If you can read the code and compile it yourself (and it is short enough to understand, which it may be), you can be pretty sure that it doesn't harvest short inputs and phone home.
(If it doesn't, that is. I haven't read the source code, yet.)
Not to say that hashing a hash would necessarily be a bad thing for some applications, for instance, add some time to the brute-force approaches that short input become vulnerable to.
(Why the readme file is README.md, I can't guess.)
After downloading and reading bits of the docs (but not the code), it appears that it hashes the data you give it (SHA-1 or MD5) and builds the graphic based on the hash.
(You specify the hashing algorithm by a parameter, and, no, they don't recommend the parameter that specifies MD5. I didn't read far enough to guess as to why the parameter is not the name of the algorithm.)
So, since it appears that not every geek here is familiar with hashing (Huh?), I'll point out the obvious: The hash does not give enough information to reproduce the original data. (But what about very short inputs, like passwords, which they, erm, suggest?) Also, since the hash is cryptographically hard, reversing it is rather difficult even if you can afford to search through the pseudo-reversion set.
There are other considerations, some of which you mention in passing, only to return to the us-vs-them analysis.
As long as you are making the whole thing an us-vs-them problem, you cannot assume a higher moral ground than the government (or members thereof).
We are all in the same boat, even if the government at present seems to be deluged by people who misunderstand the fundamental principles of human interaction.
If the time comes for bloody revolution, well, such a time may come. Until then, if the best we can do is replace the people in power with our own, then the best we can do is become the next source of the problem.
It is common senselessness, not sense, to try to either subvert or get rid of the informant. In this world, there will always be more work that needs to be done than there are people to do it, and a person subverted is no more a contributing member of society than a person who has been disposed of.
Civic duty has nothing to do with who belongs to what group, nor with the agendas of (the people in) governments. Civic duty is much more about helping one's neighbors than about .
Malleable. Ask the linguists and the mathematicians.
Stepping back from theory, however, in the case of "Mister", just as sure as there are groups for which it has racist connotations and other groups for which it invokes master/disciple relations or the like, there are also groups for him it is an assertion of a default assumption of respect, and yet other groups for him it is a reserved title of respect.
Where "Mister" ranks relative to the title of "president" is yet another thing which varies from hood to hood. There are indeed those among whom a president really is just the poor guy whose turn it is to do the job this time, and maybe they say, "mister" to remind the poor guy that he isn't being ostracised, and maybe they use "president" as an effort to show their encouragement.
Just like there are other groups for whom the office of president is considered a target or a goal, and the current president just another guy who is in the way.
Well, okay, so the demise of secret keeping is postponed, and we have to look back to social engineering.
You're right to point out that the state of the art won't force us to be saved, but everyone seems to find security in secrets, and that's just backwards.
Giving up secrets is the only really safe thing left to do.
Well, at least, not all governments are corrupt all the time.
On the other hand, every institution (not just governments, as you note about Sony and Microsoft) has this same tendency.
It's one of the problems of systems. Systems, once constructed, tend to self-destruct. At least, the systems we build do. Trying to make a system self-correcting generally tends to make things worse when they slip out of the defined behavior modes.
The only solution is continued monitoring -- eternal vigilance.
And that requires, erm, morals, ethics, some sort of cosmology comparable to, dare I say it?...
This is one of the reasons a society without a moral compass tends to generate a lot of smoke and loud noise before it disappears.
"Eat, drink, and be merry. But be a basically good person. Lie a little. Take advantage of another person because her words give you an opening. Dig traps for your neighbors. There is nothing wrong with this, everyone has to fudge a little to get by. Besides, tomorrow we die, and if we take a slightly guilty conscience with us to the grave, there can't be anyone waiting on the other side who really cares about such little things."
Leaking is snitching. Or, I should say, snitching is leaking.
Snitching is only bad when we have something to hide.
Getting rid of everything we have to hide scares most people. Or, at least, scares most of the people who spend the most time talking.
The silent majority knows about the secrets and do what they can to mitigate without making much fuss of it. At least, until somebody decides to make an example of them by saying how wonderful whistleblower X or Y was.
Keeping the secrets everyone knows is one of the common threads of totalitarian government (wannabees) from time immemorial.
(It ain't just the Chinese. The guys who wrote the US Constitution saw it coming, the Greeks saw it a bit too late some two thousand years ago, the Egyptians, well, I'd get into controversies about historicality if I said anything specific, but it wasn't new then, either.)
Yeah, it's something to worry about, but it's high-profile. The guys who really know their stuff don't do high-profile, and that's why we haven't seen this until now. They have definitely known about local execution for a long time, and there really is nothing special about this tool. Except that only a script kiddie would make something like it and release it to the wild.
This has been possible since well before Mac OS X 10.0, and I had to admit to myself by 10.3 that Apple, as a company, was not really interested in pre-emptive security measures. When they "switched" processors, I finally had to admit it myself that Steve was either not really seeing a whole lot more of the picture than Bill, or that the board of directors was insisting on going head-to-head with Microsof instead of trying to solve the real problems. (Probably both.)
Now, x86 has inherent security issues, and non of the current crop from INTEL (or AMD, et. al.) fix the real problems, but that's not what I'm talking about. (PPC and ARM have some of the same issues, and issues of their own.)
The attitude problem is visible in the execution of the switch, although it was also visible in the "secrecy" surrounding their maintaining the parallel code base until the switch.
A code base that includes multiple CPU architectures, the different the better, is an essential part of security.
But that has nothing to do with the current use of this feature (local execution) as a pseudo-vulnerability, other than as parallel evidence of the inability of large computer companies to face certain realities about computer security. (And as evidence that the kiddies are taking notice of the Mac, which means, yes, this will be used for capturing sudo passwords and making botnets as much as for stealing credit card numbers, which is why Apple's response is anything but satisfying.)
But, no, Microsoft's tools are not any sort of a solution. If anything, they just prolong the mess. And the way they use DRM only makes it that much harder to secure in any real sense. They use bits and pieces of some of the right tools to solve the wrong problems.
Red Hat is probably the best Linux distribution for this kind of stuff, but you have to shut off the stupid SELinux NSA-trap before you can start.
The best defense is to keep valuable stuff off your PCs. That being a kind of not-very-good solution, the next best option is to use multiple bank accounts and get the bank to put tight charge limits on the accounts that you use on the web, even they will try there best to talk you out of it, and may even refuse to set up the separate accounts for you, in which case you have to use more than one bank. (Actually, we all need to use more than one bank anyway.)
Hmm. This belongs in a blog entry, more than in this reply.
Practically from the days of the yellow box and the blue box.
What we are seeing now is the shift from professionals to skript kiddies. That's why this is in the news. Skript kiddies don't know how to keep their heads down.
But the first wave of skript kiddies will pass. And Mac malware operating in the wild will still be, relative to the installed base, at least an order of magnitude less than MSWindows malware.
But how did we get here? Everyone has to compete with Microsoft, and the only way to do that is to do inherently unsafe junk. That's why I really don't like Microsoft. The push the vulnerable marketplace.
One, it's different because it's a male who did it, and because it was repeated, because it was taking beyond the classroom, because it was printed and distributed, and because one of the places it was taken was the internet.
He and his buddies did go a bit too far, and there's a problem if his case goes to trial and his buddies don't get charged.
And, as I keep saying, I'd far rather see the poor guy tried on a misdemeanor (if it's necessary to go that far) than see them try to get this to fit into the definition of "hate crime on the internet" and try the poor guy on a felony charge. Or even go to the legislature demanding even more restrictive laws be passed.
Slashdot Mirror
If you can read the code and compile it yourself (and it is short enough to understand, which it may be), you can be pretty sure that it doesn't harvest short inputs and phone home.
(If it doesn't, that is. I haven't read the source code, yet.)
Not to say that hashing a hash would necessarily be a bad thing for some applications, for instance, add some time to the brute-force approaches that short input become vulnerable to.
Given a small enough input set, the output of a normal hash approaches 1-to-1. That is a problem.
Better, as you say, than what currently exists, but a problem, nonetheless.
I'm thinking they'd want to add a different hashing algorithm for short data like passwords and passphrases, and some sort of salt, as well.
Not ready, as it is, for that application, in spite of the developers suggesting it as a possible application.
I guess that business about short-term memory and age is not just superstition.
Apologies to anyone who chooses to be offended.
(Why the readme file is README.md, I can't guess.)
After downloading and reading bits of the docs (but not the code), it appears that it hashes the data you give it (SHA-1 or MD5) and builds the graphic based on the hash.
(You specify the hashing algorithm by a parameter, and, no, they don't recommend the parameter that specifies MD5. I didn't read far enough to guess as to why the parameter is not the name of the algorithm.)
So, since it appears that not every geek here is familiar with hashing (Huh?), I'll point out the obvious: The hash does not give enough information to reproduce the original data. (But what about very short inputs, like passwords, which they, erm, suggest?) Also, since the hash is cryptographically hard, reversing it is rather difficult even if you can afford to search through the pseudo-reversion set.
Misread it.
Thought they were talking about de-centralized identity.
Basically about as polar opposite as possible.
I need a new browser, I guess.
I'm not nearly as excited about an x86 implementation as I would be about an ARM implementation.
There are other considerations, some of which you mention in passing, only to return to the us-vs-them analysis.
As long as you are making the whole thing an us-vs-them problem, you cannot assume a higher moral ground than the government (or members thereof).
We are all in the same boat, even if the government at present seems to be deluged by people who misunderstand the fundamental principles of human interaction.
If the time comes for bloody revolution, well, such a time may come. Until then, if the best we can do is replace the people in power with our own, then the best we can do is become the next source of the problem.
It is common senselessness, not sense, to try to either subvert or get rid of the informant. In this world, there will always be more work that needs to be done than there are people to do it, and a person subverted is no more a contributing member of society than a person who has been disposed of.
Civic duty has nothing to do with who belongs to what group, nor with the agendas of (the people in) governments. Civic duty is much more about helping one's neighbors than about .
Torture, genocide, slavery, human rights abuses, these are also moral issues.
As is the question of who should get what information.
God only knows the difference between a snitch and a whistleblower and a leaker in most cases.
Malleable. Ask the linguists and the mathematicians.
Stepping back from theory, however, in the case of "Mister", just as sure as there are groups for which it has racist connotations and other groups for which it invokes master/disciple relations or the like, there are also groups for him it is an assertion of a default assumption of respect, and yet other groups for him it is a reserved title of respect.
Where "Mister" ranks relative to the title of "president" is yet another thing which varies from hood to hood. There are indeed those among whom a president really is just the poor guy whose turn it is to do the job this time, and maybe they say, "mister" to remind the poor guy that he isn't being ostracised, and maybe they use "president" as an effort to show their encouragement.
Just like there are other groups for whom the office of president is considered a target or a goal, and the current president just another guy who is in the way.
Very malleable.
Language is very maleable.
For instance, choosing to be called "Dear Leader" can be sold as an act of self-abasement.
You know how easy it is, when down is a sum of gravity and torque.
depending, I think, a bit on how each is boxed.
The thread on marc.
That's just because they don't want to look in the mirror and face their own worst enemy.
When all other enemies are gone, can we really face ourselves?
The enemy within is the last enemy, but most people would rather invent enemies without than face the fact that they are their own worst enemy.
Well, okay, so the demise of secret keeping is postponed, and we have to look back to social engineering.
You're right to point out that the state of the art won't force us to be saved, but everyone seems to find security in secrets, and that's just backwards.
Giving up secrets is the only really safe thing left to do.
Well, at least, not all governments are corrupt all the time.
On the other hand, every institution (not just governments, as you note about Sony and Microsoft) has this same tendency.
It's one of the problems of systems. Systems, once constructed, tend to self-destruct. At least, the systems we build do. Trying to make a system self-correcting generally tends to make things worse when they slip out of the defined behavior modes.
The only solution is continued monitoring -- eternal vigilance.
And that requires, erm, morals, ethics, some sort of cosmology comparable to, dare I say it? ...
This is one of the reasons a society without a moral compass tends to generate a lot of smoke and loud noise before it disappears.
Not even the whistleblower, I mean, snitch, I mean, leaker who leaks the secrets of the enemy.
No one likes a snitch.
Use the snitch, sure. Then make sure you either corrupt him to keep him under control, or get rid of him before he snitches on you.
Not that this is a new thing.
Of course, the only way to lose to this kind of government is to give up and fail to do your civic duty. So I disagree with you there, too.
"Eat, drink, and be merry. But be a basically good person. Lie a little. Take advantage of another person because her words give you an opening. Dig traps for your neighbors. There is nothing wrong with this, everyone has to fudge a little to get by. Besides, tomorrow we die, and if we take a slightly guilty conscience with us to the grave, there can't be anyone waiting on the other side who really cares about such little things."
(Paraphrase. Can you find the original?)
Leaking is snitching. Or, I should say, snitching is leaking.
Snitching is only bad when we have something to hide.
Getting rid of everything we have to hide scares most people. Or, at least, scares most of the people who spend the most time talking.
The silent majority knows about the secrets and do what they can to mitigate without making much fuss of it. At least, until somebody decides to make an example of them by saying how wonderful whistleblower X or Y was.
Keeping the secrets everyone knows is one of the common threads of totalitarian government (wannabees) from time immemorial.
(It ain't just the Chinese. The guys who wrote the US Constitution saw it coming, the Greeks saw it a bit too late some two thousand years ago, the Egyptians, well, I'd get into controversies about historicality if I said anything specific, but it wasn't new then, either.)
It's not the real pros.
Yeah, it's something to worry about, but it's high-profile. The guys who really know their stuff don't do high-profile, and that's why we haven't seen this until now. They have definitely known about local execution for a long time, and there really is nothing special about this tool. Except that only a script kiddie would make something like it and release it to the wild.
This has been possible since well before Mac OS X 10.0, and I had to admit to myself by 10.3 that Apple, as a company, was not really interested in pre-emptive security measures. When they "switched" processors, I finally had to admit it myself that Steve was either not really seeing a whole lot more of the picture than Bill, or that the board of directors was insisting on going head-to-head with Microsof instead of trying to solve the real problems. (Probably both.)
Now, x86 has inherent security issues, and non of the current crop from INTEL (or AMD, et. al.) fix the real problems, but that's not what I'm talking about. (PPC and ARM have some of the same issues, and issues of their own.)
The attitude problem is visible in the execution of the switch, although it was also visible in the "secrecy" surrounding their maintaining the parallel code base until the switch.
A code base that includes multiple CPU architectures, the different the better, is an essential part of security.
But that has nothing to do with the current use of this feature (local execution) as a pseudo-vulnerability, other than as parallel evidence of the inability of large computer companies to face certain realities about computer security. (And as evidence that the kiddies are taking notice of the Mac, which means, yes, this will be used for capturing sudo passwords and making botnets as much as for stealing credit card numbers, which is why Apple's response is anything but satisfying.)
But, no, Microsoft's tools are not any sort of a solution. If anything, they just prolong the mess. And the way they use DRM only makes it that much harder to secure in any real sense. They use bits and pieces of some of the right tools to solve the wrong problems.
Red Hat is probably the best Linux distribution for this kind of stuff, but you have to shut off the stupid SELinux NSA-trap before you can start.
The best defense is to keep valuable stuff off your PCs. That being a kind of not-very-good solution, the next best option is to use multiple bank accounts and get the bank to put tight charge limits on the accounts that you use on the web, even they will try there best to talk you out of it, and may even refuse to set up the separate accounts for you, in which case you have to use more than one bank. (Actually, we all need to use more than one bank anyway.)
Hmm. This belongs in a blog entry, more than in this reply.
The flood started a long time ago.
Practically from the days of the yellow box and the blue box.
What we are seeing now is the shift from professionals to skript kiddies. That's why this is in the news. Skript kiddies don't know how to keep their heads down.
But the first wave of skript kiddies will pass. And Mac malware operating in the wild will still be, relative to the installed base, at least an order of magnitude less than MSWindows malware.
But how did we get here? Everyone has to compete with Microsoft, and the only way to do that is to do inherently unsafe junk. That's why I really don't like Microsoft. The push the vulnerable marketplace.
One, it's different because it's a male who did it, and because it was repeated, because it was taking beyond the classroom, because it was printed and distributed, and because one of the places it was taken was the internet.
He and his buddies did go a bit too far, and there's a problem if his case goes to trial and his buddies don't get charged.
And, as I keep saying, I'd far rather see the poor guy tried on a misdemeanor (if it's necessary to go that far) than see them try to get this to fit into the definition of "hate crime on the internet" and try the poor guy on a felony charge. Or even go to the legislature demanding even more restrictive laws be passed.