Not if the machine is already running in a virtualized mode from the beginning. You can then pause the machine and scan the entire memory space for the malware, without the malware knowing - except from perhaps the time delays or other external uncontrollables. With the new x86 CPUs this should now be possible. Previously you couldn't do it.
Anyway, it's not an impressive hack if it requires administrator mode.
The Vista (or any other) "run only signed code stuff" is only useful for **AA DRM usage, it won't protect the user - there will very likely be signed code that has exploitable bugs. If that same signed code runs with high privileges, then poof...
It's a sugar coating to make users swallow the pill of "lose control over your PC to the Big Corps".
Unless I see concrete reasoning/evidence otherwise, this worry about goo stuff is way overblown.
Where will the grey goo get _energy_ from to be such a big threat? Solar energy isn't that great a source of energy.
Bacteria have been around for billions of years, there are all sorts of bacteria "eating" all sorts of stuff. If it was so easy to turn the entire environment to goo, the bacteria would have done it already - it's practically what all of them try to do all the time (just look up fermentation).
It takes a pretty sophisticated grey goo to do what bacteria do, and if the grey goo is made of stuff which bacteria or fungi can use, then I think it's the grey goo that has to watch out...
Viruses, bacteria etc can be a problem to us, because they can get energy and resources by parasiting _us_ and other creatures we depend on, in often harmful or deadly ways. They are made from the same stuff as us and thus they can build themselves from us (or subvert our machinery to build themselves).
So if you have a "naive" organic-based goo, good luck stopping fungus and bacteria etc from eating it the moment it gets wet:). I call a goo with no such defenses "naive" - because it was just born yesterday - unlike bacteria etc which have been battling each other for billions of years.
In theory if you have a normal naive (no defense against other micro/nano organisms) organic-based goo our immune system (phages) would probably be able to eat it too. Now if you design a goo that subverts our immune and other systems, then we could have a problem, however I suspect it will be easier to modify an existing virus than to build a "goo" one from scratch.
Alternatively if you have a metal based goo, these would only be a problem if you could create a grey goo that can somehow float around, land and burn/catalyze oil and air and use the energy to shape metal in a way so it can reproduce and repeat the process... The big issue is the burn/catalyze part. Catalysts used by common living creatures (enzymes) are mainly made of commonly available materials - only very trace amounts of other elements are required (if at all). If you prefer to burn instead, then you need to store a fair bit more energy, be able to release it at a high enough power and at the right time to start the burning process.
I recall there was a fungus in South America that was eating CDs - polycarbonate and metal.
So IMO, the most likely great danger to humans from micro/nano stuff would be biological viruses whether modified/bred/engineered or "natural".
I'm not a biotech person but I believe one can feasibly breed viruses to be more dangerous - just get tons of cultures of human cells, then expose the viruses to them, and repeat the process with viruses that produce the effect closest to what you want. No need for much engineering - could probably be very automated. Or do it in conjunction with a carrier organism and human cells - basically breed the virus to survive and spread sublethally in the target carrier organism - rat/roach/flies etc, but be really bad to human cells. The danger is some person/organization actually doing this for USD100k or something.
For macro dangers it'll be one of those meteorites/comets, or humans (we are probably one of the best things at killing ourselves).
"if better jobs were out there and available to us, we'd be working them instead."
Sure many of the people you call might be assholes etc.
BUT from what I see here, it does seem like tons of people you call don't like you calling them. Why don't you get a job where most people actually like what you are doing to/for them? Because this pays more? So who's the bigger asshole?
If you don't mind annoying people just because it pays more, why don't you go send viagra/stock market spam or something? It's the same thing.
Do you really believe there is some greater purpose to your job - that overall it brings a greater benefit to the world?
If it doesn't, then give me a good reason why people shouldn't make your job harder even if the job is legal (in the hope that your employers have to start offering lots more money for the job, and having to hire more people, and the job goes away eventually).
Maybe I'm wrong and most people actually don't mind being called. Anyone have stats? Perhaps some independent party should be called to do a phone survey with just 1 question: "do you dislike being called?" if the majority called answer yes, then all such surveys should be banned.
I often think of programming as a form of compression.
Instead of writing long lines of if-then-else we try to write something shorter that can do the same thing, faster and with hopefully less time and effort spent (writing and maintaining). A squeezing from different directions (with different priorities).
I think copy and paste coding is fine, if you suspect that the "duplicates" are likely to need to become different later, and especially if you're not sure in what way they are going to be different, just that they are likely to become different.
Basically instead of 'tar.gz'-ing that bit you leave stuff "uncompressed" and more accessible to future manipulation. Whereas if you compress it, later you might find you need to uncompress it etc etc. And that's just more work.
Things that aren't likely to change, you can compress (and even place into some library - like "fax compression codes").
If you are busy ask them to hold on for a while- e.g. "Please hold on, I'll be back".
Then finish doing whatever it is you are doing (dinner, shower etc) and if there's nothing else more urgent/important to do, come back and answer their questions.
This way you also delay them from pestering the next person.
For one the "let it all hang out" = good for you, is most likely bullshit - anyone have any studies?
I think my bullshit theory without proper studies is more plausbile:humans are animals, so it's like training animals. If you keep letting yourself go wild, you will tend to keep going wild. And if you don't start domesticating when the target is young it gets much harder later on.
When you have 3rd party hardware you will often need drivers that don't come with the O/S.
I had to download Nvidia's drivers to get gigabit LAN working properly for Linux on some motherboards (the Linux built-in drivers stop working on anything above light traffic).
You don't have this on the Mac if you stick with Mac hardware.
Add 3rd party hardware and you will have the same problems - crashes etc.
This is because even the latest Linux and Mac kernels have the drivers running in kernel mode, so if a driver is crap the O/S can die in a major way, or get taken over.
On the flipside the last time I checked most of the guy avatars in guild wars didn't look very nice. Well ok the warriors might look with their helms on;).
Example: necromancer male vs necromancer female. And the male necro dance is silly:).
Well if malware refuses to run on vmware guests, then that's good for me - because I run a fair number of servers as vmware guests, including my firewall.
BTW: is it copyright infringement if you redistribute a hacker's tools without his permission? Could the hacker use the DMCA as well?
e.g. I could write you a note saying that anyone holding that note can redeem it from me for USD100.
You can then pass that note to someone else as payment for something.
Banks do this sort of thing all the time.
You put money into the bank, and then the bank lends it to others for interest. Those others could put part of the money back into the bank which then also lends that out as well.
When people start taking money out at the same time, the system starts falling apart.
You can stimulate bits of the brain and get all sorts of effects/feelings, but that doesn't mean those effects/feelings under normal circumstances have no basis in reality.
Just because they can hypnotize you to feel pain in your arm, doesn't mean that feeling pain in your arm is a malfunction of your brain.
Same with those experiments that stimulate the brain to cause a "sense of God" - it doesn't prove that there's no God or that its just some brain cells misfiring. In fact it is somewhat interesting that there would be such a "sense" on humans in the first place.
I am inclined to believe that most deja vu experiences are due to some bugginess in our brains - things going out of sync. Because I haven't seen anyone actually give out a valid prediction to others due to the deja vu. Doesn't have to be an immediately useful prediction. Could be just "Mr Xyz is going to call within the next 5 seconds".
I won't be surprised if humans have "prophetic" abilities.
Maybe we all have prophetic abilities (including animals), after all the first animal that accurately prophesied how it was going to eat another animal and when, would have had an evolutionary edge over that other animal. But after so many generations, the "free-will" + competing prophets results in most of us not being able to see the future clearly anymore.
But guess who wants to own the keys to the kingdom?
Also it doesn't really do what most people will think it does. The cure could be worse than the condition.
Because if you allow the execution of a binary executable that allows you to do a near infinite number of things, then you're still vulnerable.
Examples of such executables - word, excel, perl, python. Go figure.
So in the end you could end up with a computer you have no control over, but is controlled by either Microsoft and friends or by the malware writers;).
Be careful, or we will play right into their hands.
People can do a lot of cross platform stuff with a few lines of perl (or other popular scripting languages) and the standard built-in modules.
A LOT is possible. The last I checked perl is included on most Linux distros, *BSDs and OSX.
Just not many will bother yet.
It's trivial for a trojan horse perl script to have _zero_ malicious code at the start, but download the payload later from a google search (e.g. eval "$foo"; ). There could even be plausible deniability, just reuse crap code out there in your trojan and exploit it later.
If the AV people have difficulty detecting current silly viruses, I doubt they'll have much of a chance vs perl/other script stuff.
A malware writer can easily write a completely new one everyday - these are rapid development languages after all. Tons of people already do perl golf and obfuscated code for fun.
But for now linux, mac desktop users are fairly safe, because most aren't as stupid/ignorant AND there just aren't enough of them.
The targets of mass malware attackers are the weak/stupid/ignorant ones.
Once you have the same sort of people who will run as root/Administrator _AND_ actually enter passwords to decrypt encrypted zipfiles _AND_ run them, getting them to run a little perl script as root is nothing.
"Install new screensaver just do this:" perl Makefile.PL
Anyway a real way to reduce this spyware/malware stuff is for the authorities to start using those existing antihacking laws on the culprits. After all if money is involved the trail is easier to follow. I mean who is paying who to force computers to show those stinking ads, or tamper with them to send spam?
If the cops etc are jailing "hackers" who copy source code etc, it's funny how they have difficulty getting the malware/spyware people who tamper with hundreds of thousands of computers or more.
Not if the machine is already running in a virtualized mode from the beginning. You can then pause the machine and scan the entire memory space for the malware, without the malware knowing - except from perhaps the time delays or other external uncontrollables. With the new x86 CPUs this should now be possible. Previously you couldn't do it.
Anyway, it's not an impressive hack if it requires administrator mode.
The Vista (or any other) "run only signed code stuff" is only useful for **AA DRM usage, it won't protect the user - there will very likely be signed code that has exploitable bugs. If that same signed code runs with high privileges, then poof...
It's a sugar coating to make users swallow the pill of "lose control over your PC to the Big Corps".
Well I meant "killing ourselves" as in "killing humans".
;).
As for the Lemmings game - I think humans did a fair bit of killing of lemmings too
Unless I see concrete reasoning/evidence otherwise, this worry about goo stuff is way overblown.
:). I call a goo with no such defenses "naive" - because it was just born yesterday - unlike bacteria etc which have been battling each other for billions of years.
Where will the grey goo get _energy_ from to be such a big threat? Solar energy isn't that great a source of energy.
Bacteria have been around for billions of years, there are all sorts of bacteria "eating" all sorts of stuff. If it was so easy to turn the entire environment to goo, the bacteria would have done it already - it's practically what all of them try to do all the time (just look up fermentation).
It takes a pretty sophisticated grey goo to do what bacteria do, and if the grey goo is made of stuff which bacteria or fungi can use, then I think it's the grey goo that has to watch out...
Viruses, bacteria etc can be a problem to us, because they can get energy and resources by parasiting _us_ and other creatures we depend on, in often harmful or deadly ways. They are made from the same stuff as us and thus they can build themselves from us (or subvert our machinery to build themselves).
So if you have a "naive" organic-based goo, good luck stopping fungus and bacteria etc from eating it the moment it gets wet
In theory if you have a normal naive (no defense against other micro/nano organisms) organic-based goo our immune system (phages) would probably be able to eat it too. Now if you design a goo that subverts our immune and other systems, then we could have a problem, however I suspect it will be easier to modify an existing virus than to build a "goo" one from scratch.
Alternatively if you have a metal based goo, these would only be a problem if you could create a grey goo that can somehow float around, land and burn/catalyze oil and air and use the energy to shape metal in a way so it can reproduce and repeat the process... The big issue is the burn/catalyze part. Catalysts used by common living creatures (enzymes) are mainly made of commonly available materials - only very trace amounts of other elements are required (if at all). If you prefer to burn instead, then you need to store a fair bit more energy, be able to release it at a high enough power and at the right time to start the burning process.
I recall there was a fungus in South America that was eating CDs - polycarbonate and metal.
So IMO, the most likely great danger to humans from micro/nano stuff would be biological viruses whether modified/bred/engineered or "natural".
I'm not a biotech person but I believe one can feasibly breed viruses to be more dangerous - just get tons of cultures of human cells, then expose the viruses to them, and repeat the process with viruses that produce the effect closest to what you want. No need for much engineering - could probably be very automated. Or do it in conjunction with a carrier organism and human cells - basically breed the virus to survive and spread sublethally in the target carrier organism - rat/roach/flies etc, but be really bad to human cells. The danger is some person/organization actually doing this for USD100k or something.
For macro dangers it'll be one of those meteorites/comets, or humans (we are probably one of the best things at killing ourselves).
"if better jobs were out there and available to us, we'd be working them instead."
Sure many of the people you call might be assholes etc.
BUT from what I see here, it does seem like tons of people you call don't like you calling them. Why don't you get a job where most people actually like what you are doing to/for them? Because this pays more? So who's the bigger asshole?
If you don't mind annoying people just because it pays more, why don't you go send viagra/stock market spam or something? It's the same thing.
Do you really believe there is some greater purpose to your job - that overall it brings a greater benefit to the world?
If it doesn't, then give me a good reason why people shouldn't make your job harder even if the job is legal (in the hope that your employers have to start offering lots more money for the job, and having to hire more people, and the job goes away eventually).
Maybe I'm wrong and most people actually don't mind being called. Anyone have stats? Perhaps some independent party should be called to do a phone survey with just 1 question: "do you dislike being called?" if the majority called answer yes, then all such surveys should be banned.
I often think of programming as a form of compression.
Instead of writing long lines of if-then-else we try to write something shorter that can do the same thing, faster and with hopefully less time and effort spent (writing and maintaining). A squeezing from different directions (with different priorities).
I think copy and paste coding is fine, if you suspect that the "duplicates" are likely to need to become different later, and especially if you're not sure in what way they are going to be different, just that they are likely to become different.
Basically instead of 'tar.gz'-ing that bit you leave stuff "uncompressed" and more accessible to future manipulation. Whereas if you compress it, later you might find you need to uncompress it etc etc. And that's just more work.
Things that aren't likely to change, you can compress (and even place into some library - like "fax compression codes").
If you don't mind being rude try this:
If you are busy ask them to hold on for a while- e.g. "Please hold on, I'll be back".
Then finish doing whatever it is you are doing (dinner, shower etc) and if there's nothing else more urgent/important to do, come back and answer their questions.
This way you also delay them from pestering the next person.
For one the "let it all hang out" = good for you, is most likely bullshit - anyone have any studies?
I think my bullshit theory without proper studies is more plausbile:humans are animals, so it's like training animals. If you keep letting yourself go wild, you will tend to keep going wild. And if you don't start domesticating when the target is young it gets much harder later on.
And 50% are? That's a high percentage. Unless it includes test installs.
But actually the main thing is the _preinstalls_. Are Dell, HP, etc going to preload Vista?
The support calls would be "interesting" if they have too many versions of Vista for desktop users - there's already the aero vs classic.
That's bullshit.
When you have 3rd party hardware you will often need drivers that don't come with the O/S.
I had to download Nvidia's drivers to get gigabit LAN working properly for Linux on some motherboards (the Linux built-in drivers stop working on anything above light traffic).
You don't have this on the Mac if you stick with Mac hardware.
Add 3rd party hardware and you will have the same problems - crashes etc.
This is because even the latest Linux and Mac kernels have the drivers running in kernel mode, so if a driver is crap the O/S can die in a major way, or get taken over.
In quake 1 if you take the invisibility power up, your eyes are still visible.
Or how Stalin did it.
Go look up how those dictators kept a trusted bunch around and maintained them.
If you're going to be a paranoid dictator there's plenty of material around.
When I last checked in Oracle a zero length string = null
That's a biggie (and stupid IMO).
Not sure what happens if you concat a string with a null or do other similar stuff.
Then there's DECODE.
On the flipside the last time I checked most of the guy avatars in guild wars didn't look very nice. Well ok the warriors might look with their helms on ;).
:).
Example: necromancer male vs necromancer female. And the male necro dance is silly
Of course you don't tune for massive clotting. You tune for "massive stroke" or "deep vein thrombosis".
I think it's as stupid idea - because you do want some blood flow if you do want to save the limb.
I think it's not just fraud- it's treason. But that's just me I guess.
Well if malware refuses to run on vmware guests, then that's good for me - because I run a fair number of servers as vmware guests, including my firewall.
BTW: is it copyright infringement if you redistribute a hacker's tools without his permission? Could the hacker use the DMCA as well?
Money does pop into existence all the time.
e.g. I could write you a note saying that anyone holding that note can redeem it from me for USD100.
You can then pass that note to someone else as payment for something.
Banks do this sort of thing all the time.
You put money into the bank, and then the bank lends it to others for interest. Those others could put part of the money back into the bank which then also lends that out as well.
When people start taking money out at the same time, the system starts falling apart.
"Get politics out of war!"
Well that might make for a lot fewer wars...
Yeah.
You can stimulate bits of the brain and get all sorts of effects/feelings, but that doesn't mean those effects/feelings under normal circumstances have no basis in reality.
Just because they can hypnotize you to feel pain in your arm, doesn't mean that feeling pain in your arm is a malfunction of your brain.
Same with those experiments that stimulate the brain to cause a "sense of God" - it doesn't prove that there's no God or that its just some brain cells misfiring. In fact it is somewhat interesting that there would be such a "sense" on humans in the first place.
I am inclined to believe that most deja vu experiences are due to some bugginess in our brains - things going out of sync. Because I haven't seen anyone actually give out a valid prediction to others due to the deja vu. Doesn't have to be an immediately useful prediction. Could be just "Mr Xyz is going to call within the next 5 seconds".
I won't be surprised if humans have "prophetic" abilities.
Maybe we all have prophetic abilities (including animals), after all the first animal that accurately prophesied how it was going to eat another animal and when, would have had an evolutionary edge over that other animal. But after so many generations, the "free-will" + competing prophets results in most of us not being able to see the future clearly anymore.
Sure that's called DRM and Trusted Computing.
;).
But guess who wants to own the keys to the kingdom?
Also it doesn't really do what most people will think it does. The cure could be worse than the condition.
Because if you allow the execution of a binary executable that allows you to do a near infinite number of things, then you're still vulnerable.
Examples of such executables - word, excel, perl, python. Go figure.
So in the end you could end up with a computer you have no control over, but is controlled by either Microsoft and friends or by the malware writers
Be careful, or we will play right into their hands.
You're so wrong.
People can do a lot of cross platform stuff with a few lines of perl (or other popular scripting languages) and the standard built-in modules.
A LOT is possible. The last I checked perl is included on most Linux distros, *BSDs and OSX.
Just not many will bother yet.
It's trivial for a trojan horse perl script to have _zero_ malicious code at the start, but download the payload later from a google search (e.g. eval "$foo"; ). There could even be plausible deniability, just reuse crap code out there in your trojan and exploit it later.
If the AV people have difficulty detecting current silly viruses, I doubt they'll have much of a chance vs perl/other script stuff.
A malware writer can easily write a completely new one everyday - these are rapid development languages after all. Tons of people already do perl golf and obfuscated code for fun.
But for now linux, mac desktop users are fairly safe, because most aren't as stupid/ignorant AND there just aren't enough of them.
The targets of mass malware attackers are the weak/stupid/ignorant ones.
Once you have the same sort of people who will run as root/Administrator _AND_ actually enter passwords to decrypt encrypted zipfiles _AND_ run them, getting them to run a little perl script as root is nothing.
"Install new screensaver just do this:"
perl Makefile.PL
Anyway a real way to reduce this spyware/malware stuff is for the authorities to start using those existing antihacking laws on the culprits. After all if money is involved the trail is easier to follow. I mean who is paying who to force computers to show those stinking ads, or tamper with them to send spam?
If the cops etc are jailing "hackers" who copy source code etc, it's funny how they have difficulty getting the malware/spyware people who tamper with hundreds of thousands of computers or more.
Oh ok. Saw the line "I'm an attractive guy that the ladies love and I shoot things", and assumed the "worst" :p.
:)
Want some jade wind orbs?
Well, he said Guild Wars. No monthly payments required for Guild Wars.
There's guildwars. No monthly fees.
Still has some grind though, but apparently a lot less than WoW.
Nah. In the future, when they nuke stuff back to the stone age, they really do it... ;).