I like this one, so let's pull it this apart some more.
This example highlights another problem: the sheer variety of targets. Information technology touches so much of modern post-industrial society that just about anything you can think of has some form of vulnerability. We cannot patch all those holes - we cannot even identify them all. Yeah. There are so many levels you can go after, with various levels of effectiveness. Most of the obvious industries (Computers, Telephony) have developed at least rudimentery levels of security, but what about your local power company? There already such a massive IT shortage as it is without involving mostly non high tech industries.
This raises another issue, which is competence. So called "script kiddies" may be able to take out a public web site, but it takes a lot more knowledge and effort to bring down critical infrastructure pieces (communications networks, power networks, banking networks) that are not connected to public networks, have some experience being attacked, and have the money to pay for better defense. It has always been said that that there is no defense againt stopping the truely modivated, and in technology this is especially true. Just like in robbery, you are most likely going to be able to catch up with the intruder only after you have been robbed.
What sort of preventative work would you recommend them to carry out?[...] I'd like to add general public awareness. Sooner or later, every person on this earth will need to learn good electronic security habits, such as logging off when they leave a terminal, or when choosing passwords.
Gee, we all get to be national defense analysts for a day? Cool! How are we doing so far? Anyway, here are my two bits into the stew of already very insightful discussion out there. I composed this "Jane-speak" rather quick, so go easy on me. I can go deeper if you want, but this will get you started:
---
Cyberwarfare is a realistic byproduct of the rapid digitalization of the world economy. In the endless quest of greater speed, reliability and volume, we have (since about the late 1970's) started to turn a large part of our physical and economic infrastructure over to autonomous digital machines. From the perspective of espionage and terrorism, many of our formally human-controlled critical assets are now in much colder hands - hands that are a void of emotion or ethics.
Unlike other forms of terrorist attack, the technology and the resources required to perform cyber terrorism exist mostly in the public sector, and are unclassified. The only limited exception to this has been in the realm of cryptography, where national governments in some cases have stepped in. Unfortunately this technology is "dual-use" and it therefore difficult (or to some activists, unlawful) to control.
A terrorist group who wished to attempt an effective cyberwarfare campaign will most likely find that cyberwarfare a technically demanding tool, but relatively inexpensive and covert one. The diversity of information technology employed in today's society is a logistical nightmare, as well as the rapidity of its change. The advantages of cyberwarfare is that compared to other forms of terrorist activity, it is extremely cheap and low-profile, as had been demonstrated by dedicated individuals with high expertise in the field of electronic intrusion.
(blah... blah... blah - Let's jump to the end...)
In conclusion, the continued security of national infrastructure is primarily secured by passive action and strict security vigilance of the information community at large. Strong electronic security must now be properly incorporated along with human and physical security in order to keep potentially devastating incursions to a minimum. This represents a fundamental shift of our national security policies, and it is this shift the will ultimately determine our future reliance on electronic communication technology.
Question: When was the last time you returned an high tech item because it was flakey?
For the average Joe, I'd venture that the occurance of these events are far and few between. One reason is with complex items it's harder to determined exactly what the problem is, or who is at fault. Consumers are becoming lazy in their shopping skills. If I buy a knife set with a broken blade, it's easier for me to put blame on the manufacter than when I buy a piece of software. I know a broken blade when I see it, but do I recognize a broke program? How can I be sure it's not the hardware's fault or the operating systems fault?
Another Question: When was the last time you bought something new that had a users manual with a wiring scematic in the back? Manufactuers don't even bother anymore. They know that most of us are too clueless these days to figure them out anyway.
So the software companies can get lax behind their lawyers and their propertery magic while the world around them falls apart.
Okay, to the grit. Halfway through "Brigitte Nolan" get into "why browsers suck." I'd just thought I'd fire up oleview and see how many interfaces the intergrated IE 5/explorer exports these days...
*counting*
Oops, I lost track after 500. The plain old "HTML Document type" has over 130 alone. IE has more hooks than than velcro, and if just one of them is misused or misfunctions, asta la windows, baby.
Netscape has about 20, and still can't get it right.
And that does not even count having the program work right in the first place.
There is a hidden share on the NT box called PRINTER$ (The doller sign makes it hidden, like IPC$.) In this directory, printer drivers for exported printers are put there (If you have the drivers available when you set up the machine)
The problem is most of the drivers nowadays are not OEMSETUP.INF style but SETUP.EXE style which the clients can't/won't install on their own. That is why you can get your HP laserjet to pull it's drivers, but not your HP Deskjet.
As for the Windows "Meta-language" Question, It's true there is one and it is actually rather good. I think it's called RMF (Raw Meta Format) or something. Basicly it takes the same GDI functions that you use for screen output, and writes them onto a "virtual screen" to be rendered on a printer. The virtual screen keeps track of what was done to it, and "plays it back" to the printer driver. That is why windows always knows how long you are going to have to wait for the print out - it's actually already pre-visulized the whole operation in it's head.
What options are out there (if any) if one wanted to create "real" Multidimentional Databases under Linux? Oracle I assume could do it, but can they be access on a Windows PC with an ODBC/OLE DB driver?
OLAP stands for OnLine Analytical Processor. From what little I know, it's basicially a program that can take information in the form of a (usually multidimentional) database and figure out stats and trends. Basically it's a one of those programs that figure things out like 20-40 year old males are the primary consumers of home electronics. (Like we already did not know that)
The problem is the voodoo most OLAPs perform on the data is very complex and propritery.
If you let the (rather cool) title page play all the way thru to the end, it loops to the middle of the title (skipping the opening title.) Problem is that when it loops for the second time, my Creative 6x/dxr3 card gets stuck at the end, (probably because of a strange looping / timing command.) The only way to fix it then is to totally reboot the computer.
Does this happen with other players/cards or is this a Creative only problem? (I'm on the latest revs.)
Also, the embeded DVD player gets messed up too easily. If you use it, don't touch the controls or it will seize up.
...Then I guess the Howard Johnson's Earthlight Room is a no go too.
BTW, if you want real inspiration, listen to Arthur C. Clarke's address before the LA premier of 2001. You can find it on the DVD version. My favorites:
"I don't know if I should tell you this...but the Apollo team management has rescheduled their meeting so they could get to the press conference"
"We are probably rather low on the cosmic totem pole."
"There must be millions of world where life has evolved...but none of them would be significately close to us that we would mistake them for humans...except for in a gloomy or smoggy afternoon."
Damn, I had no idea that this level of integration was going on. It's makes sense, and ultimately cuts out the middle man forever except for maybe things like distribution. I particularly liked reading the XQL spec, which I like already.
One question: XML makes no provisions for security/certification. Will this remain a problem for a lower layer, or will a DTD for this also be designed? Can one nest XML within XML?
I have been playing with XML/XSL for awhile, and it sound like IBM's technology is simular, if not the same. XML seemed to be the hot topic for awhile, but I have not yet seen any serious applications for it. Writing DTDs are hard and implementing them in Java applets is even harder.
Maybe this is what IBM has done... created a replacement framework for these teditious steps.
You realize that you have been moderated up by someone. (not me) You can log in and post anonymously now if that is your aim.
We are not being elitest becuase we don't check your blood at the door, and we can't delete comments. I like to think of moderations as "crowd control" at a big concert.
Your welcome to come the party, but we will lock you in the closet if you don't behave reasonably. Otherwise, here's a free beer!
On a dual xeon with 2GB, I was able to run vmware sessions of 95, 98, and NT all at the same time under linux. Besides having the machine taking up four IP addresses, it all ran very fast.
Unfortunately, my boss did not like the idea of running MSSQL server that way, and the ServerRAID would not work (IBM has since release drivers, however.)
The comments I was just given are really hard to judge. What consitutes humor? What consitutes being sarcastic or flamebait? What consitutes just a very heated discussion?
One of the main reasons I read the comments on slashdot is learn how other intellegent people view issues and ideas. If I was just looking for facts and figures, I'd go read a magazine. It's the human quality that make slashdot different from any other techinical resource I read.
Speaking of which, I could use some constructive input here.
Interesting that they measured in mm. Trying to make it sound small I guess. For us yankee rebels that works out to about 9 1/4 by 7 1/2 by 1 1/4 inches. Not really that small to me.
I almost bought a S5 twice, but when I finally played with one I found that I had trouble seeing the screen due in high glare due to the touch screen overlay. Is the 5mx screen look any better?
"The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.
"But in an odd-couple sort of joint-partner arrangement, Microsoft and the NSA did work together to build what's called Server Gated Cryptography. Primarily intended to help banks use Web servers to do business internationally, the technology lets a server with a special digital certificate provide 128-bit encryption support to a Web browser outside the U.S."
Here is a quick cut and paste of the main frame of the bulletin for you non-asped people. I know that we are not supposed to mirror, but I think of this as more as an "accessibility update". (Sorry, Geocities is slow today)
Personally I bought the idea that perhaps NSA wanted a means to install super-strong encryption into Windows without going through Microsoft. Now I think they are downright lieing. Time for the court order to open the source! The truth is in there...
What timing...I just started reading a Microsoft Press book called: "Active Visual J++" by Scott Robert Ladd. In a strange twist of fate, the book is more about Genetic Algorithms than about Java. By chapter four you are programming your own GA and the last chapter in the book is a entitled: "Life with Java," which presents Conway's Life and Brian's Brain in great detail.
For someone totally unaware about GA, it's actually a decent book to start with. The fact that it occationally teaches you something about Java as well is an unexpected bonus.
Slashdot Mirror
I like this one, so let's pull it this apart some more.
This example highlights another problem: the sheer variety of targets. Information technology touches so much of modern post-industrial society that just about anything you can think of has some form of vulnerability. We cannot patch all those holes - we cannot even identify them all.
Yeah. There are so many levels you can go after, with various levels of effectiveness. Most of the obvious industries (Computers, Telephony) have developed at least rudimentery levels of security, but what about your local power company? There already such a massive IT shortage as it is without involving mostly non high tech industries.
This raises another issue, which is competence. So called "script kiddies" may be able to take out a public web site, but it takes a lot more knowledge and effort to bring down critical infrastructure pieces (communications networks, power networks, banking networks) that are not connected to public networks, have some experience being attacked, and have the money to pay for better defense.
It has always been said that that there is no defense againt stopping the truely modivated, and in technology this is especially true. Just like in robbery, you are most likely going to be able to catch up with the intruder only after you have been robbed.
What sort of preventative work would you recommend them to carry out?[...]
I'd like to add general public awareness. Sooner or later, every person on this earth will need to learn good electronic security habits, such as logging off when they leave a terminal, or when choosing passwords.
Gee, we all get to be national defense analysts for a day? Cool! How are we doing so far? Anyway, here are my two bits into the stew of already very insightful discussion out there. I composed this "Jane-speak" rather quick, so go easy on me. I can go deeper if you want, but this will get you started:
;)
---
Cyberwarfare is a realistic byproduct of the rapid digitalization of the world economy. In the endless quest of greater speed, reliability and volume, we have (since about the late 1970's) started to turn a large part of our physical and economic infrastructure over to autonomous digital machines. From the perspective of espionage and terrorism, many of our formally human-controlled critical assets are now in much colder hands - hands that are a void of emotion or ethics.
Unlike other forms of terrorist attack, the technology and the resources required to perform cyber terrorism exist mostly in the public sector, and are unclassified. The only limited exception to this has been in the realm of cryptography, where national governments in some cases have stepped in. Unfortunately this technology is "dual-use" and it therefore difficult (or to some activists, unlawful) to control.
A terrorist group who wished to attempt an effective cyberwarfare campaign will most likely find that cyberwarfare a technically demanding tool, but relatively inexpensive and covert one. The diversity of information technology employed in today's society is a logistical nightmare, as well as the rapidity of its change. The advantages of cyberwarfare is that compared to other forms of terrorist activity, it is extremely cheap and low-profile, as had been demonstrated by dedicated individuals with high expertise in the field of electronic intrusion.
(blah... blah... blah - Let's jump to the end...)
In conclusion, the continued security of national infrastructure is primarily secured by passive action and strict security vigilance of the information community at large. Strong electronic security must now be properly incorporated along with human and physical security in order to keep potentially devastating incursions to a minimum. This represents a fundamental shift of our national security policies, and it is this shift the will ultimately determine our future reliance on electronic communication technology.
---
Can I have the position now?
*Flame suit on*
Yes.
Question: When was the last time you returned an high tech item because it was flakey?
For the average Joe, I'd venture that the occurance of these events are far and few between. One reason is with complex items it's harder to determined exactly what the problem is, or who is at fault. Consumers are becoming lazy in their shopping skills. If I buy a knife set with a broken blade, it's easier for me to put blame on the manufacter than when I buy a piece of software. I know a broken blade when I see it, but do I recognize a broke program? How can I be sure it's not the hardware's fault or the operating systems fault?
Another Question: When was the last time you bought something new that had a users manual with a wiring scematic in the back? Manufactuers don't even bother anymore. They know that most of us are too clueless these days to figure them out anyway.
So the software companies can get lax behind their lawyers and their propertery magic while the world around them falls apart.
First, a quick postlude by the choir...
*** Amen, Amen, Amen! ***
Okay, to the grit. Halfway through "Brigitte Nolan" get into "why browsers suck." I'd just thought I'd fire up oleview and see how many interfaces the intergrated IE 5/explorer exports these days...
*counting*
Oops, I lost track after 500. The plain old "HTML Document type" has over 130 alone. IE has more hooks than than velcro, and if just one of them is misused or misfunctions, asta la windows, baby.
Netscape has about 20, and still can't get it right.
And that does not even count having the program work right in the first place.
Complex? hell yes. Stupid? oh yeah.
While we are on the subject of evil PC's I would like to suggest a back light keyboard, like lots of those portable arm pc keyboards have.
You could choose between alien green and evil red lighting.
Cool! I knew all those Atari Missile Command game roms would come in handy!
System is halted
If I remember correctly PostgreSQL can do multidimensional DBs along with relational-object DBs. For all I know MySQL can as well.
I searched the mailing lists for "Multidimensional" and came up blank. Diving into the create_table.1 command, I found the following examples:
1) A normal table:
create table emp (name char16, salary float4, bdate abstime)
2) A table that "inherits" another table (what the OO claim is all about):
create table permemp (plan char16) inherits (emp)
3) A table that contains a stores noughts-and-crosses in a 2-dimensional array:
create table tictactoe (game int4, board char[][])
None of these are a true multidimensional table - so my question still stands...
Let's end this sillyness.
There is a hidden share on the NT box called PRINTER$ (The doller sign makes it hidden, like IPC$.) In this directory, printer drivers for exported printers are put there (If you have the drivers available when you set up the machine)
The problem is most of the drivers nowadays are not OEMSETUP.INF style but SETUP.EXE style which the clients can't/won't install on their own. That is why you can get your HP laserjet to pull it's drivers, but not your HP Deskjet.
As for the Windows "Meta-language" Question, It's true there is one and it is actually rather good. I think it's called RMF (Raw Meta Format) or something. Basicly it takes the same GDI functions that you use for screen output, and writes them onto a "virtual screen" to be rendered on a printer. The virtual screen keeps track of what was done to it, and "plays it back" to the printer driver. That is why windows always knows how long you are going to have to wait for the print out - it's actually already pre-visulized the whole operation in it's head.
What options are out there (if any) if one wanted to create "real" Multidimentional Databases under Linux? Oracle I assume could do it, but can they be access on a Windows PC with an ODBC/OLE DB driver?
OLAP stands for OnLine Analytical Processor. From what little I know, it's basicially a program that can take information in the form of a (usually multidimentional) database and figure out stats and trends. Basically it's a one of those programs that figure things out like 20-40 year old males are the primary consumers of home electronics. (Like we already did not know that)
The problem is the voodoo most OLAPs perform on the data is very complex and propritery.
If you let the (rather cool) title page play all the way thru to the end, it loops to the middle of the title (skipping the opening title.) Problem is that when it loops for the second time, my Creative 6x/dxr3 card gets stuck at the end, (probably because of a strange looping / timing command.) The only way to fix it then is to totally reboot the computer.
Does this happen with other players/cards or is this a Creative only problem? (I'm on the latest revs.)
Also, the embeded DVD player gets messed up too easily. If you use it, don't touch the controls or it will seize up.
...Then I guess the Howard Johnson's Earthlight Room is a no go too.
BTW, if you want real inspiration, listen to Arthur C. Clarke's address before the LA premier of 2001. You can find it on the DVD version. My favorites:
"I don't know if I should tell you this...but the Apollo team management has rescheduled their meeting so they could get to the press conference"
"We are probably rather low on the cosmic totem pole."
"There must be millions of world where life has evolved...but none of them would be significately close to us that we would mistake them for humans...except for in a gloomy or smoggy afternoon."
Well, that explains LA all right.
Damn, I had no idea that this level of integration was going on. It's makes sense, and ultimately cuts out the middle man forever except for maybe things like distribution. I particularly liked reading the XQL spec, which I like already.
One question: XML makes no provisions for security/certification. Will this remain a problem for a lower layer, or will a DTD for this also be designed? Can one nest XML within XML?
I have been playing with XML/XSL for awhile, and it sound like IBM's technology is simular, if not the same. XML seemed to be the hot topic for awhile, but I have not yet seen any serious applications for it. Writing DTDs are hard and implementing them in Java applets is even harder.
Maybe this is what IBM has done... created a replacement framework for these teditious steps.
I'm curious enought to post. According to the other articles, comments posted here disappear.
We shall see.
I wonder what's going on? Where's Arthur C. Clarke when you need him? I'm sure he could explain this.
You realize that you have been moderated up by someone. (not me) You can log in and post anonymously now if that is your aim.
We are not being elitest becuase we don't check your blood at the door, and we can't delete comments. I like to think of moderations as "crowd control" at a big concert.
Your welcome to come the party, but we will lock you in the closet if you don't behave reasonably. Otherwise, here's a free beer!
On a dual xeon with 2GB, I was able to run vmware sessions of 95, 98, and NT all at the same time under linux. Besides having the machine taking up four IP addresses, it all ran very fast.
Unfortunately, my boss did not like the idea of running MSSQL server that way, and the ServerRAID would not work (IBM has since release drivers, however.)
The comments I was just given are really hard to judge. What consitutes humor? What consitutes being sarcastic or flamebait? What consitutes just a very heated discussion?
One of the main reasons I read the comments on slashdot is learn how other intellegent people view issues and ideas. If I was just looking for facts and figures, I'd go read a magazine. It's the human quality that make slashdot different from any other techinical resource I read.
Speaking of which, I could use some constructive input here.
Interesting that they measured in mm. Trying to make it sound small I guess. For us yankee rebels that works out to about 9 1/4 by 7 1/2 by 1 1/4 inches. Not really that small to me.
I almost bought a S5 twice, but when I finally played with one I found that I had trouble seeing the screen due in high glare due to the touch screen overlay. Is the 5mx screen look any better?
By looking at the screenshots, This looks like a good game for a VR Helmet. Play commander, get in there with the men/orcs and slug it out.
If this going to be a strategy game, Being able to do recon work is essential.
I like the the idea of dwarvish rifleman, but I'm not sure I'd trust those maniacs with too much firepower:
"We've got bazoozas!"
From the news article posted above:
Need I say more?
Here is a quick cut and paste of the main frame of the bulletin for you non-asped people. I know that we are not supposed to mirror, but I think of this as more as an "accessibility update". (Sorry, Geocities is slow today)
Personally I bought the idea that perhaps NSA wanted a means to install super-strong encryption into Windows without going through Microsoft. Now I think they are downright lieing. Time for the court order to open the source! The truth is in there...
One Big problem I have had with PC POS was not having enought serial ports. Consider all the serial devices you need to hook up:
Mouse (if it's not PS/2 Bus)
UPS
Modem (if it's not internal)
CashDrawer
BarCoder
CardStripReader (if it's not built into the keyboard)
SCO had a problem about sharing IRQs so just adding a extra COM board was little help.
When everything goes USB, POS PC's will be easier to manage.
What timing...I just started reading a Microsoft Press book called: "Active Visual J++" by Scott Robert Ladd. In a strange twist of fate, the book is more about Genetic Algorithms than about Java. By chapter four you are programming your own GA and the last chapter in the book is a entitled: "Life with Java," which presents Conway's Life and Brian's Brain in great detail.
For someone totally unaware about GA, it's actually a decent book to start with. The fact that it occationally teaches you something about Java as well is an unexpected bonus.
Yeah, I saw that after I looked closer. Oops. Well whatever it was it's fixed now.
/. anyway?
What the heck is javascript doing on