As much as I think Phorm, Nebuad, and their ilk are worse-than-worthless subhumans who are only alive because it is illegal to kill them, burn their corporate offices to the ground, and erase every last miserable trace of their existence, they might actually have an unintended positive impact.
At present, most sites the public interacts with(outside of the very moment of a credit card transaction or banking login) tend to skip SSL, even when that is a terrible idea. Social networks, email, loads of other not-directly-financial-but-really-shouldn't-be-unencrypted stuff goes flying over the wire, in the clear, because the providers don't want the computational overhead of SSL. Even when they have the capability, it is rarely the default, and people who go to http://foo.whatever/ typically aren't kicked over to https://foo.whatever./
However, most of those sites depend on advertising and user profiling(either third party, as in the case of sites that run adsense or equivalent, first party, as with Gmail, or as a proprietary advantage, as with Amazon's customer recommendation engine). The advertisers will be, to put it in the mildest possible terms Unbelievably Fucking Ripshit when they hear that ISPs and their spook cronies will be horning in on their action. Not Happy. Very, Very, Not Happy. And if you think that they were not happy at that, just wait until the DPI crew starts injecting 3rd party ads and things into pages. Using your DPI evil to, say, inject 3rd party recommended products right into Amazon or any other online retailer's website would be eminently doable, technologically. That will really piss them off. Lawyers will be deployed, faces will turn purple. Shoes will be banged upon boardroom tables, Khrushchev style.
Since, as stated above, strangling their executives with the entrails of their own children isn't generally legal, they'll have to do something else. Specifically, pull their cheap heads out of their tightwad asses and start using SSL more seriously. Since your ISP is the ultimate man-in-the-middle, they won't be able to stop them from seeing where you are going; but they will be able to stop them, dead, from monkeying with, or even reading in any useful way, your traffic.
Ideally, Phorm and friends will do more than the EFF has, probably by a substantial margin, to drive mainstream SSL adoption, and then suffer a series of crippling workplace spree-killings.
Obviously, transporting the active ingredients for a nuclear warhead or a load of spent fuel-piping hot(thermally and in radiation terms) from a reactor would be a terrible plan; but you underestimate the sheer volume of (relatively small) radioactive sources that need to be routinely transported to keep medicine and industry running. Medical imaging and radiotherapy require a grab-bag of radiation sources, some hot enough that they have to be manufactured within days or weeks of use, and industrial inspection, quality control, disinfection, and sundry other purposes require a good deal more.
Shipping them without proper packaging, padding, a well-sealed pig, and so forth, would be deeply irresponsible; but the idea of simply pulling that(quite substantial) mass of goods out of the ordinary path of shipping is ludicrous. Unless extremely well secured, a specialized shipping service would be more vulnerable to theft and diversion, as well as more expensive. A heavily secured secondary channel would be an incredibly expensive overreaction to a minor incident.
As it is, packing it properly and just shipping it like anything else that you really want arriving; but isn't otherwise a big deal, is an excellent compromise between cost, safety, and efficiency...
Given that the radioactive source was packaged in a sealed pig, a totally boring, mainstream service is probably actually the safest way to ship it.
Unless you want every single medical/industrial radioactive source(it isn't talked about much; but this is a lot of hardware, those things have all kinds of uses) to travel under military guard, the low-profile option of just slapping the source inside a suitable container and fedexing it as though it were just another boring package is probably a great deal more theft/diversion resistant than is splashing "zOMG RADIATION!!!!!" on it in day-glo orange and sending it by some special courier service.
I assume he refers to the unfortunate mixture of optimism, on the part of peripheral manufacturers, and strict adherence, on the part of some computer makes and models, to the USB spec's sections on power delivery. USB2 is quite clear about 5VDC, 500ma; but devices that work poorly, partially, or not at all without at least a few hundred ma more are downright ubiquitous. How exactly a fiber optic interface is going to solve that particular market problem is utterly beyond me; but it is a pain in the ass in some USB situations(mind you, firewire was even worse, since the spec explicitly allowed ports to deliver almost whatever they wanted...)
The only other compatibility issue is with drivers; but USB's "classes" are probably the closest thing to a solution we've yet seen. The world is still replete with non-class-conformant widgets; but it isn't clear how a new bus is going to solve that...
It'll be a cold day in hell before anything replaces ethernet. Do you have any idea what the install base on that stuff is? and the fact that(aside from autonegotiation issues on some chipsets) you can get anything from 10mbit crap with external AUI dongles to contemporary 1Gb gear happily chatting away on even a fairly cheap switch?
The consumer market is, increasingly, wireless for anything that isn't within a few meters of the ugly-stack-o-network-gear that inevitably collects next to the DSL or cable modem; so there is approximately zero interest there in experiencing the joy of dealing with optical fiber just to get a 10Gb/s connection to the cable modem that is doing 20mbit/s with a following wind. On the corporate side, the idea that fiber-to-the-desk is going to replace dirt cheap copper seems equally implausible...
It isn't terribly clear that Woz ever much cared about anything but the pure tech side of hacking(at which he is definitely several cuts above, albeit with most of his serious projects at the point of being historical now.). His unfortunate air crash, and cranial trauma(almost certainly under diagnosed and treated, given the tech and minimal understanding of traumatic brain injuries of the time) may also have blunted him a bit from his best days... He may also just not much care, or not be cut out to be interested in, the social and technological environment of things like the DMCA, cryptographically enforced DRM baked into ever more opaque and highly integrated hardware, and so forth. I'd imagine that it is hard for somebody who cut his teeth on basically designing entire computers from the board up, including implementing custom floppy controller firmwares, new bus designs, etc. to really have an emotional grip on a world where that is getting much, much, harder, and by design. Back when he was doing his top work, hardware was complex; but obfuscation was pretty much the best developed tool of the technological control trade. Cryptographic DRM was still way too computationally expensive, component integration was still pretty low(allowing for fairly easy snooping of those low-speed busses between chips) and so forth. He obviously isn't stupid; but he may well have not really be able to shake his sense of how it was in the old days, even in a world where $4 SoCs are doing mathematically nigh-unbreakable cryptographic verification of on-die firmwares that you can only even probe with $250,000 in chip teardown gear...
It isn't a gigantic surprise, actually. Outside of pure slapstick/dick-jokes circles, verbal comedy is actually a reasonably intellectually demanding flavor of entertainment-celebrity-dom. You essentially have to constantly (depending on the precise flavor) be either making concise-but-incisive observations about things that your audience knows about(so your jokes don't go right over their heads); but in a way that they haven't already thought of(so you don't merely bore them), and your phrasing has to be fast, cutting, and funny, without the luxury enjoyed by academic prose of being using a carpet bombing, rather than a scalpel, to examine the subject.
I suspect that a reasonable number of comedians either just don't much care about that particular subject, or are in favor of whatever keeps their royalties highest; but comedians as a class are, in all likelihood, among the best places in the entertainment world to look for clear-thinking, incisive individuals who can cut through verbal fluff and ambient groupthink with clarity, precision, and enough speed to be amusing rather than agonizing.
It's not for nothing, for instance, that comedians have basically replaced "news" anchors as the best source of national-audience television interviews in the United States. The fact that Frye cares about techie-interest stuff, rather than some other thing, is a fluke of person or biography; but I'd be pretty surprised to hear of any unincisive dullards making it beyond the lowest or crassest circles of the comedy world. Good verbal comedy is hard. Good verbal comedy on your feet, reacting without prep time, is harder...
I'm definitely not going to say the slightest ill about the art direction of some of PS2 titles, and some of them, particularly later in the console's life, looked pretty good given the hardware constraints that they were dealing with(though, on the other side of the coin, having your output device be the 640x480-with-a-following-wind of a period SDTV certainly papers over a few ills...)
That said, though, virtually any present-generation PC game that isn't a 2-minute port from some console, and some that are, will have some questionable art direction; but its ability to paint a drop-dead-stunning rendering of whatever generic Modern Warfare N+1 shooter schlock is being considered across one or more high resolution displays simply cannot be disputed.
That was my point, not only is espionage not necessary to explain the presence of the bug, any entitity that would be in the position to force a bug for purposes of espionage would be actively weakening their own position by pushing for one.
OSes are definitely too complex to be easily dealt with; but I'm not too optimistic about the prospects for simplicity. People seem to like what complexity can do for them, when it comes to user experience, and all the complexity you move out of the OS doesn't just vanish, it usually comes right back in multiple 3rd party implementations, often shoddier(and inevitably less consistent) than what was built into the OS in the first place.
Decoupling complex elements from one another is a great good, and something that MS has been historically bad about; but unless the market does a shocking about face and agrees to spend the next few decades receiving zero new features, only bug-fixes, the prospect of code being cleaned up faster than it is added seems dim...
I'm guessing that we should just take the president and chairman of Sony Computer Entertainment Europe, a couple of non-techie suits with a nontrivial stake in saying nice things about their product, at their word when they assure us that the PS3 will achieve photorealistic graphics and save the whales, if only those lazy developers would do it right? Isn't this the same Sony whose PS2 "Emotion engine" was supposed to have been delivering cinematic graphics, according to their marketdroids?
They might well be able to get away with designing (another, NT being their first) new OS; but a new userspace API or huge security model change would get ugly...
Even Vista's "Hey, let's actually slightly enforce all those best-practices things about not assuming that everyone is running with Admin privileges at all times, as though it were still Windows 95" was met with a firestorm of nearly pure hate. So much so that, even with Vista to take the flack and several years for 3rd parties to get their act together, 7 backed off the UAC a little bit. A really serious change of the "Nope, no win32 for you. Also, all drivers must be utterly rewritten" caliber would probably be met with shocked silence, followed by most of Redmond being set on fire...
The OS9/OSX change was, ironically, actually a demonstration of A)how hard it can be to change your OS from the ground up and B)how Apple wasn't up to the challenge.
Back in the System 7 days, Apple started "Copland" as a next-gen OS to remedy the numerous and hilarious deficiencies in their existing OS. The project was a miserable failure and, after about as much schedule slipping as Apple could afford at that time, they took it out back, shot it, and bought NeXT, and then proceeded to adopt more or less everything but the name as the foundation for their new OS. Even with the "grabbing an entire, largely complete, OS from a third party" tactic, OSX only made it to release in 2001, with the Copeland project having been started in 1993.
It wasn't really a "rewrite" at all, more of a grafting of some APIs from the old OS, and some UI conventions(though not all, OS9 die-hards are still bitching about how much OSX's finder sucks...) onto an entirely new OS. The rewrite attempt foundered horribly.
Microsoft's OS leaping attempts were actually pretty similar(except that I'm not sure they ever even pretended to have the in-house expertise to transform the DOS-based Windows versions into something resembling a real OS). Their DOS-based Windows versions sucked, architecturally, so they hired a bunch of serious DEC guys to build them a whole new, architecture-independent OS. That was NT. They then grafted on the win32 API and, by around Windows 2000, had finished bringing over all the UI conventions that 95-98-ME users would expect(NT 3.X is actually a pretty alien experience, if you are expecting Windows...)
There is probably some example of a "Hey guys, let's rewrite our OS" story actually going well, without the invocation of a deus-ex-machina outside team; but neither Apple nor Microsoft really qualify.
That's a bet I wouldn't take. Given the well-known existence of both more or less free-floating criminal elements and multiple nations with reasonably substantial CS capabilities more or less tightly integrated into their military and/or clandestine capabilities(and sometimes shading into the first category...) any one entity asking for a backdoor is making the (painfully stupid) bet that nobody else is going to find it. Obviously, virtually everyone would love to have a backdoor of their very own; but even unregenerate PNAC acolytes probably aren't stupid enough to assume that only they would ever find it...
An entity in the position to push Microsoft into giving them a backdoor would, one presumes, already possess formidable power, either legally or secretly(depending on whether the backdoor is inserted by NSA spooks or suspiciously cheap Chinese contractors). Such an entity would be foolish to use such power to push for a backdoor which, if discovered(and there is constant searching going on, even if you only count the guys who just want to send h3rb5l v15gra! spam...), would suddenly give every flea-bitten nonentity who can afford an internet connection considerable intelligence capabilities.
Any entity with substantial legal clout would, unless absurdly moronic, simply use instruments like CALEA, collaboration with Telcom entities, search and seizure procedures, and the like. If those weren't good enough, they would advance the theory that only even greater legal clout can possibly save America and The Children from the pedo-terrorist menace. If history is any guide, they should then receive an upgrade.
Any entity with substantial clandestine/illegal clout would, again unless absurdly moronic, be much better served by making use of vulnerabilities that happen anyway, along with HR/outsourcing based infiltration of relevant institutions. Pushing for a backdoor that puts them on par with dubiously pubescent script kiddies, when they currently have a commanding lead, would be illogical in the extreme.
Given that organisms already have DNA by which they can be identified and without which they are going to find essentially all critical life functions to be very difficult indeed, the idea of using some fancy, novel, and removable tag would be pretty ridiculous.
It's an interesting bit of research, and will probably save the highly specialized "people trying to grow a bunch of early-stage embryos without getting them mixed up, for assorted research purposes" a considerable amount of time and trouble; but its utility for tinfoil hat stuff seems minimal. Humans are already loaded with GUIDs, some of which they shed involuntarily and essentially continuously, so you don't really need to go to extra effort there...
I'm assuming that some kid stabbed another kid with a pencil. Largely harmless(unless you go for an eye or an artery, where a decent set of fingernails would be almost as bad, most pencils are pretty brittle); but the sort of thing that admin loses their shit over.
It could, if we wish to be slightly more charitable to the intelligence of the writer(not necessarily a sound idea; but hypotheticals can be interesting), an attempt to keep assorted nonstandard pencils away, while permitting a supply of dull, generic #2s. Back in middle school, I once had cause(the other guy coming up behind me and putting me in a headlock, on an icy playground, and moving to introduce my face to the shard-alicious frozen surface) to use a proper mechanical pencil as a weapon. My good old Pentel P205,.5mm, steel tip, actually made a reasonably effective slashing weapon, even backed by my middle-school-pencil-necked-geek levels of strength. Unfortunately, from my rather compromised position, I was only able to inflict a series of lacerations on noncritical soft tissue, rather than open any veins or arteries and effect exsanguination; but I've seen worse improvised weapons...
My concern would be that any verification interface that doesn't have raw, independent, access to the persistent storage(doesn't have to be fast, I2C would cut it for all but the biggest blobs, does have to be independent) could theoretically be subverted by a malicious firmware.
In effect, unless you can take the system offline and scan the raw memory, you are really just asking the (potentially compromised) firmware running on the embedded CPU "Dear sir, are you compromised?" to which the answer will, inevitably be "No, obviously not, here is the checksum of either the firmware that I am, or the firmware I maliciously replaced. Nothing to worry about."
It's analogous to the challenge of A/V software on a potentially rootkitted system. You can ferret out a lot of the sloppier stuff by asking clever questions, which make it very hard for a rootkit to hid all its traces; but you are very much at a disadvantage. If you take the disk offline, though, and just hash all the files, comparing against known good hashes, nothing can hide, no matter how subtle.
Your brilliant rendering of the requisite condescending tone aside, the point here isn't camera snobbery; but the question of what is good enough for whatever intelligence gathering the world's collective supply of jackboots is ostensibly trying to control.
Obviously, big sensors and huge lenses collect more light. Full frame DSLRs with gigantic lenses spit on point and shoots, which spit on camera phones. So what? Digital medium format backs spit on the DLSR crowd, and the Large Format guys spit on them(and start at only $50,000!). If we really want to ascend to the top of the dick-waving ladder, we might as well include the LN2-cooled astrophotography crowd, who measures their lenses in meters and whatever officially-nonexistent toys the spy birds are launched with.
None of that is the point. Point is, if you are just casing the joint, 95% of your needs can be met on Flickr, or Google Image search. Most of the remainder can likely be done either with a tourist-standard point and shoot or a pervert-special hidden camera from dealextreme. Obviously, your results aren't going to be deathless masterpieces of the photographer's art; but if you just want to make sure that the shaped charge propels the shrapnel packing into the densest part of the crowd and/or the minister of the interior, who gives a fuck?
Sorry about that. I know almost nothing about clever computer vision tricks, I was just trying to make a point with the first one that rolled off the tip of my tongue.
*Intel spokesweasel, in a plaintive tone*: "We intended EFI to stand for Extensible Firmware Interface; but we didn't mean that extensible. Leave EFI alone!"
I imagine that the bigger risk would be contamination of the supply chain. Having a box rooted and NIC flashed(especially if said NIC(s) are embedded on a motherboard and the malicious flash includes a mechanism for silently eating all reflashes while reporting success...) is a downer; but learning that 45% of counterfeit Cisco gear, and 20% of the real used stuff, is also loaded with firmware level malice would be a real downer...
One might also go the avenue of adding a system-wide mechanism, designed from the ground up for maximum simplicity(so it doesn't itself need potentially malicious patching), for reading and writing all persistent memory in a system using an external piece of hardware in a special non-operating debug type mode(jtag-esque; but designed for lower complexity and this single purpose).
Some vendors would, no doubt, cry about the security of their precious binary blobs; but the customer, and security must ultimately come first. If there were such a mechanism, for reading back all the various 'hidden' memory spaces within a system, you wouldn't need to choose between the "security and control" of signed-only firmware or the "freedom and potential risk" of allowing unsigned firmware. The vendor could publish their recommended firmware, and its hash, and anybody who wished to verify their system could do so, and anybody who wished to run their own could calculate their own hash and do likewise.
I suspect that they are (reasonably) well aware that somebody, presumably an embedded system/driver dev had to produce the blobs and loaders and other structures they are monkeying with in the first place. However, from their perspective as security guys, the point isn't "Wow, nobody has ever written an embedded device firmware, burned it to a device, and done some stuff with it" it is "Hey, it is possible for a third party of some(but by no means unique) skill and experience to, wholly without the cooperation of the manufacturer, work out everything that is necessary to get an ill documented or undocumented piece of hardware up and running with a new firmware that is both compatible with the original driver and capable of non-malicious operation and also capable of additional malicious functions".
Anybody who gives the matter a moment's thought, even pure amateurs, must conclude by simple logic that somebody can do it; what the security people are pointing out is that not only can somebody do it, potentially hostile third parties with reasonably available skills and no manufacturer support or collaboration can do it....
As much as I think Phorm, Nebuad, and their ilk are worse-than-worthless subhumans who are only alive because it is illegal to kill them, burn their corporate offices to the ground, and erase every last miserable trace of their existence, they might actually have an unintended positive impact.
At present, most sites the public interacts with(outside of the very moment of a credit card transaction or banking login) tend to skip SSL, even when that is a terrible idea. Social networks, email, loads of other not-directly-financial-but-really-shouldn't-be-unencrypted stuff goes flying over the wire, in the clear, because the providers don't want the computational overhead of SSL. Even when they have the capability, it is rarely the default, and people who go to http://foo.whatever/ typically aren't kicked over to https://foo.whatever./
However, most of those sites depend on advertising and user profiling(either third party, as in the case of sites that run adsense or equivalent, first party, as with Gmail, or as a proprietary advantage, as with Amazon's customer recommendation engine). The advertisers will be, to put it in the mildest possible terms Unbelievably Fucking Ripshit when they hear that ISPs and their spook cronies will be horning in on their action. Not Happy. Very, Very, Not Happy. And if you think that they were not happy at that, just wait until the DPI crew starts injecting 3rd party ads and things into pages. Using your DPI evil to, say, inject 3rd party recommended products right into Amazon or any other online retailer's website would be eminently doable, technologically. That will really piss them off. Lawyers will be deployed, faces will turn purple. Shoes will be banged upon boardroom tables, Khrushchev style.
Since, as stated above, strangling their executives with the entrails of their own children isn't generally legal, they'll have to do something else. Specifically, pull their cheap heads out of their tightwad asses and start using SSL more seriously. Since your ISP is the ultimate man-in-the-middle, they won't be able to stop them from seeing where you are going; but they will be able to stop them, dead, from monkeying with, or even reading in any useful way, your traffic.
Ideally, Phorm and friends will do more than the EFF has, probably by a substantial margin, to drive mainstream SSL adoption, and then suffer a series of crippling workplace spree-killings.
Obviously, transporting the active ingredients for a nuclear warhead or a load of spent fuel-piping hot(thermally and in radiation terms) from a reactor would be a terrible plan; but you underestimate the sheer volume of (relatively small) radioactive sources that need to be routinely transported to keep medicine and industry running. Medical imaging and radiotherapy require a grab-bag of radiation sources, some hot enough that they have to be manufactured within days or weeks of use, and industrial inspection, quality control, disinfection, and sundry other purposes require a good deal more.
Shipping them without proper packaging, padding, a well-sealed pig, and so forth, would be deeply irresponsible; but the idea of simply pulling that(quite substantial) mass of goods out of the ordinary path of shipping is ludicrous. Unless extremely well secured, a specialized shipping service would be more vulnerable to theft and diversion, as well as more expensive. A heavily secured secondary channel would be an incredibly expensive overreaction to a minor incident.
As it is, packing it properly and just shipping it like anything else that you really want arriving; but isn't otherwise a big deal, is an excellent compromise between cost, safety, and efficiency...
Given that the radioactive source was packaged in a sealed pig, a totally boring, mainstream service is probably actually the safest way to ship it.
Unless you want every single medical/industrial radioactive source(it isn't talked about much; but this is a lot of hardware, those things have all kinds of uses) to travel under military guard, the low-profile option of just slapping the source inside a suitable container and fedexing it as though it were just another boring package is probably a great deal more theft/diversion resistant than is splashing "zOMG RADIATION!!!!!" on it in day-glo orange and sending it by some special courier service.
I assume he refers to the unfortunate mixture of optimism, on the part of peripheral manufacturers, and strict adherence, on the part of some computer makes and models, to the USB spec's sections on power delivery. USB2 is quite clear about 5VDC, 500ma; but devices that work poorly, partially, or not at all without at least a few hundred ma more are downright ubiquitous. How exactly a fiber optic interface is going to solve that particular market problem is utterly beyond me; but it is a pain in the ass in some USB situations(mind you, firewire was even worse, since the spec explicitly allowed ports to deliver almost whatever they wanted...)
The only other compatibility issue is with drivers; but USB's "classes" are probably the closest thing to a solution we've yet seen. The world is still replete with non-class-conformant widgets; but it isn't clear how a new bus is going to solve that...
It'll be a cold day in hell before anything replaces ethernet. Do you have any idea what the install base on that stuff is? and the fact that(aside from autonegotiation issues on some chipsets) you can get anything from 10mbit crap with external AUI dongles to contemporary 1Gb gear happily chatting away on even a fairly cheap switch?
The consumer market is, increasingly, wireless for anything that isn't within a few meters of the ugly-stack-o-network-gear that inevitably collects next to the DSL or cable modem; so there is approximately zero interest there in experiencing the joy of dealing with optical fiber just to get a 10Gb/s connection to the cable modem that is doing 20mbit/s with a following wind. On the corporate side, the idea that fiber-to-the-desk is going to replace dirt cheap copper seems equally implausible...
Carefully suited only to the nonstandard power-delivery of the macbook air's single USB port, for your Universal serial bus convenience...
Being optical, and Mac exclusive, it should manage to be even more expensive than Firewire! Progress!
It isn't terribly clear that Woz ever much cared about anything but the pure tech side of hacking(at which he is definitely several cuts above, albeit with most of his serious projects at the point of being historical now.). His unfortunate air crash, and cranial trauma(almost certainly under diagnosed and treated, given the tech and minimal understanding of traumatic brain injuries of the time) may also have blunted him a bit from his best days... He may also just not much care, or not be cut out to be interested in, the social and technological environment of things like the DMCA, cryptographically enforced DRM baked into ever more opaque and highly integrated hardware, and so forth. I'd imagine that it is hard for somebody who cut his teeth on basically designing entire computers from the board up, including implementing custom floppy controller firmwares, new bus designs, etc. to really have an emotional grip on a world where that is getting much, much, harder, and by design. Back when he was doing his top work, hardware was complex; but obfuscation was pretty much the best developed tool of the technological control trade. Cryptographic DRM was still way too computationally expensive, component integration was still pretty low(allowing for fairly easy snooping of those low-speed busses between chips) and so forth. He obviously isn't stupid; but he may well have not really be able to shake his sense of how it was in the old days, even in a world where $4 SoCs are doing mathematically nigh-unbreakable cryptographic verification of on-die firmwares that you can only even probe with $250,000 in chip teardown gear...
It isn't a gigantic surprise, actually. Outside of pure slapstick/dick-jokes circles, verbal comedy is actually a reasonably intellectually demanding flavor of entertainment-celebrity-dom. You essentially have to constantly (depending on the precise flavor) be either making concise-but-incisive observations about things that your audience knows about(so your jokes don't go right over their heads); but in a way that they haven't already thought of(so you don't merely bore them), and your phrasing has to be fast, cutting, and funny, without the luxury enjoyed by academic prose of being using a carpet bombing, rather than a scalpel, to examine the subject.
I suspect that a reasonable number of comedians either just don't much care about that particular subject, or are in favor of whatever keeps their royalties highest; but comedians as a class are, in all likelihood, among the best places in the entertainment world to look for clear-thinking, incisive individuals who can cut through verbal fluff and ambient groupthink with clarity, precision, and enough speed to be amusing rather than agonizing.
It's not for nothing, for instance, that comedians have basically replaced "news" anchors as the best source of national-audience television interviews in the United States. The fact that Frye cares about techie-interest stuff, rather than some other thing, is a fluke of person or biography; but I'd be pretty surprised to hear of any unincisive dullards making it beyond the lowest or crassest circles of the comedy world. Good verbal comedy is hard. Good verbal comedy on your feet, reacting without prep time, is harder...
I'm definitely not going to say the slightest ill about the art direction of some of PS2 titles, and some of them, particularly later in the console's life, looked pretty good given the hardware constraints that they were dealing with(though, on the other side of the coin, having your output device be the 640x480-with-a-following-wind of a period SDTV certainly papers over a few ills...)
That said, though, virtually any present-generation PC game that isn't a 2-minute port from some console, and some that are, will have some questionable art direction; but its ability to paint a drop-dead-stunning rendering of whatever generic Modern Warfare N+1 shooter schlock is being considered across one or more high resolution displays simply cannot be disputed.
That was my point, not only is espionage not necessary to explain the presence of the bug, any entitity that would be in the position to force a bug for purposes of espionage would be actively weakening their own position by pushing for one. OSes are definitely too complex to be easily dealt with; but I'm not too optimistic about the prospects for simplicity. People seem to like what complexity can do for them, when it comes to user experience, and all the complexity you move out of the OS doesn't just vanish, it usually comes right back in multiple 3rd party implementations, often shoddier(and inevitably less consistent) than what was built into the OS in the first place.
Decoupling complex elements from one another is a great good, and something that MS has been historically bad about; but unless the market does a shocking about face and agrees to spend the next few decades receiving zero new features, only bug-fixes, the prospect of code being cleaned up faster than it is added seems dim...
I'm guessing that we should just take the president and chairman of Sony Computer Entertainment Europe, a couple of non-techie suits with a nontrivial stake in saying nice things about their product, at their word when they assure us that the PS3 will achieve photorealistic graphics and save the whales, if only those lazy developers would do it right? Isn't this the same Sony whose PS2 "Emotion engine" was supposed to have been delivering cinematic graphics, according to their marketdroids?
They might well be able to get away with designing (another, NT being their first) new OS; but a new userspace API or huge security model change would get ugly...
Even Vista's "Hey, let's actually slightly enforce all those best-practices things about not assuming that everyone is running with Admin privileges at all times, as though it were still Windows 95" was met with a firestorm of nearly pure hate. So much so that, even with Vista to take the flack and several years for 3rd parties to get their act together, 7 backed off the UAC a little bit. A really serious change of the "Nope, no win32 for you. Also, all drivers must be utterly rewritten" caliber would probably be met with shocked silence, followed by most of Redmond being set on fire...
The OS9/OSX change was, ironically, actually a demonstration of A)how hard it can be to change your OS from the ground up and B)how Apple wasn't up to the challenge.
Back in the System 7 days, Apple started "Copland" as a next-gen OS to remedy the numerous and hilarious deficiencies in their existing OS. The project was a miserable failure and, after about as much schedule slipping as Apple could afford at that time, they took it out back, shot it, and bought NeXT, and then proceeded to adopt more or less everything but the name as the foundation for their new OS. Even with the "grabbing an entire, largely complete, OS from a third party" tactic, OSX only made it to release in 2001, with the Copeland project having been started in 1993.
It wasn't really a "rewrite" at all, more of a grafting of some APIs from the old OS, and some UI conventions(though not all, OS9 die-hards are still bitching about how much OSX's finder sucks...) onto an entirely new OS. The rewrite attempt foundered horribly.
Microsoft's OS leaping attempts were actually pretty similar(except that I'm not sure they ever even pretended to have the in-house expertise to transform the DOS-based Windows versions into something resembling a real OS). Their DOS-based Windows versions sucked, architecturally, so they hired a bunch of serious DEC guys to build them a whole new, architecture-independent OS. That was NT. They then grafted on the win32 API and, by around Windows 2000, had finished bringing over all the UI conventions that 95-98-ME users would expect(NT 3.X is actually a pretty alien experience, if you are expecting Windows...)
There is probably some example of a "Hey guys, let's rewrite our OS" story actually going well, without the invocation of a deus-ex-machina outside team; but neither Apple nor Microsoft really qualify.
That's a bet I wouldn't take. Given the well-known existence of both more or less free-floating criminal elements and multiple nations with reasonably substantial CS capabilities more or less tightly integrated into their military and/or clandestine capabilities(and sometimes shading into the first category...) any one entity asking for a backdoor is making the (painfully stupid) bet that nobody else is going to find it. Obviously, virtually everyone would love to have a backdoor of their very own; but even unregenerate PNAC acolytes probably aren't stupid enough to assume that only they would ever find it...
An entity in the position to push Microsoft into giving them a backdoor would, one presumes, already possess formidable power, either legally or secretly(depending on whether the backdoor is inserted by NSA spooks or suspiciously cheap Chinese contractors). Such an entity would be foolish to use such power to push for a backdoor which, if discovered(and there is constant searching going on, even if you only count the guys who just want to send h3rb5l v15gra! spam...), would suddenly give every flea-bitten nonentity who can afford an internet connection considerable intelligence capabilities.
Any entity with substantial legal clout would, unless absurdly moronic, simply use instruments like CALEA, collaboration with Telcom entities, search and seizure procedures, and the like. If those weren't good enough, they would advance the theory that only even greater legal clout can possibly save America and The Children from the pedo-terrorist menace. If history is any guide, they should then receive an upgrade.
Any entity with substantial clandestine/illegal clout would, again unless absurdly moronic, be much better served by making use of vulnerabilities that happen anyway, along with HR/outsourcing based infiltration of relevant institutions. Pushing for a backdoor that puts them on par with dubiously pubescent script kiddies, when they currently have a commanding lead, would be illogical in the extreme.
They aren't overrated; but they do have plenty of built-in redundancy...
Given that organisms already have DNA by which they can be identified and without which they are going to find essentially all critical life functions to be very difficult indeed, the idea of using some fancy, novel, and removable tag would be pretty ridiculous.
It's an interesting bit of research, and will probably save the highly specialized "people trying to grow a bunch of early-stage embryos without getting them mixed up, for assorted research purposes" a considerable amount of time and trouble; but its utility for tinfoil hat stuff seems minimal. Humans are already loaded with GUIDs, some of which they shed involuntarily and essentially continuously, so you don't really need to go to extra effort there...
I'm assuming that some kid stabbed another kid with a pencil. Largely harmless(unless you go for an eye or an artery, where a decent set of fingernails would be almost as bad, most pencils are pretty brittle); but the sort of thing that admin loses their shit over.
.5mm, steel tip, actually made a reasonably effective slashing weapon, even backed by my middle-school-pencil-necked-geek levels of strength. Unfortunately, from my rather compromised position, I was only able to inflict a series of lacerations on noncritical soft tissue, rather than open any veins or arteries and effect exsanguination; but I've seen worse improvised weapons...
It could, if we wish to be slightly more charitable to the intelligence of the writer(not necessarily a sound idea; but hypotheticals can be interesting), an attempt to keep assorted nonstandard pencils away, while permitting a supply of dull, generic #2s. Back in middle school, I once had cause(the other guy coming up behind me and putting me in a headlock, on an icy playground, and moving to introduce my face to the shard-alicious frozen surface) to use a proper mechanical pencil as a weapon. My good old Pentel P205,
My concern would be that any verification interface that doesn't have raw, independent, access to the persistent storage(doesn't have to be fast, I2C would cut it for all but the biggest blobs, does have to be independent) could theoretically be subverted by a malicious firmware.
In effect, unless you can take the system offline and scan the raw memory, you are really just asking the (potentially compromised) firmware running on the embedded CPU "Dear sir, are you compromised?" to which the answer will, inevitably be "No, obviously not, here is the checksum of either the firmware that I am, or the firmware I maliciously replaced. Nothing to worry about."
It's analogous to the challenge of A/V software on a potentially rootkitted system. You can ferret out a lot of the sloppier stuff by asking clever questions, which make it very hard for a rootkit to hid all its traces; but you are very much at a disadvantage. If you take the disk offline, though, and just hash all the files, comparing against known good hashes, nothing can hide, no matter how subtle.
Your brilliant rendering of the requisite condescending tone aside, the point here isn't camera snobbery; but the question of what is good enough for whatever intelligence gathering the world's collective supply of jackboots is ostensibly trying to control.
Obviously, big sensors and huge lenses collect more light. Full frame DSLRs with gigantic lenses spit on point and shoots, which spit on camera phones. So what? Digital medium format backs spit on the DLSR crowd, and the Large Format guys spit on them(and start at only $50,000!). If we really want to ascend to the top of the dick-waving ladder, we might as well include the LN2-cooled astrophotography crowd, who measures their lenses in meters and whatever officially-nonexistent toys the spy birds are launched with.
None of that is the point. Point is, if you are just casing the joint, 95% of your needs can be met on Flickr, or Google Image search. Most of the remainder can likely be done either with a tourist-standard point and shoot or a pervert-special hidden camera from dealextreme. Obviously, your results aren't going to be deathless masterpieces of the photographer's art; but if you just want to make sure that the shaped charge propels the shrapnel packing into the densest part of the crowd and/or the minister of the interior, who gives a fuck?
Sorry about that. I know almost nothing about clever computer vision tricks, I was just trying to make a point with the first one that rolled off the tip of my tongue.
*Intel spokesweasel, in a plaintive tone*: "We intended EFI to stand for Extensible Firmware Interface; but we didn't mean that extensible. Leave EFI alone!"
I imagine that the bigger risk would be contamination of the supply chain. Having a box rooted and NIC flashed(especially if said NIC(s) are embedded on a motherboard and the malicious flash includes a mechanism for silently eating all reflashes while reporting success...) is a downer; but learning that 45% of counterfeit Cisco gear, and 20% of the real used stuff, is also loaded with firmware level malice would be a real downer...
One might also go the avenue of adding a system-wide mechanism, designed from the ground up for maximum simplicity(so it doesn't itself need potentially malicious patching), for reading and writing all persistent memory in a system using an external piece of hardware in a special non-operating debug type mode(jtag-esque; but designed for lower complexity and this single purpose).
Some vendors would, no doubt, cry about the security of their precious binary blobs; but the customer, and security must ultimately come first. If there were such a mechanism, for reading back all the various 'hidden' memory spaces within a system, you wouldn't need to choose between the "security and control" of signed-only firmware or the "freedom and potential risk" of allowing unsigned firmware. The vendor could publish their recommended firmware, and its hash, and anybody who wished to verify their system could do so, and anybody who wished to run their own could calculate their own hash and do likewise.
I suspect that they are (reasonably) well aware that somebody, presumably an embedded system/driver dev had to produce the blobs and loaders and other structures they are monkeying with in the first place. However, from their perspective as security guys, the point isn't "Wow, nobody has ever written an embedded device firmware, burned it to a device, and done some stuff with it" it is "Hey, it is possible for a third party of some(but by no means unique) skill and experience to, wholly without the cooperation of the manufacturer, work out everything that is necessary to get an ill documented or undocumented piece of hardware up and running with a new firmware that is both compatible with the original driver and capable of non-malicious operation and also capable of additional malicious functions".
Anybody who gives the matter a moment's thought, even pure amateurs, must conclude by simple logic that somebody can do it; what the security people are pointing out is that not only can somebody do it, potentially hostile third parties with reasonably available skills and no manufacturer support or collaboration can do it....