If only voluntary involuntary servitude were actually illegal...
The DRM thing is actually more like financial contracts. They put you into voluntary servitude. You can break them, but there are consequences for doing so. But not, generally, criminal consequences. Now, if legislators criminalize the breaking of the contract, it can actually become involuntary servitude.
Perhaps the best argument against things like the DMCA in combination with criminal copyright penalties is that they unconstitutionally enable involuntary servitude. Once you've signed the contract (by buying the good) you can't break it without criminal repercussions, rather than just civil repercussions.
I wasn't a geek. Geeks were the kids who were not intellectual, and were generally considered good for nothing by their peers, including the intellectual ones (nerds). Geeks were what might now be considered mindless fanboys of something or other (not something requiring an intellect to understand, although sci-fi would count). They were the ones who lacked grooming and social skills, and also did not apply themselves in school, not because of lack of interest but because of lack of capacity. It was a true insult to call someone a geek.
So if this trend is true, then it looks like one of the old usages is coming back into trend. It's simply not possible for a term that supposedly describes highly intellectual and motivated people to come to encompass so many people as the word 'geek' has consumed. It can't be a catch-all for anti-mainstream becoming mainstream and cool, because such a thing cannot exist in humans, at least not in the bulk of humanity as I know it. Particularly since the bulk of humanity can't simultaneously be anti-mainstream, and cool, representing a pinnacle, can't also be a near-universal trait. The 'geek' as it has been recently symbolized was always a myth, and impossible by definition.
Apple will implement them in their applications. Mac developers will follow. Everything else, like open source implementation and so forth... Well, NeoOffice might implement these features, so there's the LibreOffice support. Other cross-platform applications might not follow.
Tell me, does Microsoft Office implement these features? If so, I've never heard of it. Apple at least is implementing and making such the default behavior, in addition to changing the expectations of users and thus pushing developers.
Yes, it scales linearly. But if you set a 1-second minimum on hashing, and a GPU normally does 3.3 billion/second, then you've done 3.3 billion times the work. Not twice the work. Plus a brute force attempt would not know the number of rounds, and so would have to try, say, everything from 1 round to 9.9 billion rounds, just to be reasonable. So requiring a second or two of hashing has potentially required billions of times more work to generate the hash, and requires billions of times more work to break (which already takes relatively a long time), assuming no shortcuts.
Perhaps it's reasonable to do this much work when generating each password. How many new users/minute do you expect? If you add users at that rate, there are bigger scaling problems.
Stronger forms of authentication should be used in addition to strengthening passwords, since passwords will likely still be one factor used. Even two-factor authentication employing a password plus a "stronger" form can become meaningless if the password can be brute forced and the other factor overcome with social engineering or simple theft.
Yes, the really slick people (not necessarily the smart or wise ones) increased their own profit and prestige by creating really expensive training and certification programs that are used by many people who are never going to be fundamentally competent. It's the way things are done.
It seems to me that offering a wizard to sign up for a new account pretty well meets this requirement, if done right. Jitsi already has most of this in place, the only thing which might make it super easy would be to offer to set up an XMPP account immediately - free and gets you all the features. But its real power is in the multiple protocols, and more in the way of wizards to deal with that (especially for paid SIP accounts) would help.
We are a nation of loudmouth dissenters. Especially the younger generations. Looks like the baby boomers might have trained us well after all. Well, then again, they also trained the authoritarian idiots in control.
GEOS on Commodore 64 sucked. Slower and crappier than real software on the 64, with more 5 1/4" disk swaps, and practically no available software. I never figured out why it was developed. C64 games were the best though.
Nothing prevents Apple from implementing heuristics in their already-implemented security structure. Even a heuristic based on the signature of this one variant would likely be effective against many or most possible variants.
So either the patch will already recognize and remove this, or they will have to issue another little update to take care of it completely. Given that they are not compromising any privileges, stopping this should be ridiculously easy. Why are these guys even bothering?
Unless perhaps they are trying to get an installed base with the current package, which can then perhaps help with a real exploit - e.g. directing a browser to a website that exploits a real vulnerability.
Well, the flaws are always implementation details. Implementation details are usually botched in mobile devices, for convenience of the designer and (perhaps) because of hardware limitations, and in web applications, for the sake of interoperability and usability. And stupidness. Don't forget the stupid.
But, if you use a known good implementation (as much as it can be known, but pretty good with some FOSS) yourself (not implemented by a web service, but by you on your machine), then it's much less likely to be vulnerable, because the convenient and intentional weaknesses tend to be eliminated.
I don't even know what you're talking about. Jitsi is software, not a service. They recommend a couple of free SIP providers, but those are for internet-only use, no calling out. There are definitely problems in configuring SIP, and the only [easier and] reliable way to do it would be a paid service. With that, you can have functionality equal to Skype-in and Skype-out, and do video calls with real SIP video phones.
However, Jitsi does all the other common protocols for IM, and does video over some of them as well. That's free and easy.
What used to be SIP Communicator, now Jitsi (because they added many protocols besides SIP). I can't believe I'm having to recommend this on/. so often. It has XMPP video chat and desktop sharing, and has all the other common protocols as well as SIP. It's in rapid development at this point, but has been stable for me since began using it a couple of weeks ago.
The state of things in integrated communications is sad indeed with so few alternatives and fragmentation.
So you let them bring them and connect to a partitioned network which you treat as a public network, and hit your email server just like they would over the internet. If they need more, make more requirements for VPN access.
Perhaps you underestimate the number of companies that have already forgone many in-house systems in favor of publicly available services. Whether accessed from inside or outside the company network, they are public facing and are secured accordingly.
The point is, if you have not already secured your internal network from internal threats, it is likely that everything you have is already compromised. Allowing devices on your network poses no more threat than allowing your employees access to the outside world; if that's a problem, you also manage accordingly -- but the ivory towers that need such security are not the norm, even if they represent a large subset.
Apparently Ekiga uses a NAT traversal method that is not recommended and has proven not very robust. Most likely that is the issue. I've been looking at Jitsi, which used to be SIP Communicator, and it seems solid.
I've been checking out the http://jitsi.org/. It used to be SIP Communicator, but has added support for all common IM protocols. It does video calls and desktop sharing over SIP and XMPP. The only disadvantage I can find is that it is does not work with ekiga.net (because ekiga.net uses a not-recommended method of NAT traversal).
Jitsi seems to be developing quickly and has proven rock-solid for me in daily use.
Console login is quite alive and well in Snow Leopard. I've used every version of OS X since Panther. The improvement has been dramatic. Snow Leopard in particular is a huge improvement, and Lion will further refine it. Stability and built-in functionality have increased at every point. I have to question your sanity on some level with these statements.
The part about the techs not being competent to repair your Mac - troubleshooting can be hard, and diagnostics aren't always 100% correct. There are lemons. And there are also a lot of incompetent techs. I'm always a bit nervous about having someone else repair anything I own. In the case of Apple, it's not even worth it [unless it's a covered warranty repair, in which case you'd be crazy not to put the responsibility on them]. Better to do it yourself, if you can, if your machine is not under warranty.
I don't use Microsoft products often, but I have to say, I love the ribbon. It put literally everything within easy reach. You do have to make it auto-hide, but after that, it's simply like much-improved toolbars that actually have auto-hide.
Yeah, I always think of criminals busting out of jail in a really positive way. Because manhunts and regular citizens cowering in their homes is exciting. And the criminals generally look like Harrison Ford and are innocent medical doctors being chased by Tommy Lee Jones.
But other than that, I'd say it generally associates rooting with criminality.
You don't understand. Chip fabricators will fabricate custom designed chips. Many companies have this done. Apple used to do it until they brought it in-house, and they still do for many components. If the design is actually completed and manufacturable, the only limit on price is the quantity of the order. This project can actually do what it intends.
I was kind of agreeing with you there. I'm hoping I can take some major steps in that direction in the position I recently started. Mostly because IT should not devolve into license accounting and hand-holding.
If workstations are already rooted and have keyloggers and worse, then there is no such thing as a security, and any security posture is simply posturing. No password is secure, no two-factory authentication is secure, one-time pads are compromised, and biometrics are a joke.
So yes, I quite agree that a sensible security posture includes assuming perimeter breaches everywhere. For many applications, that's definitely good enough. But for many others, a regulatory framework or even real-life concerns must dictate that a silent key-logger and screen capture compromise may be enough to sink a metaphorical or perhaps even real-life ship. In these cases, even though it can never be 'good enough', it's still necessary for the large enterprise/government/whatever to own and fully manage the clients.
Small, low stakes, decentralized operations are the only real answer to this, because such systems offer the most robust recovery and continuation of the whole. Such operations minimize the impact of security breaches. In other words, it can be a great benefit to have a working hodge-podge of loosely coupled independent and not really even compatible systems. This is in many ways antithetical to large enterprise however. That's why I personally prefer the small.
Slashdot Mirror
If only voluntary involuntary servitude were actually illegal... The DRM thing is actually more like financial contracts. They put you into voluntary servitude. You can break them, but there are consequences for doing so. But not, generally, criminal consequences. Now, if legislators criminalize the breaking of the contract, it can actually become involuntary servitude. Perhaps the best argument against things like the DMCA in combination with criminal copyright penalties is that they unconstitutionally enable involuntary servitude. Once you've signed the contract (by buying the good) you can't break it without criminal repercussions, rather than just civil repercussions.
I wasn't a geek. Geeks were the kids who were not intellectual, and were generally considered good for nothing by their peers, including the intellectual ones (nerds). Geeks were what might now be considered mindless fanboys of something or other (not something requiring an intellect to understand, although sci-fi would count). They were the ones who lacked grooming and social skills, and also did not apply themselves in school, not because of lack of interest but because of lack of capacity. It was a true insult to call someone a geek.
So if this trend is true, then it looks like one of the old usages is coming back into trend. It's simply not possible for a term that supposedly describes highly intellectual and motivated people to come to encompass so many people as the word 'geek' has consumed. It can't be a catch-all for anti-mainstream becoming mainstream and cool, because such a thing cannot exist in humans, at least not in the bulk of humanity as I know it. Particularly since the bulk of humanity can't simultaneously be anti-mainstream, and cool, representing a pinnacle, can't also be a near-universal trait. The 'geek' as it has been recently symbolized was always a myth, and impossible by definition.
Apple will implement them in their applications. Mac developers will follow. Everything else, like open source implementation and so forth... Well, NeoOffice might implement these features, so there's the LibreOffice support. Other cross-platform applications might not follow.
Tell me, does Microsoft Office implement these features? If so, I've never heard of it. Apple at least is implementing and making such the default behavior, in addition to changing the expectations of users and thus pushing developers.
Yes, it scales linearly. But if you set a 1-second minimum on hashing, and a GPU normally does 3.3 billion/second, then you've done 3.3 billion times the work. Not twice the work. Plus a brute force attempt would not know the number of rounds, and so would have to try, say, everything from 1 round to 9.9 billion rounds, just to be reasonable. So requiring a second or two of hashing has potentially required billions of times more work to generate the hash, and requires billions of times more work to break (which already takes relatively a long time), assuming no shortcuts.
Perhaps it's reasonable to do this much work when generating each password. How many new users/minute do you expect? If you add users at that rate, there are bigger scaling problems.
Stronger forms of authentication should be used in addition to strengthening passwords, since passwords will likely still be one factor used. Even two-factor authentication employing a password plus a "stronger" form can become meaningless if the password can be brute forced and the other factor overcome with social engineering or simple theft.
Yes, the really slick people (not necessarily the smart or wise ones) increased their own profit and prestige by creating really expensive training and certification programs that are used by many people who are never going to be fundamentally competent. It's the way things are done.
It seems to me that offering a wizard to sign up for a new account pretty well meets this requirement, if done right. Jitsi already has most of this in place, the only thing which might make it super easy would be to offer to set up an XMPP account immediately - free and gets you all the features. But its real power is in the multiple protocols, and more in the way of wizards to deal with that (especially for paid SIP accounts) would help.
We are a nation of loudmouth dissenters. Especially the younger generations. Looks like the baby boomers might have trained us well after all. Well, then again, they also trained the authoritarian idiots in control.
GEOS on Commodore 64 sucked. Slower and crappier than real software on the 64, with more 5 1/4" disk swaps, and practically no available software. I never figured out why it was developed. C64 games were the best though.
Nothing prevents Apple from implementing heuristics in their already-implemented security structure. Even a heuristic based on the signature of this one variant would likely be effective against many or most possible variants.
So either the patch will already recognize and remove this, or they will have to issue another little update to take care of it completely. Given that they are not compromising any privileges, stopping this should be ridiculously easy. Why are these guys even bothering?
Unless perhaps they are trying to get an installed base with the current package, which can then perhaps help with a real exploit - e.g. directing a browser to a website that exploits a real vulnerability.
Well, the flaws are always implementation details. Implementation details are usually botched in mobile devices, for convenience of the designer and (perhaps) because of hardware limitations, and in web applications, for the sake of interoperability and usability. And stupidness. Don't forget the stupid.
But, if you use a known good implementation (as much as it can be known, but pretty good with some FOSS) yourself (not implemented by a web service, but by you on your machine), then it's much less likely to be vulnerable, because the convenient and intentional weaknesses tend to be eliminated.
I don't even know what you're talking about. Jitsi is software, not a service. They recommend a couple of free SIP providers, but those are for internet-only use, no calling out. There are definitely problems in configuring SIP, and the only [easier and] reliable way to do it would be a paid service. With that, you can have functionality equal to Skype-in and Skype-out, and do video calls with real SIP video phones.
However, Jitsi does all the other common protocols for IM, and does video over some of them as well. That's free and easy.
What used to be SIP Communicator, now Jitsi (because they added many protocols besides SIP). I can't believe I'm having to recommend this on /. so often. It has XMPP video chat and desktop sharing, and has all the other common protocols as well as SIP. It's in rapid development at this point, but has been stable for me since began using it a couple of weeks ago.
The state of things in integrated communications is sad indeed with so few alternatives and fragmentation.
Apple will let you buy from Amazon as well.
But iTunes will not let you sync to Android. Hence the summary.
So you let them bring them and connect to a partitioned network which you treat as a public network, and hit your email server just like they would over the internet. If they need more, make more requirements for VPN access.
Perhaps you underestimate the number of companies that have already forgone many in-house systems in favor of publicly available services. Whether accessed from inside or outside the company network, they are public facing and are secured accordingly.
The point is, if you have not already secured your internal network from internal threats, it is likely that everything you have is already compromised. Allowing devices on your network poses no more threat than allowing your employees access to the outside world; if that's a problem, you also manage accordingly -- but the ivory towers that need such security are not the norm, even if they represent a large subset.
Apparently Ekiga uses a NAT traversal method that is not recommended and has proven not very robust. Most likely that is the issue. I've been looking at Jitsi, which used to be SIP Communicator, and it seems solid.
I've been checking out the http://jitsi.org/. It used to be SIP Communicator, but has added support for all common IM protocols. It does video calls and desktop sharing over SIP and XMPP. The only disadvantage I can find is that it is does not work with ekiga.net (because ekiga.net uses a not-recommended method of NAT traversal).
Jitsi seems to be developing quickly and has proven rock-solid for me in daily use.
I don't know, he just might. It would explain certain feelings I've been having. Shame, and a burning sensation.
Console login is quite alive and well in Snow Leopard. I've used every version of OS X since Panther. The improvement has been dramatic. Snow Leopard in particular is a huge improvement, and Lion will further refine it. Stability and built-in functionality have increased at every point. I have to question your sanity on some level with these statements.
The part about the techs not being competent to repair your Mac - troubleshooting can be hard, and diagnostics aren't always 100% correct. There are lemons. And there are also a lot of incompetent techs. I'm always a bit nervous about having someone else repair anything I own. In the case of Apple, it's not even worth it [unless it's a covered warranty repair, in which case you'd be crazy not to put the responsibility on them]. Better to do it yourself, if you can, if your machine is not under warranty.
I don't use Microsoft products often, but I have to say, I love the ribbon. It put literally everything within easy reach. You do have to make it auto-hide, but after that, it's simply like much-improved toolbars that actually have auto-hide.
Yeah, I always think of criminals busting out of jail in a really positive way. Because manhunts and regular citizens cowering in their homes is exciting. And the criminals generally look like Harrison Ford and are innocent medical doctors being chased by Tommy Lee Jones.
But other than that, I'd say it generally associates rooting with criminality.
Quite true. I overlooked that, but it's definitely relevant.
You don't understand. Chip fabricators will fabricate custom designed chips. Many companies have this done. Apple used to do it until they brought it in-house, and they still do for many components. If the design is actually completed and manufacturable, the only limit on price is the quantity of the order. This project can actually do what it intends.
I was kind of agreeing with you there. I'm hoping I can take some major steps in that direction in the position I recently started. Mostly because IT should not devolve into license accounting and hand-holding.
If workstations are already rooted and have keyloggers and worse, then there is no such thing as a security, and any security posture is simply posturing. No password is secure, no two-factory authentication is secure, one-time pads are compromised, and biometrics are a joke.
So yes, I quite agree that a sensible security posture includes assuming perimeter breaches everywhere. For many applications, that's definitely good enough. But for many others, a regulatory framework or even real-life concerns must dictate that a silent key-logger and screen capture compromise may be enough to sink a metaphorical or perhaps even real-life ship. In these cases, even though it can never be 'good enough', it's still necessary for the large enterprise/government/whatever to own and fully manage the clients.
Small, low stakes, decentralized operations are the only real answer to this, because such systems offer the most robust recovery and continuation of the whole. Such operations minimize the impact of security breaches. In other words, it can be a great benefit to have a working hodge-podge of loosely coupled independent and not really even compatible systems. This is in many ways antithetical to large enterprise however. That's why I personally prefer the small.