A few years back, I had my (~80) mother set up with a PC running a fairly well locked down Linux setup. It was set up with icewm, and she had menu items for email, (thunderbird) solitaire, (pysol) and a few others. Basically I tailored is specifically to her needs. The mail was kept on a local imap server, and thunderbird connected to it. That way if she did something really weird to thunderbird and made it crash, her mail would be safe in server-space. I did most of what I could to grandma-proof the system.
Somehow she kept changing the theme on icewm. I don't know how... For the particular theme she kept getting, you have to be 4 clicks into a menu tree. But she did, and I'd ssh into her machine and tweak things back the way they belonged, from a spare copy. At one point I marked a bunch of her files as read-only, but some software sees that, sees that she owns the file, and "kindly" changed it back to read-write and made the bogus update. I kept wanting to change things so she didn't even own her own configuration files - they would belong to someone else, and she would have group-level read permission. Never had the chance to do it - testing was the hard part - I'd have to be there for that, and when we were there we had more important things to do that spend a lot of time on the computer.
At this point it's necessary to mention that the Enterprise is on display at the Smithsonian Air & Space Annex at Dulles International Airport. The annex is a few miles down the road from the main terminal. In addition to Enterprise, there's also the Enola Gay, an SR71, a JSF, (F-35?) and a whole pile more. My wife said she liked it better than the Air & Space downtown.
I think Avatar was (among other things) an interesting way to breach "the uncanny valey." http://en.wikipedia.org/wiki/Uncanny_valley By using the newer, more complex CGI on aliens' faces, they managed to shoot for levels of realism that would become disturbing had they attempted them on humans faces. As you say, there are several realms in which they missed the mark, but even so they did a better job than anything else I've seen.
One slightly amusing note was that the Na'vi were obviously "naked savages" who wore enough decorative jewelry or scraps of clothing to retain the PG-13 rating. But it looked to me as if those adornments were bump-mapped onto their bodies. There were some incredibly athletic actions, and though I didn't notice if everything remained plastered primly in place, I never noticed anything flopping around, the way loose things such as necklaces do.
To be fair, the spaceship in Avatar may well be close to the Discovery in Clarke's novel than the Discovery in the movie was. The radiators were there, in the book. I don't remember if the centrifuge was fully enclosed as in 2001, or open as in Avatar.
What if instead, the planetary network is a consequence of life evolving near significant quantities of "unobtanium", either through a radioactively-enhanced mutation rate, or perhaps incorporating trace quantities into the biological structures in some way?
What if the real problem with mining the unobtanium wasn't the damage to visible and known plant life, but the removal of an essential element of the ecosystem?
No... The more the scientists will go somewhere else. Not so much slipping through as avoiding entirely.
The real question is where in the world will things be better than they once were in the US. IMHO it only looks better in India and China now, but that's really a false impression.
Disruption is the essence of progress. Some of what was is superseded by something new. Typically the incumbent technologies and powers either fight progress tooth and nail, try to co-opt it, or try to at least manage it's pace to something they can control. When too much incumbent power is too successful at slowing progress, that progress tends to move somewhere else.
In recent years, those incumbent powers have been quite successful in the US. One can hope that that trend doesn't continue.
Where does that key come from? Is it unique for every TPM, like a network card MAC?
Never mind, a few moments with google... It looks like the "Endorsement key" is chip-unique, in 2 parts, and you can only get the public part, and ask the TPM to sign/encrypt with the private part. It's not at all clear to me that ANYONE knows the private part. In particular, if the TPM has its key manufactured in, it would be a royal pain in the neck to manage the data, correlating private and public keys. (Where "royal" means "expensive", in this case.) As far as I can tell, the private key is used only to sign or encrypt other stuff, so the public key can verify that that particular chip was used.
Again, the key action here becomes "tpm takeownership" or its Windows/OSX equivalent.
I still maintain that a LiveCD with support to do a "tpm takownership" would be a great thing to have, and to use prior to booting ANYTHING else on a new PC. Once I've done a takeownership, nobody else can unless I do a "tpm transferownership".
I don't think that the built-in key is sinister. It looks to me as if the worst that could happen if someone got it is that they could snoop something you've used the TPM to encrypt. Presumably they could grab YOUR private key and do a "tpm transferownership" to themselves. Certainly bad, but hardly unobtrusive. In a way similar to removing the battery to reset the BIOS password - tamper-evident.
Hmmmm, now that I think about it, they could tranferownership to themselves, do nefarious things, then transferownership back to you. I guess then I'd fall back to the "what's so valuable about this laptop to go to all of that effort?" argument.
The wording is "are capable of", and it emphasizes the importance to me of siezing control of your own TPM. Elsewhere on this thread I suggested the creation of a LiveCD that would (first!) access the TPM, giving the owner the private key on a USB flash device. It would be of utmost importance to boot this disk FIRST, before ever booting the preinstalled OS.
I seriously doubt that manufacturing cost constraints would permit injecting private keys - I would expect such injection to take place upon first boot, probably bundled in with the activation process. On that line, I don't know what would happen if Windows first boot found a non-virgin TPM. Would it fail to activate, would it activate but fail to enable MafiAA extensions, or would it just bluescreen?
Hopefully it'll never come to that. Don't forget, every DRM doodad added to software and hardware hurts their respective makers. Part of the giant black eye that Microsoft took over Vista was because of the reliability implications of all of that "trusted path" and "degradation" garbage. Stuff that doesn't do spit to increase the value of the hardware or software to the customer, and it boosts the costs to the developer/manufacturer without any extra revenue, it just placates the MafiAA. So at this point we're pitting entertainment mega-corporations against hardware and software mega-corporations. At one point it's just possible that they could have gotten away with this, but by now enough people have been downloading and streaming without onerous DRM, and enough high-profile prosecutions have taken place, that there will be a general realization that encroaching DRM is just a power grab, not an "enabling factor."
Maybe they're sheeple, but take away their YouTube and enough of them can trample you.
My impression is that with TPM and TrouSerS, *I* can put the master key into the TPM, assuming nobody else has gotten there, first.
Come to think of it, you've just described a new LiveCD. This would be a LiveCD that should be the very first thing you boot in your new PC, especially before you boot the supplied (probably Windows) OS. Boot the LiveCD, plug in a USB flash memory, and it will set up the TPM/TXT for you, putting the necessary root cert stuff on the flash memory for your later use.
Given the nature of manufacturing, I would expect standard TPM/TXT setup to be a first-boot type of operation, probably with some sort of activation tie-in. The real question comes when first-boot finds a non-virgin TPM/TXT. Would it refuse to activate, or would it activate and refuse to enable MafiAA extensions, etc?
I missed that line. Is it true that TXT doesn't let you control your own root cert?
I have a Thinkpad. I keep the TPM stuff in my kernel config, and I've built Trousers. Actually doing something with it has been on my ToDo list for years now. Nor have I tried Trusted Grub.
Let's leave the MafiAA out of this for a moment. Sometimes it seems to me that most users really can't be trusted with their computers.
Click this link!!! Open thie attachment!!!
The littany goes on and on, and no matter how many times they're warned, they still click that link and open that attachment.
For that matter, none of us fully trusts ourselves, in all circumstances. After all, we all say, "Never do normal operations as root, only use root as necessary." That's been considered the first line of security on Unix/Linux, and the first flaw pointed out in the normal operating model of Windows. Look at separation of root priviledge as a way of minimizing those times doubleplusgood diligence is required. Of course we should always be diligent, but there are more sensitive times.
TXT/TPM can be a tool for the owner to protect us from the unknown. We all fear (rightfully, I fear) that TXT/TPM will really be a tool for corporations who clearly distrust their customers.
The issue isn't to build perfectly secure hardware/software, it's to build *sufficiently* secure hardware/software. There really are self-destructing crypto-chips, but those are usually installed in critical hardware where the data involved is sufficiently concentrated and/or valuable that it's worth spending the extra money to protect.
Let's take a simple testcase... Assume that you want to use crypto-stuff to theft-proof your laptop by turning it into a brick for anyone who doesn't have the secret password/token. In bygone days, that might have been the BIOS password, but it's really simple to remove the battery, etc. That's a simple, cheap way to work around the protection. Many systems have a hard drive password, so let's pretend that it's secure. So the "cost" to steal one of those is a new 2.5" hard drive. Now as the protection becomes more sophisticated, presumably the cost to work around it rises as well. At some point, you're better off buying a new laptop, instead of breaking the protection on a stolen one.
Similarly with the value of the data. Most of my data is only valuable to me, not to anyone else. So for the most part, it's not worth much to someone else to crack my data protection. It's worth investing some money/resource to protect my data, but why would anyone bother working really hard to get at it? On the other hand, the previously mentioned mainframe may well have hundreds of thousands of credit card or account numbers, or it may have account numbers for lines of credit worh millions of dollars, etc. It's worth much more to crack the mainframe than it is my piddly system.
So while we may talk about how anything can be broken with physical access, most of the time, especially for Slashdotter's systems, it's just not worth the effort. What we can get off the shelf, TPM or TXT, etc, is probably good enough, probably even overkill.
I suspect that "Steamboat Willie" is perceived as the "lead domino" in the chain. It's also the earliest copyright of their corporate icon, so I doubt the underlying value of the movie is of any significance.
But there is another reason for them to be concerned. Satire and political commentary are protected expression, but I suspect that the protection can vary widely depending on the circumstances. As long as "Steamboat Willie" is in enforced copyright, I doubt "Steamboat Willie and Debbie Do Dallas" would get much protection. I doubt even more that "Steamboat Willie subverts the Constitutional Basis of Copyright in Order to Pay For Political Power and a Never-Ending Chain of Vacation homes" would pass legal test, even though it *should* probably be protected as political speech, even if unwatchable. I suspect mouse-porn would be much more likely, and to be honest, probably more damaging. Laughter usually works better than expressed outrage. (Except for Rupert's child I guess, but I did say "usually.")
Unfortunately we may as well take it as a given that the copyright on "Steamboat Willy" will NEVER expire. Disney just has too much money, too much influence, and employs too many people. (Jobs! Jobs! Jobs! in the current economy, another root password to the Constitution, in addition to "Think of the children!")
So let's get more practical... I'd simply like to see copyright extension never happen automatically. Disney has a whole team of lawyers, let them earn some of their pay by periodically filing for copyright extensions on the Disney stable of cash-cows. Let the other companies do the same. But here's the good side... Let the copyrights on the other stuff expire! Unfortunately some stuff is just going to stay copyrighted, perhaps forever minus 1 day. But let's get what we can into the public domain, if only for historic preservation purposes.
Who knows, perhaps in thousands of years archaeologists will look back at this era, gleaning what they can from our surviving digital records, and wonder whatever the heck "Steamboat Willy" was, while dissertations are written on the cultural significance of "It's a Wonderful Life" in 20th and 21st century America.
...in conjunction with my DynDNS vanity domain. When I first set it up, there was a rush of backscatter, then it tapered off and went away, never to return.
More recently I've started having problems of a different sort. I've been on a certain mailing list for over a year, though not posting very often. Last week I posted to a thread, and got an SPF violation notice from what looks like AOL in Australia, on behalf of someone with 2 apparent domains, neither of which is AOL. The violation notices seem to think that MY mail is originating from an AOL server, so the AOL server is generating an SPF fail. These notices are being generated for only one list subscriber, for every time I post to the list. It looks like a misconfigured AOL server (Would you expect anything else?) to me. Still, that's one aspect of SPF and presumably DKIM - other peoples' misconfigured machines.
I wouldn't call ANWR particularly easy to get at. It's not that hard to get with today's technology base, but throw all that away, pretend you're Jed Clampett, and then see how easy it is to get that oil out of the Alaskan wilderness, much less back to where you want to be. I'm not sure what you mean by "West Coast oil", but if it's offshore, that's not going to be easy for a post-technological society, either.
I was thinking of Doc Smith, wondering if for some real, technical reason the logical spherical shape would give way to the "teardrop-shaped superdreadnaught".
But I guess if you're on Skylark instead of Lensman, I, II, and Valeron were all spherical, only III was cylindrical.
When the "event" is done, when the post-event big-weapon wars are done, when the lower-level turf-wars are done, when exhaustion finally settles in, for the size of "society" left, burning coal for a while won't be a problem. As you say, I'd be much more concerned about enough sunlight coming back after the event to restart the food chain.
Slashdot Mirror
A few years back, I had my (~80) mother set up with a PC running a fairly well locked down Linux setup. It was set up with icewm, and she had menu items for email, (thunderbird) solitaire, (pysol) and a few others. Basically I tailored is specifically to her needs. The mail was kept on a local imap server, and thunderbird connected to it. That way if she did something really weird to thunderbird and made it crash, her mail would be safe in server-space. I did most of what I could to grandma-proof the system.
Somehow she kept changing the theme on icewm. I don't know how... For the particular theme she kept getting, you have to be 4 clicks into a menu tree. But she did, and I'd ssh into her machine and tweak things back the way they belonged, from a spare copy. At one point I marked a bunch of her files as read-only, but some software sees that, sees that she owns the file, and "kindly" changed it back to read-write and made the bogus update. I kept wanting to change things so she didn't even own her own configuration files - they would belong to someone else, and she would have group-level read permission. Never had the chance to do it - testing was the hard part - I'd have to be there for that, and when we were there we had more important things to do that spend a lot of time on the computer.
> I'm going to be really sad to see STS-133 land.
Me too, but nowhere near as sorry as I would if it didn't.
At this point it's necessary to mention that the Enterprise is on display at the Smithsonian Air & Space Annex at Dulles International Airport. The annex is a few miles down the road from the main terminal. In addition to Enterprise, there's also the Enola Gay, an SR71, a JSF, (F-35?) and a whole pile more. My wife said she liked it better than the Air & Space downtown.
I think Avatar was (among other things) an interesting way to breach "the uncanny valey." http://en.wikipedia.org/wiki/Uncanny_valley By using the newer, more complex CGI on aliens' faces, they managed to shoot for levels of realism that would become disturbing had they attempted them on humans faces. As you say, there are several realms in which they missed the mark, but even so they did a better job than anything else I've seen.
One slightly amusing note was that the Na'vi were obviously "naked savages" who wore enough decorative jewelry or scraps of clothing to retain the PG-13 rating. But it looked to me as if those adornments were bump-mapped onto their bodies. There were some incredibly athletic actions, and though I didn't notice if everything remained plastered primly in place, I never noticed anything flopping around, the way loose things such as necklaces do.
To be fair, the spaceship in Avatar may well be close to the Discovery in Clarke's novel than the Discovery in the movie was. The radiators were there, in the book. I don't remember if the centrifuge was fully enclosed as in 2001, or open as in Avatar.
What if instead, the planetary network is a consequence of life evolving near significant quantities of "unobtanium", either through a radioactively-enhanced mutation rate, or perhaps incorporating trace quantities into the biological structures in some way?
What if the real problem with mining the unobtanium wasn't the damage to visible and known plant life, but the removal of an essential element of the ecosystem?
No... The more the scientists will go somewhere else. Not so much slipping through as avoiding entirely.
The real question is where in the world will things be better than they once were in the US. IMHO it only looks better in India and China now, but that's really a false impression.
Disruption is the essence of progress. Some of what was is superseded by something new. Typically the incumbent technologies and powers either fight progress tooth and nail, try to co-opt it, or try to at least manage it's pace to something they can control. When too much incumbent power is too successful at slowing progress, that progress tends to move somewhere else.
In recent years, those incumbent powers have been quite successful in the US. One can hope that that trend doesn't continue.
Where does that key come from? Is it unique for every TPM, like a network card MAC?
Never mind, a few moments with google... It looks like the "Endorsement key" is chip-unique, in 2 parts, and you can only get the public part, and ask the TPM to sign/encrypt with the private part. It's not at all clear to me that ANYONE knows the private part. In particular, if the TPM has its key manufactured in, it would be a royal pain in the neck to manage the data, correlating private and public keys. (Where "royal" means "expensive", in this case.) As far as I can tell, the private key is used only to sign or encrypt other stuff, so the public key can verify that that particular chip was used.
Again, the key action here becomes "tpm takeownership" or its Windows/OSX equivalent.
I still maintain that a LiveCD with support to do a "tpm takownership" would be a great thing to have, and to use prior to booting ANYTHING else on a new PC. Once I've done a takeownership, nobody else can unless I do a "tpm transferownership".
I don't think that the built-in key is sinister. It looks to me as if the worst that could happen if someone got it is that they could snoop something you've used the TPM to encrypt. Presumably they could grab YOUR private key and do a "tpm transferownership" to themselves. Certainly bad, but hardly unobtrusive. In a way similar to removing the battery to reset the BIOS password - tamper-evident.
Hmmmm, now that I think about it, they could tranferownership to themselves, do nefarious things, then transferownership back to you. I guess then I'd fall back to the "what's so valuable about this laptop to go to all of that effort?" argument.
The wording is "are capable of", and it emphasizes the importance to me of siezing control of your own TPM. Elsewhere on this thread I suggested the creation of a LiveCD that would (first!) access the TPM, giving the owner the private key on a USB flash device. It would be of utmost importance to boot this disk FIRST, before ever booting the preinstalled OS.
I seriously doubt that manufacturing cost constraints would permit injecting private keys - I would expect such injection to take place upon first boot, probably bundled in with the activation process. On that line, I don't know what would happen if Windows first boot found a non-virgin TPM. Would it fail to activate, would it activate but fail to enable MafiAA extensions, or would it just bluescreen?
Hopefully it'll never come to that. Don't forget, every DRM doodad added to software and hardware hurts their respective makers. Part of the giant black eye that Microsoft took over Vista was because of the reliability implications of all of that "trusted path" and "degradation" garbage. Stuff that doesn't do spit to increase the value of the hardware or software to the customer, and it boosts the costs to the developer/manufacturer without any extra revenue, it just placates the MafiAA. So at this point we're pitting entertainment mega-corporations against hardware and software mega-corporations. At one point it's just possible that they could have gotten away with this, but by now enough people have been downloading and streaming without onerous DRM, and enough high-profile prosecutions have taken place, that there will be a general realization that encroaching DRM is just a power grab, not an "enabling factor."
Maybe they're sheeple, but take away their YouTube and enough of them can trample you.
My impression is that with TPM and TrouSerS, *I* can put the master key into the TPM, assuming nobody else has gotten there, first.
Come to think of it, you've just described a new LiveCD. This would be a LiveCD that should be the very first thing you boot in your new PC, especially before you boot the supplied (probably Windows) OS. Boot the LiveCD, plug in a USB flash memory, and it will set up the TPM/TXT for you, putting the necessary root cert stuff on the flash memory for your later use.
Given the nature of manufacturing, I would expect standard TPM/TXT setup to be a first-boot type of operation, probably with some sort of activation tie-in. The real question comes when first-boot finds a non-virgin TPM/TXT. Would it refuse to activate, or would it activate and refuse to enable MafiAA extensions, etc?
I missed that line. Is it true that TXT doesn't let you control your own root cert?
I have a Thinkpad. I keep the TPM stuff in my kernel config, and I've built Trousers. Actually doing something with it has been on my ToDo list for years now. Nor have I tried Trusted Grub.
Let's leave the MafiAA out of this for a moment. Sometimes it seems to me that most users really can't be trusted with their computers.
Click this link!!!
Open thie attachment!!!
The littany goes on and on, and no matter how many times they're warned, they still click that link and open that attachment.
For that matter, none of us fully trusts ourselves, in all circumstances. After all, we all say, "Never do normal operations as root, only use root as necessary." That's been considered the first line of security on Unix/Linux, and the first flaw pointed out in the normal operating model of Windows. Look at separation of root priviledge as a way of minimizing those times doubleplusgood diligence is required. Of course we should always be diligent, but there are more sensitive times.
TXT/TPM can be a tool for the owner to protect us from the unknown. We all fear (rightfully, I fear) that TXT/TPM will really be a tool for corporations who clearly distrust their customers.
The issue isn't to build perfectly secure hardware/software, it's to build *sufficiently* secure hardware/software. There really are self-destructing crypto-chips, but those are usually installed in critical hardware where the data involved is sufficiently concentrated and/or valuable that it's worth spending the extra money to protect.
Let's take a simple testcase... Assume that you want to use crypto-stuff to theft-proof your laptop by turning it into a brick for anyone who doesn't have the secret password/token. In bygone days, that might have been the BIOS password, but it's really simple to remove the battery, etc. That's a simple, cheap way to work around the protection. Many systems have a hard drive password, so let's pretend that it's secure. So the "cost" to steal one of those is a new 2.5" hard drive. Now as the protection becomes more sophisticated, presumably the cost to work around it rises as well. At some point, you're better off buying a new laptop, instead of breaking the protection on a stolen one.
Similarly with the value of the data. Most of my data is only valuable to me, not to anyone else. So for the most part, it's not worth much to someone else to crack my data protection. It's worth investing some money/resource to protect my data, but why would anyone bother working really hard to get at it? On the other hand, the previously mentioned mainframe may well have hundreds of thousands of credit card or account numbers, or it may have account numbers for lines of credit worh millions of dollars, etc. It's worth much more to crack the mainframe than it is my piddly system.
So while we may talk about how anything can be broken with physical access, most of the time, especially for Slashdotter's systems, it's just not worth the effort. What we can get off the shelf, TPM or TXT, etc, is probably good enough, probably even overkill.
I suspect that "Steamboat Willie" is perceived as the "lead domino" in the chain. It's also the earliest copyright of their corporate icon, so I doubt the underlying value of the movie is of any significance.
But there is another reason for them to be concerned. Satire and political commentary are protected expression, but I suspect that the protection can vary widely depending on the circumstances. As long as "Steamboat Willie" is in enforced copyright, I doubt "Steamboat Willie and Debbie Do Dallas" would get much protection. I doubt even more that "Steamboat Willie subverts the Constitutional Basis of Copyright in Order to Pay For Political Power and a Never-Ending Chain of Vacation homes" would pass legal test, even though it *should* probably be protected as political speech, even if unwatchable. I suspect mouse-porn would be much more likely, and to be honest, probably more damaging. Laughter usually works better than expressed outrage. (Except for Rupert's child I guess, but I did say "usually.")
> who cares about a stupid cartoon no one wants to watch anymore?
A corporation with a LOT of money. Unfortunately, no other reason is needed.
Unfortunately we may as well take it as a given that the copyright on "Steamboat Willy" will NEVER expire. Disney just has too much money, too much influence, and employs too many people. (Jobs! Jobs! Jobs! in the current economy, another root password to the Constitution, in addition to "Think of the children!")
So let's get more practical... I'd simply like to see copyright extension never happen automatically. Disney has a whole team of lawyers, let them earn some of their pay by periodically filing for copyright extensions on the Disney stable of cash-cows. Let the other companies do the same. But here's the good side... Let the copyrights on the other stuff expire! Unfortunately some stuff is just going to stay copyrighted, perhaps forever minus 1 day. But let's get what we can into the public domain, if only for historic preservation purposes.
Who knows, perhaps in thousands of years archaeologists will look back at this era, gleaning what they can from our surviving digital records, and wonder whatever the heck "Steamboat Willy" was, while dissertations are written on the cultural significance of "It's a Wonderful Life" in 20th and 21st century America.
...in conjunction with my DynDNS vanity domain. When I first set it up, there was a rush of backscatter, then it tapered off and went away, never to return.
More recently I've started having problems of a different sort. I've been on a certain mailing list for over a year, though not posting very often. Last week I posted to a thread, and got an SPF violation notice from what looks like AOL in Australia, on behalf of someone with 2 apparent domains, neither of which is AOL. The violation notices seem to think that MY mail is originating from an AOL server, so the AOL server is generating an SPF fail. These notices are being generated for only one list subscriber, for every time I post to the list. It looks like a misconfigured AOL server (Would you expect anything else?) to me. Still, that's one aspect of SPF and presumably DKIM - other peoples' misconfigured machines.
Yeah, I noticed some of that stuff, too. I hadn't known that Smith knew Heinlein, or that Kit Kinnison knew Lazarus Long.
I wouldn't call ANWR particularly easy to get at. It's not that hard to get with today's technology base, but throw all that away, pretend you're Jed Clampett, and then see how easy it is to get that oil out of the Alaskan wilderness, much less back to where you want to be. I'm not sure what you mean by "West Coast oil", but if it's offshore, that's not going to be easy for a post-technological society, either.
"final book" - More information, please.
I look at Doc Smith as a nostalgic view into a bygone era. (with both good and bad aspects)
While you're giving me a perfectly serious and reasonable answer, I hope you've read your Doc Smith, and understand the references.
I was thinking of Doc Smith, wondering if for some real, technical reason the logical spherical shape would give way to the "teardrop-shaped superdreadnaught".
But I guess if you're on Skylark instead of Lensman, I, II, and Valeron were all spherical, only III was cylindrical.
When the "event" is done, when the post-event big-weapon wars are done, when the lower-level turf-wars are done, when exhaustion finally settles in, for the size of "society" left, burning coal for a while won't be a problem. As you say, I'd be much more concerned about enough sunlight coming back after the event to restart the food chain.