Almost a century has passed - at least that's what it feels like - and still we don't seem to have learned that the drive was called 154I (with a final capital "i"):-)
There is tech to inspect compiled code and try to find malicious bits, even in an automated fashion, that won't be fooled by an idle loop. It's far from perfect or being a silver bullet, but it is there and getting better by the day.
Look at what the security firms are now calling "sandboxing". Look here: https://en.wikipedia.org/wiki/Malware_analysis#Free_automated_malware_analysis_services.5B2.5D
This is most probably what Apple does already, and clearly needs to get better at.
The bad news is that _it's bound_ to happen again.
This is why I agree with BronsCon, Apple should open doors to the sec community, but I don't think it will happen anytime soon.
BronsCon mentions sideloading as a possible way to do analysis, I don't know if this is the case (can sideloaded apps break the sandbox model?) but jailbreaking would obviously do.
I don't subscribe to this rose-tinted point of view, especially if you look at all this beautiful tech from the security standpoint. Most of the tech we deal with today was originally designed without security concerns. In most cases, security is an afterthought. So much for sitting back and taking a break.
Now, I'll confess that this attitude has been diminishing as Linux eeks its way into the mainstream.
Now, what you call diminishing, I call distinguishing.
One should always understand his very nature, and going against it is always a bad mistake in the long run. That is, of course, provided that it's a good nature, and I guess that's the point in case here.
I find if funny how nobody ever seems to wonder if the microkernel architecture, being more structured and organized, may be a better choice when it comes to Free Software and its development model.
I think it's quite an interesting point of view and worth some discussion, at least here.
The project didn't have major contribution because it miserably failed building a community around it.
Major external contributions would now stifle the possibility of a license change, and Tenable was founded after Nessus gained popularity.
No one except Renaud (and possibly a few others) is in the position to confirm or deny that this was intentional rather than occasional or simply miscalculated. But I believe anybody with a good sense that has been on the developer mailing list for a while can see the reasons for this.
Privacy is not about not spreading information about you.
Members of the information technology community, as many among the readers of this site are, can figure out many cases where spread of information is highly desirable to say the least.
Privacy is about being in control of that circulation.
Simple as that.
Re:The regex example as it should have displayed:
on
Learning Perl, 4th Ed.
·
· Score: 1
Gosh. Thanks. I was just beginning to think of myself as the less astute reader.
In other words, I'd say we need dynamic linking code to really be dynamic!
The OS component responsible for dynamic linking may also act a little bit as a package manager, managing different multi-versioned libraries, maybe across networks, securely (please remember, we walked into the 21st century a while ago).
Programmers may distribute "fat binary" versions, with all the needed libraries, or "light binary" versions, only when they are sure the libraries are already on the target systems, a lot like you do with runtimes since the early days...
The system should know exactly what libraries an application needs (along with version ranges). Then you would have a tool to "strip" an installed app, stripping binary libraries from the local copy and merging the missing libraries (if any) into the main system repository. Maybe the same tool would also work the way back, copying (all? most?) required libraries locally (for distribution purposes, to allow running from removable media, whatever).
The biggest problem right now is that Skype may not be integrated into the local PBX. But the Skype people seem smart and my guess is they will come up with something soon.
Slashdot Mirror
Almost a century has passed - at least that's what it feels like - and still we don't seem to have learned that the drive was called 154I (with a final capital "i") :-)
That's the first thing I thought myself. Actually, I looked for a April 1 timestamp.
There is tech to inspect compiled code and try to find malicious bits, even in an automated fashion, that won't be fooled by an idle loop. It's far from perfect or being a silver bullet, but it is there and getting better by the day.
Look at what the security firms are now calling "sandboxing". Look here: https://en.wikipedia.org/wiki/Malware_analysis#Free_automated_malware_analysis_services.5B2.5D
This is most probably what Apple does already, and clearly needs to get better at.
The bad news is that _it's bound_ to happen again.
This is why I agree with BronsCon, Apple should open doors to the sec community, but I don't think it will happen anytime soon.
BronsCon mentions sideloading as a possible way to do analysis, I don't know if this is the case (can sideloaded apps break the sandbox model?) but jailbreaking would obviously do.
Good thinking. I have a similar (but smaller) setup and make the same considerations about cloud storage.
I wonder if you have a strategy to fight bit rot.
enter Flattr:
I don't subscribe to this rose-tinted point of view, especially if you look at all this beautiful tech from the security standpoint.
Most of the tech we deal with today was originally designed without security concerns. In most cases, security is an afterthought.
So much for sitting back and taking a break.
Now, I'll confess that this attitude has been diminishing as Linux eeks its way into the mainstream.
Now, what you call diminishing, I call distinguishing.
One should always understand his very nature, and going against it is always a bad mistake in the long run. That is, of course, provided that it's a good nature, and I guess that's the point in case here.
"The collaboration space is big and busy," said David L. Gilmour, president and chief executive of Tacit.
Where have I heard this name before...?
Wait a minute! Did you just compare Windows Vista with Ferrari?
Damnit, Jean. We're doomed. Now that we were beginning to catch up.
I find if funny how nobody ever seems to wonder if the microkernel architecture, being more structured and organized, may be a better choice when it comes to Free Software and its development model.
I think it's quite an interesting point of view and worth some discussion, at least here.
The project didn't have major contribution because it miserably failed building a community around it.
Major external contributions would now stifle the possibility of a license change, and Tenable was founded after Nessus gained popularity.
No one except Renaud (and possibly a few others) is in the position to confirm or deny that this was intentional rather than occasional or simply miscalculated. But I believe anybody with a good sense that has been on the developer mailing list for a while can see the reasons for this.
I already said this time ago, when the licensing terms for the plugins were changed.
In the same interview, Reiser also says "It takes more than a license to make code open".
Think about it.
The fact that you don't value your freedom, or find yourself in such a position that you don't need to, doesn't mean others shouldn't.
Privacy is not about not spreading information about you.
Members of the information technology community, as many among the readers of this site are, can figure out many cases where spread of information is highly desirable to say the least.
Privacy is about being in control of that circulation.
Simple as that.
Gosh. Thanks. I was just beginning to think of myself as the less astute reader.
In other words, I'd say we need dynamic linking code to really be dynamic!
The OS component responsible for dynamic linking may also act a little bit as a package manager, managing different multi-versioned libraries, maybe across networks, securely (please remember, we walked into the 21st century a while ago).
Programmers may distribute "fat binary" versions, with all the needed libraries, or "light binary" versions, only when they are sure the libraries are already on the target systems, a lot like you do with runtimes since the early days...
The system should know exactly what libraries an application needs (along with version ranges). Then you would have a tool to "strip" an installed app, stripping binary libraries from the local copy and merging the missing libraries (if any) into the main system repository. Maybe the same tool would also work the way back, copying (all? most?) required libraries locally (for distribution purposes, to allow running from removable media, whatever).
A little bit too far fetched?
Everybody change your date to April 1st and reload the page!
(you wish...)
Why, it looks so simple to me.
Write your own barebones OS, maybe leverage F/OSS stuff. Probably support just a subset of PC hardware, that's what hardcore gamers will buy anyway.
Then make it a bootable disk. Use flat files or whatever on HDDs for storage.
You get the benefit of being on a PC without the hassle of a OS.
What is that you miss? A crippled BIOS to support your lame "sell at a loss then lock developers in" marketing strategies?
"I think that when someone is 60 years old he should better leave it to someone else to follow trends in technology."
That's what I call great news. Bill will be leaving in ten years!
Why is everybody here focusing on price and not on total cost of ownership and environmental costs, which are the real point here IMO?
self upgrading... and of course, based on GNU/Linux
10. Goto 10 of branch #1
No GOTOs here, please. Clean up your code.
I just received e-mail from Fyodor and had this bad bad news.
Nobody mentioned that here.
(and probably nobody will read that since I'm stuck at 0
The biggest problem right now is that Skype may not be integrated into the local PBX. But the Skype people seem smart and my guess is they will come up with something soon.
Siemens itself seems to have an eye on them.
oh... wait.