gamer.
Technical defenses will not protect against wetware vulnerabilities. As long as people click on things and say install that new thing, you are going to have system malware installs.
As for customs, if they have me boot the system, they will not take long to find a directory, helpfully named "images". When they look in it, they will find a very large collection of high resolution astrophotographs. Some approaching 100 MBytes in size. They are welcome to make copies. After all, the government funded the acquisition of the images.
I hope that this unreasonable approach is rapidly dropped.
If you need access to information that you don't want people accessing, store it on a server in a trusted location / jurisdiction and get at it over an SSL / VPN / IpSec channel.
That is the only situation I have used IM in. Otherwise, I do not install the client if I can avoid it. Never log in if the client is installed, and never respond to invitations. In general, e-mail is responsive enough and I want the time to respond thoughtfully and accurately. You never know when an e-mail is going to surface much later and somebody is going to ask you how you came to be such an idiot.
Outlook does a good job with voice mail now as well. So at my convenience I can check my voice mail.
I also don't have a web page, nor do I maintain public pages advertising my interests, status, etc. A web search on my name will return hits to published articles (all technical). My family knows what I do and what my interests are. I don't need to advertise / promote myself to the outside world.
As an undergraduate physics student in the late 60's I made a number of comments about the total incompetence of the various radical groups. When one radical tried to get me to provide guidance for one of the groups (I still don't know if he actually had the contact) I replied that if I wanted to get into that business, I would go to work for the feds and that the group in question would either get arrested or blow themselves up, both logical and deserved consequences of their stupidity. They did. And they didn't even take out any innocent bystanders.
If you are scared of change, you are not going to like dealing with engineers and scientists. They enable it. Build it up, tear it down, secure it, penetrate it. Engineering can do both good and bad. So can science. Different organizations may have different definitions of good and bad.
A practical elevator is going to need a lot of armor to protect it from debris for a considerable portion of the low earth orbital space.
Cosmic rays have far far higher energies than any issue that will ever come out of a man-made accelerator. The intensities are far lower, but the energies are far higher.
I know nothing about any plan to implement the consumer componentization that is being discussed here. I wish we would componetize the client the way we have the server and then add a wizard to appropriately configure the system with reasonable defaults.
I would note the interesting observation that if MS ships a unified SKU, it is criticized for its lack of componentization. If people think that MS is going to componentize, MS is criticized for not shipping everything and planning on per-feature charging. Clearly, for many in this crowd, whatever MS does is wrong - by definition.