What about Halliburton? I'm fairly sure only offering contracts to the company the VP used to be CEO of is much worse than the standard run of the mill corruption! At least the US is still #1 in some things!
Re:Would be nice if it were true...
on
Apple Eyeing EA?
·
· Score: 2, Interesting
dunno why your moded funny, for a game to work on mac it has to use openGL, combine that with wine and most of the windows versions will run pretty well under wine.
In some of the other Japanese cases, the "water torture" included strapping people to ladders and dunking them face down into swimming pools until they passed out. This is not the same as waterboarding.
To any normal person typing somebody to a board and making them feel like their drowning is the same thing. Being very specific and defining whats bad as exactly what the Japanese did, and whats ok as exactly what the CIA do, is IMO rather pathetic.
Actually I'm thinking of patenting, "a method for a company/buisness to apply for security and prevent other companies/businesses/individuals from being able to implement a wide range of ideas, by offering incentives and/or rewards and/or punishments in exchange for filing papers/electronic documents/faxes with government offices to prevent aforementioned companies/businesses/individuals from reimplementing the initial company/buisness's ideas"
I thought the whole point of "enemy combatants" was to get around the whole human rights for POW and prisoners. Hence why when the japs waterboarded POWs it was a terrible thing to do (even if they were trying to prevent an attack on civilians involving a WMD), but when the US waterboraded "enemy combatants" it was just enhanced interrogation.
While i agree we should stop the FUD, i read this article in an anti-intel light, although tbh i cant blame them, there is little need for virtualisation especially as XPM isn't going to be all that popular anyway!
Its a shame that/. is more of an anti-windows site, than a pro-linux site, but there hasn't been much to report on in the linux world recently.
I thought Microsoft would at least put some effort in (i.e syncing up domain accounts/users would be easy). Do you really need separate firewall, surely its coverd by your win7 firewall? I'd also hope that the partition can be mounted and scanned by most virus scanners (although you would need something if you wanted to scan on read/write)?
Why bother put it in the lower end stuff? Before MS announced windows7 most windows users would have no need to virtualise on the desktop, so its a cheap trick that stops your low end dekstop stuff getting used in servers, and means you can charge a little extra for essentially the same chip.
Hell I've played about with VMs but even on linux i usually stick with wine where i can and doubt i'd pay more than a few dollars for virutalisation
I'm a big fan of laptops replacing textbooxs in the poorer regions of the world where kids cant get the books, but I dunno if it makes much sense in this situation.
Natoli said he didn't know what the files were or where they were coming from, until being contacted by Security Fix. What he couldn't have known is that Zeus encrypts both the data stolen from infected systems and the configuration files left on servers that tell Zeus-infected systems which bank Web sites the attackers are trying to steal credentials for each day. In either case, the files would appear to anyone without the encryption key to be gibberish-filled files.
Couldn't you get the keys when the attacker connects? or the program is loaded into ram?
Dumping processors in a box is "easy", but multicore programming is not easy. The software tools are not there yet. Not to mention, you need deep pockets to roll your own multicore IC and build up the requisite software ecosystem.
But when you deal with servers you don't need to worry about that, you can just launch a thread/process for each client.
For something like a browser which is often prone to crashing on crappy plugins, it makes sense to aim for reliability.
How would doing it at the browser level be better than at the plugin level (like nsplugginwrapper does)? I don't have a browser to test it on but i seam to remember that 32flash->32firefox took a pretty bad performance hit, would this still be the case?
This can be achieved in threads, i really hate the idea of jumping to a one process per tab model when it doesn't offer the advantages being promised. If this is going to be done, it needs to be done for the security benefits and that requires OS/distro cooperation!
Responsiveness / multicore use / tab crashing can all be done using threading Security is the only reason to use separate processes and IMO i don't want to take a per-tab performance hit when browsing slashdot/youtube/gay^H^H^Hporn/etc, per tab stuff should only come into play on HTTPS sites (along with protection from malicious(or simply exploited) extensions).
Any news since then, I've not played around much with my system because of exams but, last time i looked the QT port had once again died! This isn't the first time this has been tried/failed either:(
Try out minefield, its pretty fast and rarely crashes on me (literally twice in ~6 months of running it), rendering is fast, startup time is pretty good and generally firefox 3.5 is the fasted browser I've seen (granted im on Linux but it compares favorably to chrome on my friends windows box, and the Linux version does even have PGO yet)
Changing to a multiprocessor system is going to mean a performance hit and only provides a marginal security benefit, Firefox's main security hazard are its extensions, ofc if they get a similar lock down and UAC/SElinx/apparmor or something similar can prevent them from messing with https rendering (or each other as was recently a problem with noscript+adblock) then it's worth it.
I tried explaining this on DIGG, but to not have the title understand it on Slashdot is depressing! I think there is an advantage to processes pre tab against a code injection attack Also if you had Firefox-gui, Firefox-net, Firefox-Gecko, Firefox-Profile, Firefox-file you could give each one a different SElinux/apparmor/UAC profile.
Im not sure what the performance trade off would be like so i sincerely hope that there is a single binary compiler option. I also think that a good balance to prevent the security hit on per-tab processes is to only put https tabs in separate processes (additionally it would be smart to prevent extensions running on these pages (GUI extensions would still work, but nothing that touched the page).
Are processes even needed for security though? can threads be locked down to achieve this without the performance hit? (and additionally, lock down extensions?)
it depends how its done, but the performance hit in the past has been pretty bad. This is how nspluginwrapper works and apparently running 32bit flash on a 32bit system still took a noticeable performance hit. IMO it's better to just do this in threads but keep a close eye on the plugin threads.
To a company with a policy of using it, it's defiantly a requirement to be able to tick that box.
Obviously all DRM isn't entirely effective but restricting what a file can be used for (on a locked down computer OFC) can go along way to preventing accidental breaches. Also while printing/emailing/copying a 200 page document takes minutes, but photographing it is going to take hours!
Slashdot Mirror
FFS noob! Everybody knows the SI unit for a shit is the couric!
What about Halliburton? I'm fairly sure only offering contracts to the company the VP used to be CEO of is much worse than the standard run of the mill corruption! At least the US is still #1 in some things!
dunno why your moded funny, for a game to work on mac it has to use openGL, combine that with wine and most of the windows versions will run pretty well under wine.
Right but if they give you shitty food, they only owe you a refund
In some of the other Japanese cases, the "water torture" included strapping people to ladders and dunking them face down into swimming pools until they passed out. This is not the same as waterboarding.
To any normal person typing somebody to a board and making them feel like their drowning is the same thing. Being very specific and defining whats bad as exactly what the Japanese did, and whats ok as exactly what the CIA do, is IMO rather pathetic.
So we should all go back to reiser3 the fragmentation-less filesystem? :P
Actually I'm thinking of patenting, "a method for a company/buisness to apply for security and prevent other companies/businesses/individuals from being able to implement a wide range of ideas, by offering incentives and/or rewards and/or punishments in exchange for filing papers/electronic documents/faxes with government offices to prevent aforementioned companies/businesses/individuals from reimplementing the initial company/buisness's ideas"
then suing the crap out of anybody who tries it!
I thought the whole point of "enemy combatants" was to get around the whole human rights for POW and prisoners. Hence why when the japs waterboarded POWs it was a terrible thing to do (even if they were trying to prevent an attack on civilians involving a WMD), but when the US waterboraded "enemy combatants" it was just enhanced interrogation.
While i agree we should stop the FUD, i read this article in an anti-intel light, although tbh i cant blame them, there is little need for virtualisation especially as XPM isn't going to be all that popular anyway!
Its a shame that /. is more of an anti-windows site, than a pro-linux site, but there hasn't been much to report on in the linux world recently.
(seperate domain account, seperate users, seperate AV, seperative firewall)
I thought Microsoft would at least put some effort in (i.e syncing up domain accounts/users would be easy).
Do you really need separate firewall, surely its coverd by your win7 firewall?
I'd also hope that the partition can be mounted and scanned by most virus scanners (although you would need something if you wanted to scan on read/write)?
Why bother put it in the lower end stuff? Before MS announced windows7 most windows users would have no need to virtualise on the desktop, so its a cheap trick that stops your low end dekstop stuff getting used in servers, and means you can charge a little extra for essentially the same chip.
Hell I've played about with VMs but even on linux i usually stick with wine where i can and doubt i'd pay more than a few dollars for virutalisation
Such a long post for the content:
f(g(m)) may be stronger or weaker than g(m) or f(m) but i have no evidence either way, however g has been tested more than f.g
OR
I dunno, but SHA-1 has been tested more than MD5 on SHA-1
I'm a big fan of laptops replacing textbooxs in the poorer regions of the world where kids cant get the books, but I dunno if it makes much sense in this situation.
Natoli said he didn't know what the files were or where they were coming from, until being contacted by Security Fix. What he couldn't have known is that Zeus encrypts both the data stolen from infected systems and the configuration files left on servers that tell Zeus-infected systems which bank Web sites the attackers are trying to steal credentials for each day. In either case, the files would appear to anyone without the encryption key to be gibberish-filled files.
Couldn't you get the keys when the attacker connects? or the program is loaded into ram?
Dumping processors in a box is "easy", but multicore programming is not easy. The software tools are not there yet. Not to mention, you need deep pockets to roll your own multicore IC and build up the requisite software ecosystem.
But when you deal with servers you don't need to worry about that, you can just launch a thread/process for each client.
For something like a browser which is often prone to crashing on crappy plugins, it makes sense to aim for reliability.
How would doing it at the browser level be better than at the plugin level (like nsplugginwrapper does)? I don't have a browser to test it on but i seam to remember that 32flash->32firefox took a pretty bad performance hit, would this still be the case?
This can be achieved in threads, i really hate the idea of jumping to a one process per tab model when it doesn't offer the advantages being promised. If this is going to be done, it needs to be done for the security benefits and that requires OS/distro cooperation!
Responsiveness / multicore use / tab crashing can all be done using threading
Security is the only reason to use separate processes and IMO i don't want to take a per-tab performance hit when browsing slashdot/youtube/gay^H^H^Hporn/etc, per tab stuff should only come into play on HTTPS sites (along with protection from malicious(or simply exploited) extensions).
Wouldn't the point of the course be to teach them about threading (perhaps using erlang), they can then use those skills to thread in other languages.
Any news since then, I've not played around much with my system because of exams but, last time i looked the QT port had once again died! This isn't the first time this has been tried/failed either :(
multi-threading is all they need to lock up your system, but ofc more than one thread/process needs to be chomping at the same time!
Try out minefield, its pretty fast and rarely crashes on me (literally twice in ~6 months of running it), rendering is fast, startup time is pretty good and generally firefox 3.5 is the fasted browser I've seen (granted im on Linux but it compares favorably to chrome on my friends windows box, and the Linux version does even have PGO yet)
Changing to a multiprocessor system is going to mean a performance hit and only provides a marginal security benefit, Firefox's main security hazard are its extensions, ofc if they get a similar lock down and UAC/SElinx/apparmor or something similar can prevent them from messing with https rendering (or each other as was recently a problem with noscript+adblock) then it's worth it.
I tried explaining this on DIGG, but to not have the title understand it on Slashdot is depressing!
I think there is an advantage to processes pre tab against a code injection attack
Also if you had Firefox-gui, Firefox-net, Firefox-Gecko, Firefox-Profile, Firefox-file you could give each one a different SElinux/apparmor/UAC profile.
Im not sure what the performance trade off would be like so i sincerely hope that there is a single binary compiler option. I also think that a good balance to prevent the security hit on per-tab processes is to only put https tabs in separate processes (additionally it would be smart to prevent extensions running on these pages (GUI extensions would still work, but nothing that touched the page).
Are processes even needed for security though? can threads be locked down to achieve this without the performance hit? (and additionally, lock down extensions?)
it depends how its done, but the performance hit in the past has been pretty bad. This is how nspluginwrapper works and apparently running 32bit flash on a 32bit system still took a noticeable performance hit. IMO it's better to just do this in threads but keep a close eye on the plugin threads.
To a company with a policy of using it, it's defiantly a requirement to be able to tick that box.
Obviously all DRM isn't entirely effective but restricting what a file can be used for (on a locked down computer OFC) can go along way to preventing accidental breaches. Also while printing/emailing/copying a 200 page document takes minutes, but photographing it is going to take hours!
whats a real shame is that it wouldn't be too hard to put a big fat warning on all executable (well anything with +x anyway).