You don't get it, if a system is compromised, you can not trust any state it reports, therefor the checker is worthless.
Take a look at something like a rootkit, it's able to hide it's existence from the user and the AV scanner because it blinds the scanner, nor can you figure out what the purpose is of any given program existing on a system, it might be benign, it might not be, you can only validate known programs.
Again, your suggestion is ridiculous, no matter how good a programmer you might be, it's as flawed an idea as DRM.
The difference between a computer and a refrigerator is that a refrigerator doesn't get to talk to its buddies on the phone. Windows needs no security patches if you don't use networking and are careful with any files you bring onto the system from outside sources.
There are internet connected refrigerators these days...
While it would make a stupid mandatory requirement to do online business with customers due to the wide base of networked devices, it could be nice for corporate systems, and would be a great opt-in feature for others. [x] Only allow systems with recent health certificate, AV signatures, etc to access my account remotely. This isn't going to improve YOUR security measurably, but it gives the other end confidence to enable more online features. It would never work to deny access... which is what you're trying to scare us into thinking.
When it comes to security, you should NEVER trust the client, how will you generate a health certificate without using TPM & whitelists? Simple: You can't.
This isn't about security, this is about control.
Why are you getting all excited about "require"? Even a complete idiot would see that is technically impossible given all the possible networked devices out there this would impact. On the other hand, as an opt-in feature this could be very useful.
The only way you can ensure a client is trustworthy is if you have complete control over it and the connection to it, anything else is just a smokescreen for control.
You can not download a checker that reports PASS or FAIL for several reasons:
- If the system is already compromised, you can not trust anything an application says inherently, the execution of the downloaded checker can be altered
- A checker will not know about every possible running program in existence, in order to truly validate a system, you need to work with white lists, not blacklists
- There is no checker that will run on all possible operating systems
- You still need to trust the checker itself
My bank in Belgium works with Firefox, they do not use any external links (no ads, imagine that!) and they do not rely on usernames & passwords, rather on generated tokens based on my debit card's chip and a card reader (that doesn't hook up to the computer).
This is not so much about viruses and such, but about control, they will only be able to 'validate' a limited set of operating systems and applications, anything they do not know they have to reject as untrustworthy. That means you loose choice and power as a consumer.
Nobody has the (legal or moral) right to dictate what OS & applications i can run, and anyone suggesting such a scheme should be taken away from computers immediately..
Data is stateless, it's the OS and applications that can be compromised. No online (or ofline) entity has the legal or moral right to even get near my data.
It's not because you don't trust a specific technology to be tamper proof that you'll refuse using it. As a matter of fact, i don't trust locks neither, they can be picked or broken. Verisign will sign a certificate for everybody, you need to trust the certificate issuer and the certificate owner, owning a legit certificate is no guarantee that the business holden the certificate is legit.
As a principle, i trust nobody online (or offline), i decide each case on it's merits, and avoid using privileged information online as much as possible.
I don't trust Verisign neither, that doesn't mean i remove it's root certificate, but for me, a valid certificate is not sign to blindly trust the other end of the connection.
I've never seen a buggy Nokia, however, HTC's with Windows on them were known to have issue's requiring a reboot every two, three days. I call bullocks
Su or sudo, makes little difference, if i only need to run apt-get upgrade or something like that, i'll sudo, if i need to do more then a few commands i might su, but i consider it best practice to use su as little as possible.
The levy for blank paper is included in the price of the printer, at least it is in Belgium. Buy a multifunction device that can print & scan, and you get to pay a nice copyright tax on it, you just might be copying books!/sarcasm
BTW my friend is about to be signed, here's a song about how difficult the industry has become. If a hottie with pipes like this going unsigned for 10 years doesn't convince you that piracy is killing the industry, nothing will. Gene Simmons called her "the best unsigned singer out there", she's being called "Amy Winehouse without the baggage" and "a super-hot Susan Boyle" by industry-leading agents and label reps.
She seems talented enough that she should not need to rely on being signed by a label. She can make it fine on her own, one would think.
Who needs labels these days? There's a studio around every corner and everyone can get a CD mastered these days, and if you use music sites you get to promote your work globally for free, get your fans in gear and you have a marketing force, tour a bit and people will notice you if you're good.
These people are devious, selfish, resourceful, and have no respect for the law.
The above statement is about:
A - record labels
B - people who download music illegitimately
C - people who distribute music illegitimately
D - EVERYONE EXCEPT US MUSICIANS
When the labels don't get paid, they take fewer and fewer risks on new talent, and the result is that the only music that gets promoted is over-produced over-hyped generic dogshit. Anyone catch that Superbowl halftime show? That's what happens when real talent goes unrewarded.
BTW my friend is about to be signed, here's a song about how difficult the industry has become. If a hottie with pipes like this going unsigned for 10 years doesn't convince you that piracy is killing the industry, nothing will. Gene Simmons called her "the best unsigned singer out there", she's being called "Amy Winehouse without the baggage" and "a super-hot Susan Boyle" by industry-leading agents and label reps.
I disagree with your reasoning here, mainstream music has always mostly been shit, for every Rolling Stones they do sign there are a thousand other smaller bands just as awesome, this has been the case for as long as i can remember, and i have the memory of an elephant.
Piracy isn't killing the music industry, the music industry is killing itself. I own hundreds of Cd's, and only a small percentage of those are major labels, all the rest i bought directly from the artists themselves at gigs. I have access to torrents, and i do download Cd's, but if the CD i downloaded is good, I'll end up buying the CD.
If i look at my last.fm charts, i notice how much of the music i play is either years old or obscure, 1% is probably mainstream, if the big labels want to sell to me, they'll have to sell good music instead of enforcing laws that gives them levies on blank Cd's or laws that take my rights away.
As for your friend, it's not bad, but i like her better;)
They disagree with you. And Canada isn't the only country with that legal theft law, here in Belgium there is a levy on any media you buy that gets divided between the most successful artists.
The reasoning is that the most successful artists are the most pirated, so the rich get richer still and the really good musicians, they are kept in the dark shadows. They can shove their commercial autotuned shit and shove it up their rectum.
Seriously, fuck christianity, islam and any other primitive superstition, god is a construct of the human mind, invented as a means to explain the world around him. The gods used to be the sun, the fire,the wind, the rain, the summer and winter, the lightning bolt and the thunder, now the gods are just an excuse to cleave someone's head in two.
Slashdot Mirror
I stopped using Microsoft products ages ago, and i'm not going back
Not just pilots, I've had a green laser pointer pointed on my windshield on the highway....
You don't get it, if a system is compromised, you can not trust any state it reports, therefor the checker is worthless.
Take a look at something like a rootkit, it's able to hide it's existence from the user and the AV scanner because it blinds the scanner, nor can you figure out what the purpose is of any given program existing on a system, it might be benign, it might not be, you can only validate known programs.
Again, your suggestion is ridiculous, no matter how good a programmer you might be, it's as flawed an idea as DRM.
The difference between a computer and a refrigerator is that a refrigerator doesn't get to talk to its buddies on the phone. Windows needs no security patches if you don't use networking and are careful with any files you bring onto the system from outside sources.
There are internet connected refrigerators these days...
While it would make a stupid mandatory requirement to do online business with customers due to the wide base of networked devices, it could be nice for corporate systems, and would be a great opt-in feature for others. [x] Only allow systems with recent health certificate, AV signatures, etc to access my account remotely. This isn't going to improve YOUR security measurably, but it gives the other end confidence to enable more online features. It would never work to deny access... which is what you're trying to scare us into thinking.
When it comes to security, you should NEVER trust the client, how will you generate a health certificate without using TPM & whitelists? Simple: You can't.
This isn't about security, this is about control.
Why are you getting all excited about "require"? Even a complete idiot would see that is technically impossible given all the possible networked devices out there this would impact. On the other hand, as an opt-in feature this could be very useful.
The only way you can ensure a client is trustworthy is if you have complete control over it and the connection to it, anything else is just a smokescreen for control.
And TPM is EVIL
You can not download a checker that reports PASS or FAIL for several reasons:
- If the system is already compromised, you can not trust anything an application says inherently, the execution of the downloaded checker can be altered
- A checker will not know about every possible running program in existence, in order to truly validate a system, you need to work with white lists, not blacklists
- There is no checker that will run on all possible operating systems
- You still need to trust the checker itself
Your suggestion is ridiculous.
My bank in Belgium works with Firefox, they do not use any external links (no ads, imagine that!) and they do not rely on usernames & passwords, rather on generated tokens based on my debit card's chip and a card reader (that doesn't hook up to the computer).
That works both ways
This is not so much about viruses and such, but about control, they will only be able to 'validate' a limited set of operating systems and applications, anything they do not know they have to reject as untrustworthy. That means you loose choice and power as a consumer.
Nobody has the (legal or moral) right to dictate what OS & applications i can run, and anyone suggesting such a scheme should be taken away from computers immediately..
Data is stateless, it's the OS and applications that can be compromised. No online (or ofline) entity has the legal or moral right to even get near my data.
It's not because you don't trust a specific technology to be tamper proof that you'll refuse using it. As a matter of fact, i don't trust locks neither, they can be picked or broken. Verisign will sign a certificate for everybody, you need to trust the certificate issuer and the certificate owner, owning a legit certificate is no guarantee that the business holden the certificate is legit.
As a principle, i trust nobody online (or offline), i decide each case on it's merits, and avoid using privileged information online as much as possible.
I don't trust Verisign neither, that doesn't mean i remove it's root certificate, but for me, a valid certificate is not sign to blindly trust the other end of the connection.
What is obvious to you isn't necessarily obvious to the next guy, or even to yourself in 10 years.
The code may be obvious, the motivation why this or that approach was taken might not be.
I've never seen a buggy Nokia, however, HTC's with Windows on them were known to have issue's requiring a reboot every two, three days. I call bullocks
Erm, who's Glen Beck?
Su or sudo, makes little difference, if i only need to run apt-get upgrade or something like that, i'll sudo, if i need to do more then a few commands i might su, but i consider it best practice to use su as little as possible.
It's mostly the syntax that screws with me, i don't use regex that much, but when i do i need a cheat sheet:(
That's why you comment your work, any admin or coder that does not properly comment & document his work is an idiot.
You must be joking, the unsigned artists should be glad they still get to sing every now and then without being sued to the grave!
The levy for blank paper is included in the price of the printer, at least it is in Belgium. Buy a multifunction device that can print & scan, and you get to pay a nice copyright tax on it, you just might be copying books! /sarcasm
There is a similar thing in Belgium, i can't go out and buy a freaking SD Card for my camera without money going to the labels. Fuck That
BTW my friend is about to be signed, here's a song about how difficult the industry has become. If a hottie with pipes like this going unsigned for 10 years doesn't convince you that piracy is killing the industry, nothing will. Gene Simmons called her "the best unsigned singer out there", she's being called "Amy Winehouse without the baggage" and "a super-hot Susan Boyle" by industry-leading agents and label reps.
She seems talented enough that she should not need to rely on being signed by a label. She can make it fine on her own, one would think.
Who needs labels these days? There's a studio around every corner and everyone can get a CD mastered these days, and if you use music sites you get to promote your work globally for free, get your fans in gear and you have a marketing force, tour a bit and people will notice you if you're good.
These people are devious, selfish, resourceful, and have no respect for the law.
The above statement is about: A - record labels B - people who download music illegitimately C - people who distribute music illegitimately D - EVERYONE EXCEPT US MUSICIANS
When the labels don't get paid, they take fewer and fewer risks on new talent, and the result is that the only music that gets promoted is over-produced over-hyped generic dogshit. Anyone catch that Superbowl halftime show? That's what happens when real talent goes unrewarded.
BTW my friend is about to be signed, here's a song about how difficult the industry has become. If a hottie with pipes like this going unsigned for 10 years doesn't convince you that piracy is killing the industry, nothing will. Gene Simmons called her "the best unsigned singer out there", she's being called "Amy Winehouse without the baggage" and "a super-hot Susan Boyle" by industry-leading agents and label reps.
I disagree with your reasoning here, mainstream music has always mostly been shit, for every Rolling Stones they do sign there are a thousand other smaller bands just as awesome, this has been the case for as long as i can remember, and i have the memory of an elephant.
;)
Piracy isn't killing the music industry, the music industry is killing itself. I own hundreds of Cd's, and only a small percentage of those are major labels, all the rest i bought directly from the artists themselves at gigs. I have access to torrents, and i do download Cd's, but if the CD i downloaded is good, I'll end up buying the CD.
If i look at my last.fm charts, i notice how much of the music i play is either years old or obscure, 1% is probably mainstream, if the big labels want to sell to me, they'll have to sell good music instead of enforcing laws that gives them levies on blank Cd's or laws that take my rights away.
As for your friend, it's not bad, but i like her better
They disagree with you. And Canada isn't the only country with that legal theft law, here in Belgium there is a levy on any media you buy that gets divided between the most successful artists.
The reasoning is that the most successful artists are the most pirated, so the rich get richer still and the really good musicians, they are kept in the dark shadows. They can shove their commercial autotuned shit and shove it up their rectum.
Seriously, fuck christianity, islam and any other primitive superstition, god is a construct of the human mind, invented as a means to explain the world around him. The gods used to be the sun, the fire,the wind, the rain, the summer and winter, the lightning bolt and the thunder, now the gods are just an excuse to cleave someone's head in two.