Interesting. What sort of crap was ASUS dishing out? I know them only as a fairly generic shipper of cheap x86s. Are they deeply dysfunctional and/or nasty on the OEM relations side?
I suspect that it depends on where they plan to slot Skype into their list of product offerings.
If it becomes part of some 'enterprise' offering, playing cat-and-mouse would likely not be a sensible strategy. Corporate/institutional customers hate petty version churn of the sort needed to keep constantly breaking 3rd parties and they have a fairly low likelihood of going with 'unofficial' software. They may well keep globbing on new features(as with Office document formats, Sharepoint tie-ins, etc.); but corporate customers are conservative enough that even the perception that 3rd party clients are not feature-complete and 100% compatible usually keeps them well away, and the few exceptions are likely to either be impecunious contrarians or competing titans(eg. IBM) large enough to make an issue of it if you play dirty.
If it becomes a "Live" consumer offering, playing cat-and-mouse is at least an option, since the consumer market has largely learned to suck up their auto-updates when told(and isn't behind a firewall that blocks them, and doesn't need to open a ticket with IT to install them...) It still isn't totally clear what their motivation would be(since they would still control the skype-out gateways, where the money is, and having third parties voluntarily make your network more popular among markets you don't feel like serving doesn't seem like an obviously bad thing(though they might keep the banhammer hovering, just to ensure that people license the rights to embed skype in wifi VOIP phones and whatnot from them, rather than go 3rd party...)
If it becomes a consumer-electronics thing, affiliated with xbox or Windows Phone, it seems to be some sort of ontological obligation to lock it down as hard as possible, just on principle, just because that is how they roll in console-land.
How do they own the protocol? They clearly have copyright over the implementations of client and server and so forth that they have written, and they may hold certain patents related to the protocol(but, if so, they haven't mentioned that fact, and the protocol's secrecy so far suggests that they didn't go down the "disclosure in exchange for limited exclusivity" path of patents). In what sense is it "property"?
The original Linux EEE PCs ran the most god-awful distro imaginable. For reasons I cannot fathom, they had Xandros puke out a sick abortion of the usual Xandros desktop(itself more or less a sick abortion of Debian) just for them. It was painfully bad, partially broken, and basically disconnected from repositories that ever received any actual updates.
I just don't understand how they received this particular patent. I know that defensive patenting/preemptive patenting is a big thing, it's just that this patent looks like a trivial subset of a patent that was filed in 2006 and granted in 2008, which described a data-transport and device-command agnostic framework for implementing virtually any location/beacon-based device control policy.
This patent is basically the "We could use coded IR pulses and the onboard camera as a data transport, and deliver a few commands" subset of the other one.
Would celebrating the release of this "feature" onto the commercial market with a variant of Apple's classic 'Think Different' posters featuring Rodney King, the Gitmo dog-leash guy, and similar?
Unfortunately, the universe's pulsars actually exist to transmit coded control messages to the deities of various pantheons, enforcing a strict "no mercy upon mortals" policy within the observable universe. Nobody is sure which eldrich ancient god holds the business-method patent on mercy; but it exists outside of time, so it won't be expiring any time soon.
I am frequently baffled by some of the stuff that Apple gets away with patenting. In this case, the patent described would(to my layman's inspection) appear to be a mere subset of Microsoft's (equally odious and sinister) 2008 "Digital Manners" patent, except that that patent covered a much broader range of possible prohibition/settings propagation media, and a much more generic set of possible commands.
Ok, let's think for a second here: back when the only Star Wars movies/media that were any good at all were produced, visual effects were both vastly cruder and more expensive(per unit bang, I'm sure the ceiling price has continued to climb...).
Therefore, if they are "too expensive" now, either Lucas has wandered off the ranch, so to speak, and is insisting that it be shot in 100053459348p 512Hz 3HD or and vastly more likely the plan was to shovel a bunch of straight-to-TV/DVD kiddie-schlock and they aren't sure that they can recoup the cost of visual effects that wouldn't be laughed at.
It sounds like the world is on track to be spared an atrocity here.
Oh, wait, you needed to talk to somebody who is using Skype. Shit.
Network effects are a nuisance; but you just can't dismiss them. It would, indeed, be rather perverse to use reverse-engineered secret protocols as the basis for new systems where open ones are available(SIP, XMPP, etc, etc.); but if you want to interact with the userbase of a proprietary protocol your options are either to reverse engineer it, or to accept whatever T and Cs the proprietary software decides to impose.
Unless there is a substantial amount of client-trusting going on(which would be incredibly stupid; but not entirely out of the question given that Skype makes heavy use of random machines running Skype to save the operator bandwidth and machine time), I suspect that having the protocol won't be of too much use for theft of service. Even using a 3rd party client, you'd still need credentials tied to an account with money in it, and Skype can always bounce you at the points where their network meets the POTS/Cell system.
Again, unless analysis of the protocol reveals deep, exploitable, flaws I'm guessing that MS won't care too much. The world already has at least one born-open VOIP protocol(SIP), quite possibly several, and those haven't been a deep threat to Skype because they are comparatively hard for neophytes to set up, have firewall issues, etc. Heck, Microsoft bought Skype despite having a voice chat system in MSN. Voice chat over the internet, while not trivial, just isn't some super trade secret, nor is it what makes Skype a contender.
Now, given the reports of how slimy and secretive the Skype binary can be, I'd be happy to see an open implementation; but I suspect that the possibility won't rock the boat from MS' perspective...
Thanks. It looks like it already detects a handful of things(OSX.RSPlug.A, OSX.Iservice, OSX.HellRTS, OSX.OpinionSpy,OSX.MacDefender A, B, and C) , though nothing that I could find in the file(presumably this is the one that will be getting updated as time goes on) looks like the rules for an even remotely sophisticated detection system: better than a simple naive filename or whole-dmg hash check(if it were that, it'd be about 4 real lines long); but I can't see anything that isn't either a check for the hash of a file or a check for a string.
Good enough as long as the rate of variation remains low(for reference, this file is 13k, much of that compressible whitespace/tag soup. The definition dumps that symantec's corporate AV product pukes out to the clients on each update are ~40MB); but unless there is something architectural preventing the kiddies from performing assorted padding and encoding trickery, it won't last long. The real limit would likely be that said kiddies are probably using stolen/hacked/botted hosting, which doesn't necessarily come with convenient server tools. If not for that, every single package downloaded could, conceivably, be padded slightly differently.
<quote><p>Apple's security update include a new daily malware definitions update. So this is hardly the easy defeat that the description is hinting at. More like the beginning of a long drawn out war...</p></quote>
What I haven't been able to find anywhere is information on what sort of "definitions" are used.<br><br>
The system is based on OS X's existing "file quarantine" feature, which sets a flag on files originating from safari, mail, and a few other sources, which throws a caution flag when you try to open them. Now, there is some sort of "definition" check that throws up a much scarier warning flag for known malware.<br><br>
The question is what sort of check it is: Does it just hash the file and compare against a list? If so, the situation is hopeless. Programmatic production of permutations will be limited largely by how fast new versions can be sent out through the distribution network, and all of them will hash differently. Is it more sophisticated than that, and how much more, if so?<br><br>
I grabbed the "SecUpd2011-003Snow.dmg" manual security update installer and dug around a bit. "Security Update 2011-003\SecUpd2011-003Snow.pkg\SecUpd2011-003Snow.pkg\Payload\Payload~\.\System\Library\CoreServices\CoreTypes.bundle\Contents\Resources\" contains a file called "Xprotect.plist"<br><br>
Here is the snippet that appears to pertain to 'MacDefender':<br><br>
Given that "Windows Security Center" already detects most remotely common AV packages and whines at you if you don't have one running and in good condition it would be simple enough to simply replace that behavior with "If 3rd party AV present, do nothing(as at present). If 3rd party AV not present or inactive, run MSE(instead of whining, as at present).
Doesn't change the effectively whack-a-mole nature of antivirus(particularly now that sneaky shit like kernel-mode DRM drivers and silent phoning home are features of "legitimate" software...); but it wouldn't be a significant problem in itself.
It does seem atypically honest to admit that they are going to persecute them, rather than simply claiming to act under color of law and then persecuting them anyway... Now that our frenemy Mubarak is on the outs, who do we outsource torture to?
Well, let's see here: NATO basically exists because The Evil Empire was super scary back in the day, and the prospect of a zillion Ruskie tanks rolling across Europe was kind of disheartening. Since then, they've had some penny-ante villains; but nothing like the good old days.
What better way to ensure continued institutional relevance(and throw a bone to a disproportionately influential member) than issuing toothy statements about the terrifying threat of, and terrible retribution awaiting, those who have been rooting through the American underwear drawer?
Unless the Iranians have suddenly lost an alarming number of IQ points in a completely inexplicable virus attack, I'm guessing that, as always, the internal internet will be for the little people and the people who have a need, and/or the right friends, will have the real deal.
There will, presumably, be some sort of licensing procedure, and known extra scrutiny on "outside lines"; but there is no way that they'd be stupid enough to deny access for business use. Even the DPRK, among the most authoritarian and autarchic countries on earth doesn't do that.
Interesting. What sort of crap was ASUS dishing out? I know them only as a fairly generic shipper of cheap x86s. Are they deeply dysfunctional and/or nasty on the OEM relations side?
I suspect that it depends on where they plan to slot Skype into their list of product offerings.
If it becomes part of some 'enterprise' offering, playing cat-and-mouse would likely not be a sensible strategy. Corporate/institutional customers hate petty version churn of the sort needed to keep constantly breaking 3rd parties and they have a fairly low likelihood of going with 'unofficial' software. They may well keep globbing on new features(as with Office document formats, Sharepoint tie-ins, etc.); but corporate customers are conservative enough that even the perception that 3rd party clients are not feature-complete and 100% compatible usually keeps them well away, and the few exceptions are likely to either be impecunious contrarians or competing titans(eg. IBM) large enough to make an issue of it if you play dirty.
If it becomes a "Live" consumer offering, playing cat-and-mouse is at least an option, since the consumer market has largely learned to suck up their auto-updates when told(and isn't behind a firewall that blocks them, and doesn't need to open a ticket with IT to install them...) It still isn't totally clear what their motivation would be(since they would still control the skype-out gateways, where the money is, and having third parties voluntarily make your network more popular among markets you don't feel like serving doesn't seem like an obviously bad thing(though they might keep the banhammer hovering, just to ensure that people license the rights to embed skype in wifi VOIP phones and whatnot from them, rather than go 3rd party...)
If it becomes a consumer-electronics thing, affiliated with xbox or Windows Phone, it seems to be some sort of ontological obligation to lock it down as hard as possible, just on principle, just because that is how they roll in console-land.
How do they own the protocol? They clearly have copyright over the implementations of client and server and so forth that they have written, and they may hold certain patents related to the protocol(but, if so, they haven't mentioned that fact, and the protocol's secrecy so far suggests that they didn't go down the "disclosure in exchange for limited exclusivity" path of patents). In what sense is it "property"?
I think that a variant of the trollface, with a turban, "the Ayahtrollah", would be a suitable mascot for such activities.
The original Linux EEE PCs ran the most god-awful distro imaginable. For reasons I cannot fathom, they had Xandros puke out a sick abortion of the usual Xandros desktop(itself more or less a sick abortion of Debian) just for them. It was painfully bad, partially broken, and basically disconnected from repositories that ever received any actual updates.
Isn't Jehovah the ancient hebrew god of genocide and capital punishment?
I just don't understand how they received this particular patent. I know that defensive patenting/preemptive patenting is a big thing, it's just that this patent looks like a trivial subset of a patent that was filed in 2006 and granted in 2008, which described a data-transport and device-command agnostic framework for implementing virtually any location/beacon-based device control policy.
This patent is basically the "We could use coded IR pulses and the onboard camera as a data transport, and deliver a few commands" subset of the other one.
Ach, sentence malformed: strike '?' and append "be pointed or merely tasteless?"
Would celebrating the release of this "feature" onto the commercial market with a variant of Apple's classic 'Think Different' posters featuring Rodney King, the Gitmo dog-leash guy, and similar?
Unfortunately, the universe's pulsars actually exist to transmit coded control messages to the deities of various pantheons, enforcing a strict "no mercy upon mortals" policy within the observable universe. Nobody is sure which eldrich ancient god holds the business-method patent on mercy; but it exists outside of time, so it won't be expiring any time soon.
My impression is that the CCD/CMOS imager is being used to sense the IR. If the point was to shut down the camera, that works as well...
I am frequently baffled by some of the stuff that Apple gets away with patenting. In this case, the patent described would(to my layman's inspection) appear to be a mere subset of Microsoft's (equally odious and sinister) 2008 "Digital Manners" patent, except that that patent covered a much broader range of possible prohibition/settings propagation media, and a much more generic set of possible commands.
Ok, let's think for a second here: back when the only Star Wars movies/media that were any good at all were produced, visual effects were both vastly cruder and more expensive(per unit bang, I'm sure the ceiling price has continued to climb...).
Therefore, if they are "too expensive" now, either Lucas has wandered off the ranch, so to speak, and is insisting that it be shot in 100053459348p 512Hz 3HD or and vastly more likely the plan was to shovel a bunch of straight-to-TV/DVD kiddie-schlock and they aren't sure that they can recoup the cost of visual effects that wouldn't be laughed at.
It sounds like the world is on track to be spared an atrocity here.
SIP.
Oh, wait, you needed to talk to somebody who is using Skype. Shit.
Network effects are a nuisance; but you just can't dismiss them. It would, indeed, be rather perverse to use reverse-engineered secret protocols as the basis for new systems where open ones are available(SIP, XMPP, etc, etc.); but if you want to interact with the userbase of a proprietary protocol your options are either to reverse engineer it, or to accept whatever T and Cs the proprietary software decides to impose.
Unless there is a substantial amount of client-trusting going on(which would be incredibly stupid; but not entirely out of the question given that Skype makes heavy use of random machines running Skype to save the operator bandwidth and machine time), I suspect that having the protocol won't be of too much use for theft of service. Even using a 3rd party client, you'd still need credentials tied to an account with money in it, and Skype can always bounce you at the points where their network meets the POTS/Cell system.
Again, unless analysis of the protocol reveals deep, exploitable, flaws I'm guessing that MS won't care too much. The world already has at least one born-open VOIP protocol(SIP), quite possibly several, and those haven't been a deep threat to Skype because they are comparatively hard for neophytes to set up, have firewall issues, etc. Heck, Microsoft bought Skype despite having a voice chat system in MSN. Voice chat over the internet, while not trivial, just isn't some super trade secret, nor is it what makes Skype a contender.
Now, given the reports of how slimy and secretive the Skype binary can be, I'd be happy to see an open implementation; but I suspect that the possibility won't rock the boat from MS' perspective...
Thanks. It looks like it already detects a handful of things(OSX.RSPlug.A, OSX.Iservice, OSX.HellRTS, OSX.OpinionSpy,OSX.MacDefender A, B, and C) , though nothing that I could find in the file(presumably this is the one that will be getting updated as time goes on) looks like the rules for an even remotely sophisticated detection system: better than a simple naive filename or whole-dmg hash check(if it were that, it'd be about 4 real lines long); but I can't see anything that isn't either a check for the hash of a file or a check for a string.
Good enough as long as the rate of variation remains low(for reference, this file is 13k, much of that compressible whitespace/tag soup. The definition dumps that symantec's corporate AV product pukes out to the clients on each update are ~40MB); but unless there is something architectural preventing the kiddies from performing assorted padding and encoding trickery, it won't last long. The real limit would likely be that said kiddies are probably using stolen/hacked/botted hosting, which doesn't necessarily come with convenient server tools. If not for that, every single package downloaded could, conceivably, be padded slightly differently.
Your "first sale" is powerless before my RDF. Go use a dell or something.
<quote><p>Apple's security update include a new daily malware definitions update. So this is hardly the easy defeat that the description is hinting at. More like the beginning of a long drawn out war...</p></quote>
What I haven't been able to find anywhere is information on what sort of "definitions" are used.<br><br>
The system is based on OS X's existing "file quarantine" feature, which sets a flag on files originating from safari, mail, and a few other sources, which throws a caution flag when you try to open them. Now, there is some sort of "definition" check that throws up a much scarier warning flag for known malware.<br><br>
The question is what sort of check it is: Does it just hash the file and compare against a list? If so, the situation is hopeless. Programmatic production of permutations will be limited largely by how fast new versions can be sent out through the distribution network, and all of them will hash differently. Is it more sophisticated than that, and how much more, if so?<br><br>
I grabbed the "SecUpd2011-003Snow.dmg" manual security update installer and dug around a bit. "Security Update 2011-003\SecUpd2011-003Snow.pkg\SecUpd2011-003Snow.pkg\Payload\Payload~\.\System\Library\CoreServices\CoreTypes.bundle\Contents\Resources\" contains a file called "Xprotect.plist"<br><br>
Here is the snippet that appears to pertain to 'MacDefender':<br><br>
<dict>
<key>Description</key>
<string>OSX.MacDefender.B</string>
<key>Matches</key>
<array>
<dict>
<key>MatchFile</key>
<dict>
<key>NSURLNameKey</key>
<string>Info.plist</string>
</dict>
<key>MatchType</key>
<string>Match</string>
<key>Pattern</key>
<string>3C6B65793E434642756E646C654964656E7469666965723C2F6B65793E*3C737472696E673E636F6D2E61766D2E706B672E617653657475703C2F737472696E673E</string>
</dict>
<dict>
<key>MatchFile</key>
<dict>
<key>NSURLNameKey</key>
<string>Archive.bom</string>
</dict>
<key>MatchType</key>
<string>Match</string>
<key>Pattern</key>
<string>617652756E6E65722E61707000*617652756E6E657200*446F776E6C6F6164506963742E706E6700</string>
</dict>
<dict>
<key>MatchFile</key>
<dict
Given that "Windows Security Center" already detects most remotely common AV packages and whines at you if you don't have one running and in good condition it would be simple enough to simply replace that behavior with "If 3rd party AV present, do nothing(as at present). If 3rd party AV not present or inactive, run MSE(instead of whining, as at present).
Doesn't change the effectively whack-a-mole nature of antivirus(particularly now that sneaky shit like kernel-mode DRM drivers and silent phoning home are features of "legitimate" software...); but it wouldn't be a significant problem in itself.
It does seem atypically honest to admit that they are going to persecute them, rather than simply claiming to act under color of law and then persecuting them anyway... Now that our frenemy Mubarak is on the outs, who do we outsource torture to?
Well, let's see here: NATO basically exists because The Evil Empire was super scary back in the day, and the prospect of a zillion Ruskie tanks rolling across Europe was kind of disheartening. Since then, they've had some penny-ante villains; but nothing like the good old days.
What better way to ensure continued institutional relevance(and throw a bone to a disproportionately influential member) than issuing toothy statements about the terrifying threat of, and terrible retribution awaiting, those who have been rooting through the American underwear drawer?
"Oh yeah, we'll just make our own internet, without blackjack or hookers. Oh, wait, why would we do that?"
Unless the Iranians have suddenly lost an alarming number of IQ points in a completely inexplicable virus attack, I'm guessing that, as always, the internal internet will be for the little people and the people who have a need, and/or the right friends, will have the real deal.
There will, presumably, be some sort of licensing procedure, and known extra scrutiny on "outside lines"; but there is no way that they'd be stupid enough to deny access for business use. Even the DPRK, among the most authoritarian and autarchic countries on earth doesn't do that.
We wouldn't want to fall behind Iran...
Absolutely nothing. We went with the proven nuclear-industry reliability of Siemens(tm)(r) brand PLC hardware. Absolutely nothing could go wrong.