Instead of hardware encrypted key, you could use a master password provided by the user and either stored in RAM for the whole session or forgotten after some time in a way similar to sudo. That won't prevent anything from malware that achieve root access since they could read the key when typped in by the user, but that will prevent the diffusion of password when a phone is stolen or if the password file is compromised.
You could also imagine that applications need to ask the user permission to access each type of password individually. So the first time I boot up my email client, it asks for authorisation accessing my email password for each account. The user is prompted explicitely with a "remember that choice" check box so that it happens only once. With that model, applications can only access the data it needs. and if my email application ask for my youtube password, I'll be quite suspicious...
Well, I do believe them without any problem. Half the application I tried to install on my phone ask for ridiculously high permissions. I checked a tetris like game that want to access your GPS location, your contact list and the internet. Why ?
I would love the operating system to allow you to report fake information to some application. The application want access to your contact list? sure give it an empty list. It wants to know your GPS location. Sure, give a fixed user-defined location (in the middle of the ocean if possible).
"In case you wonder why I was running something as another normal user, it was for using Windows programs in WINE. I always prefer to do that with a separate user account that isn't used for anything else. This special WINE account has additional restrictions because I do not trust Windows programs -- they might phone home, they might contain malware, they are binary blobs that cannot easily be inspected, etc. The point is, Unix and therefore Linux are multi-user systems. You expect to be able to have multiple concurrent users running programs without issue. "
Haven't your heard ? Lennart Poettering is declaring multi user system obsolete. He could not find how to share a file between two machines so he is now writting plentyuserd a daemon that allow you to share data between two machines ! incredible isn't it ?
I believe it will use java rmi and gnuplot to achieve its goal. It will most likely also depend on latex and 25% of debian packages. But finally we will be able to share data between two machines easily!
It's better than nothing but does not prove much. MS could release the compilation script that build that piece of the code to be able to verify that the binary version of these function is present in WP7
But once again, that code could not be activated at all. Once again, you could offer to recompile that part of the code to insert some profiling. But then, you would know the code is gone trough but maybe discarded.
Soon we will have the discussion about trusting trust again (if you don't know, what it is, it is the prolem of "how to trust your compiler")
The problem is so well known, that people wrote software to patch the code produced by the intel compiler to make it work properly on AMD processors such as http://code.google.com/p/patch-authenticamd/
"So why would you be using an intel compiler on AMD cpus?"
One of the interest in using the x86 instruction set is to be binary compatible so that you can use the code generated by any compiler. The intel compiler is a very good compiler, why not use it ? VIA also produces x86 processors you can use the binaries generated by the intel compiler on it. These technologies are designed to be compatible.
It is not that I am not confortable with them releasing a version 5.
I won't deploy firefox 5 on any machine I need to provide support for. Because I have to assume there won't be any support for it in 3 month from upstream.
Anybody serious deploying system WILL NOT ship a mozilla product. Obsoleting a software 3 month after its release is ridiculous. You can't try to get market share and killa release in 3 month. If you don't plan to give any support, call that a development version!
"So dropping a physical bomb from a physical drone flying above a group of physical people who get turned into smaller physical components when the bomb lands is not a hostile act against the nation that it happens in YET hacking into or damaging a computer network in a nation is an act of war?
So it would be legal for terrorists to use drones to drop bombs on americans but an act of war for the US to release Stuxnet against Iran."
Well, I guess that would it damage a computer it would become an act of war. I guess I am safe at home, there is a computer.:)
Not really. MapReduce is more "an idea" with multiple possible implementations and API.
For instance, Hadoop is an implementation of MapReduce. MR-MPI is an other one. But they are totally incomparable in term of programming interface and obtained performance.
There is probably as many differences between Hadoop and Google's MapReduce (or whatever the official name is) than between windows 7 and macos X.
"Also, it's pretty ridiculous to call 10.10 "obsolete". Non LTS Ubuntu releases go EoL after 18 months, so 10.10 will not be obsolete for another year."
Well, it is on its way straight to the graveyard. It will no longer be supported next april. If I was a retailler that do not already have some, I probably won't get any. It would be crazy to provide a laptop with an OS that won't even have 10 months of support by the distribution.
There is much more to that. The skype protocol being unknown made people wonder what is actually going through the network. Some institute such as INRIA (A french research institute in computer science) forbid the use of skype partly for this reason. As far as we knew, skype might piggyback some request for computation and "steal" some CPU time to sell it. Knowing the protocol should clear that out.
that's what you do in health science. You try to show what is good (read: healthy) and what is not so that (read: dangerous) so that what is good is pushed forward and what is not is forbidden.
What would be the point of discovering something is a poison if no one acts on that knowledge ?
I aggree that the current state is kind of dumb. Business are expecting over qualified people out of college. I aggree that a manager without field experience but a degree in managment will most likely not be a good manager.
But getting field experience is (in my opinion) much easier to gain than education. And with education you gain field experience faster. I am not sure how it is done in the US (I arrived there after graduation), but in France, managing position are often given to "Engineer" (engineering school is a strange concept in france. see http://en.wikipedia.org/wiki/Grandes_%C3%A9coles ). The engineer will spend 2 to 3 monthes working as a blue collar worker trainee. Then will spend an other 6 monthes as a trainee at low level of management probably doing part of blue-collar work. I believe these people can pick up what they need to during these 6 month.
In the US, I am under the impression that most people work during college. I see a lot of student working in retail stores, in restaurant or doing office work. Once again, they should obtain some understanding of what the job is about during their work hours...
After that, if companies hire people at managing position with no field experience at all, they are most likely bound to fail.
I believe you can successfully build a computational cluster from any linux distribution. I am sure you could go wild and use slackware if you want.
But I guess the quesiton is who will administrate the cluster ? from what you say, I feel like you will and you say yourself you don't know much about that. Then I would recommend to keep the distribution installed by the vendor because they will probably give you software support. But if you change it, they probably won't.
Important things have already been told. But in summary the question is what are you going to do with the cluster. What application are going to run on it. Are you going to develop application to run on it ? or are you using premade applications ? If you are developping with it, you probably want more up to date softwares. If you are using some premade applications, you probably want the best compatibility...
I am a new android user. And I wondered about security as well. You said things like "Disable their network access" or "try blocking as much of it as you can until the application stops working". But is there any system level permission that can be set per app ? Anyway to say per app yes or no for the network ? or maybe allow access to some directories but not to other ones? A lot of applications are requesting GPS localisation, is it possible to configure fake coordinates?
When I receive a document, I file it by type: electricity/phone/rent/misc/salary stub/insurance/.... In january. I put all of them in a big envelop and write the year on it.
GP point is that computing a particular digit of pi is easy, you can even compute it manually. So in particular the 60 trilionth digit is easy to know. Knowing the first 60 trilionth digit is a much harder task.
Slashdot Mirror
Instead of hardware encrypted key, you could use a master password provided by the user and either stored in RAM for the whole session or forgotten after some time in a way similar to sudo. That won't prevent anything from malware that achieve root access since they could read the key when typped in by the user, but that will prevent the diffusion of password when a phone is stolen or if the password file is compromised.
You could also imagine that applications need to ask the user permission to access each type of password individually. So the first time I boot up my email client, it asks for authorisation accessing my email password for each account. The user is prompted explicitely with a "remember that choice" check box so that it happens only once. With that model, applications can only access the data it needs. and if my email application ask for my youtube password, I'll be quite suspicious...
Well, I do believe them without any problem. Half the application I tried to install on my phone ask for ridiculously high permissions. I checked a tetris like game that want to access your GPS location, your contact list and the internet. Why ?
I would love the operating system to allow you to report fake information to some application. The application want access to your contact list? sure give it an empty list. It wants to know your GPS location. Sure, give a fixed user-defined location (in the middle of the ocean if possible).
"In case you wonder why I was running something as another normal user, it was for using Windows programs in WINE. I always prefer to do that with a separate user account that isn't used for anything else. This special WINE account has additional restrictions because I do not trust Windows programs -- they might phone home, they might contain malware, they are binary blobs that cannot easily be inspected, etc. The point is, Unix and therefore Linux are multi-user systems. You expect to be able to have multiple concurrent users running programs without issue. "
Haven't your heard ? Lennart Poettering is declaring multi user system obsolete. He could not find how to share a file between two machines so he is now writting plentyuserd a daemon that allow you to share data between two machines ! incredible isn't it ?
I believe it will use java rmi and gnuplot to achieve its goal. It will most likely also depend on latex and 25% of debian packages. But finally we will be able to share data between two machines easily!
You are right!
Let's design a security line to enter the security lines!!
oh wait...
It's better than nothing but does not prove much. MS could release the compilation script that build that piece of the code to be able to verify that the binary version of these function is present in WP7
But once again, that code could not be activated at all. Once again, you could offer to recompile that part of the code to insert some profiling. But then, you would know the code is gone trough but maybe discarded.
Soon we will have the discussion about trusting trust again (if you don't know, what it is, it is the prolem of "how to trust your compiler")
"In the $10k that adds up to."
Well, $10K is about the employment cost of 2 people for one month. A game that will sell 5K copies probably needs a little more than that.
"Any proof of these claims of compiler tampering?"
This is a well known issue with the intel compiler which has been fixed since. The story is told on wikipedia in the criticism section of http://en.wikipedia.org/wiki/Intel_C%2B%2B_Compiler
The problem is so well known, that people wrote software to patch the code produced by the intel compiler to make it work properly on AMD processors such as http://code.google.com/p/patch-authenticamd/
"So why would you be using an intel compiler on AMD cpus?"
One of the interest in using the x86 instruction set is to be binary compatible so that you can use the code generated by any compiler. The intel compiler is a very good compiler, why not use it ? VIA also produces x86 processors you can use the binaries generated by the intel compiler on it. These technologies are designed to be compatible.
"Does AMD not write one?"
AMD contributes to http://en.wikipedia.org/wiki/Open64 and to GCC.
"Your third paragraph reads like an advertisement,"
I agree on that one.
It is not that I am not confortable with them releasing a version 5.
I won't deploy firefox 5 on any machine I need to provide support for. Because I have to assume there won't be any support for it in 3 month from upstream.
Are they trying to kill their user base ?
Anybody serious deploying system WILL NOT ship a mozilla product. Obsoleting a software 3 month after its release is ridiculous. You can't try to get market share and killa release in 3 month. If you don't plan to give any support, call that a development version!
I am SO disappointed in them!
"So dropping a physical bomb from a physical drone flying above a group of physical people who get turned into smaller physical components when the bomb lands is not a hostile act against the nation that it happens in YET hacking into or damaging a computer network in a nation is an act of war?
So it would be legal for terrorists to use drones to drop bombs on americans but an act of war for the US to release Stuxnet against Iran."
Well, I guess that would it damage a computer it would become an act of war. I guess I am safe at home, there is a computer. :)
That guy must be seen as a heor by his "customers". Hats off!
fixing summary +5000
editor -5000
Not really. MapReduce is more "an idea" with multiple possible implementations and API.
For instance, Hadoop is an implementation of MapReduce. MR-MPI is an other one. But they are totally incomparable in term of programming interface and obtained performance.
There is probably as many differences between Hadoop and Google's MapReduce (or whatever the official name is) than between windows 7 and macos X.
"Also, it's pretty ridiculous to call 10.10 "obsolete". Non LTS Ubuntu releases go EoL after 18 months, so 10.10 will not be obsolete for another year."
Well, it is on its way straight to the graveyard. It will no longer be supported next april. If I was a retailler that do not already have some, I probably won't get any. It would be crazy to provide a laptop with an OS that won't even have 10 months of support by the distribution.
android shows you which application sucked your battery. It does not show everything but that's a good beginning.
That's France, nobody really care about such a restriction :) When I was working for INRIA, I was using skype when necessary.
In the same way, INRIA researcher should not use gmail professionaly. Once again, people don't care too much. But that's the policy...
There is much more to that. The skype protocol being unknown made people wonder what is actually going through the network. Some institute such as INRIA (A french research institute in computer science) forbid the use of skype partly for this reason. As far as we knew, skype might piggyback some request for computation and "steal" some CPU time to sell it. Knowing the protocol should clear that out.
that's what you do in health science. You try to show what is good (read: healthy) and what is not so that (read: dangerous) so that what is good is pushed forward and what is not is forbidden.
What would be the point of discovering something is a poison if no one acts on that knowledge ?
I aggree that the current state is kind of dumb. Business are expecting over qualified people out of college. I aggree that a manager without field experience but a degree in managment will most likely not be a good manager.
But getting field experience is (in my opinion) much easier to gain than education. And with education you gain field experience faster. I am not sure how it is done in the US (I arrived there after graduation), but in France, managing position are often given to "Engineer" (engineering school is a strange concept in france. see http://en.wikipedia.org/wiki/Grandes_%C3%A9coles ). The engineer will spend 2 to 3 monthes working as a blue collar worker trainee. Then will spend an other 6 monthes as a trainee at low level of management probably doing part of blue-collar work. I believe these people can pick up what they need to during these 6 month.
In the US, I am under the impression that most people work during college. I see a lot of student working in retail stores, in restaurant or doing office work. Once again, they should obtain some understanding of what the job is about during their work hours...
After that, if companies hire people at managing position with no field experience at all, they are most likely bound to fail.
I believe you can successfully build a computational cluster from any linux distribution. I am sure you could go wild and use slackware if you want.
But I guess the quesiton is who will administrate the cluster ? from what you say, I feel like you will and you say yourself you don't know much about that. Then I would recommend to keep the distribution installed by the vendor because they will probably give you software support. But if you change it, they probably won't.
Important things have already been told. But in summary the question is what are you going to do with the cluster. What application are going to run on it. Are you going to develop application to run on it ? or are you using premade applications ? If you are developping with it, you probably want more up to date softwares. If you are using some premade applications, you probably want the best compatibility...
maybe we should found a church of Internet...
I am a new android user. And I wondered about security as well.
You said things like "Disable their network access" or "try blocking as much of it as you can until the application stops working". But is there any system level permission that can be set per app ? Anyway to say per app yes or no for the network ? or maybe allow access to some directories but not to other ones? A lot of applications are requesting GPS localisation, is it possible to configure fake coordinates?
(I know my karma will suffer but)
MOUAHAHAHAH. Best slashdot post EVER!
When I receive a document, I file it by type: electricity/phone/rent/misc/salary stub/insurance/....
In january. I put all of them in a big envelop and write the year on it.
GP point is that computing a particular digit of pi is easy, you can even compute it manually. So in particular the 60 trilionth digit is easy to know. Knowing the first 60 trilionth digit is a much harder task.