MPEG4 is a thing of the past. H.264 is vastly better.
With H.264 MPEG-4 (technically called MPEG-4 Part 10) you can easily get a DVD quality movie into 400 MB. 600 MB with all the extras (2 channel audio for all the extras (standard on DVD), slightly lower resolution).
With H.264, you can get a 720p movie, high quality, into about 2G; and 1080p in just over 6-8 G.
This stuff is streamable, and as long as your ISP has a decent bandwidth cap, won't be an issue.
Why the *HELL* Microsoft doesn't offer Warranty protection like this.
This is a great product, IMHO. This is CA putting their money where their mouth is. I don't know anything about their actual coding abilities, but I really like it from the actual business angle.
As for me, I run OS X & Linux, and have not yet had the need for an anti-virus product, even though an up to date ClamAV does reside on my systems.
The question is whether or not the MPAA will do what it must do: Guarantee online distribution.
The MPAA is the movie's industry cartel. They are SUPPOSED to strength the industries negotitating power when it comes to disputes like this. As a group, if the MPAA stood up to Walmart, not to say, "Fuck You", but instead to say, "Wally, we can't do that", it would change the market.
Unfortunately, I truly believe that the MPAA spends all of its time pursuing piracy and the like, and couldn't be bothered to support innovative technologies.
Christ almighty, get out of the big box stores, and go shop around at conventional grocery stores and little vegetable shops.
Maybe it's all stuff I learned from my father, but you save MORE money by shopping at a series of "normal" stores, buying a few items you need at the places that tend to offer the best prices (and I'm not talking about cherry-picking the specials each week, but just heading to the stores that tend to offer the best boneless chicken breat prices, or the best tomatoe prices). Not to mention you get the warm fuzzy of voting with your dollar, and supporting the little guy.
There's no reason to purchase a huge cart of stuff at one particular store, and especially not at a Super Walmart or a Costco.
In Oak Creek, Wisconsin, our AT&T (formerly SBC, formerly Ameritech) POTS line has a suprising amount of down time. Customers in our area experience the same issues we do, as well. We've got one POTS line on which we piggy-back our DSL, and we average a serious outage once every 3-4 months. By serious I mean lasting a minimum of 8 hours, and up to a maximum of 3 days!!!
The only time our Vonage service goes down is when AT&T goes down; if we could find an alternate provider I'm sure our VoIP reliability would exceed the POTS reliability.
There's a better solution to all these problems. Properly implemented QoS on ISPs and Servers so that the extra bandwidth usage generated by this crap doesn't prevent those of us running secure systems (Windows on a tight-ship, Linux or OS X) don't get hosed by the unwashed masses.
The vast majority of malware traffic isn't 0-day; it's ancient stuff running on older unpatched systems. As long as they don't bump us off the interwebs, I don't see why I should care.
Patching & Cleanup are a poor solution. Once your system is infected, you're screwed. Windows security these days is more in need of triage, not repair.
Apple's got a succesful business model. They don't tie their player to an operating system, and it sells at a good profit, and it beats out competitors in a flat marketplace.
Microsoft steps in.
They: 1. Sell their player at a loss. They make statements to the media indicating that no matter what price the iPod sells at, theirs will be cheaper, profit be damned. This is not about competition, this is not about servicing the market; this is about blowing away a competitor. Microsoft has made that clear, and intention does matter in anti-trust cases. 2. Tie it to their Operating System. Sync a Zune with OS X? Sync a Zune with Linux? Not to mention that apparently the "sync" software, WMP11, applies WMP DRM to CDs you rip via their software. iTunes doesn't do this. And the base of the matter is that the new WMP will come with all editions of Vista; the EU is *still* pissed off about this, and MS is about to release a peripheral that will ride on this WMP. 3. Windows XP & Vista will have a commanding marketing share over OS X; no risk of bundling with OS X, plenty of risk of bundling with Vista. 4. Zune will already run afoul of France's new anti-DRM law. And as I see it, unless WMP11 allows you to import unencumbered MP3s into your library, the Zune will be vastly more infringing about France's law. 5. There are no signs that Microsoft is intending on supplying API documentation regarding Zune and WMP11 interfaces; even though Zune could most definitely be interpreted to be an extension of the OS (especially by the EC), and the EU will use this behavior to demonstrate that MS has no intention of documenting APIs under their settlement until the APIs involved are outdated.
Under the current administration, the U.S. isn't going to do anything. But the EU? I have a feeling that Apple will file a lawsuit "Real Soon Now(TM)", and seek that the EU proactively implement remedies upon Microsoft's future behavior.
What's China going to do with all that debt? Liquidate it? Devalue the dollar? Doesn't work; the yuan is tied to the dollar.
The only reason China is holding all that debt is because they need to prop up the dollar, and they need America to maintain sufficent foreign reserves purchase cheap Chinese products. They're basically offering us credit to buy their stuff; that's how you (have to) resolve trade deficets. Of course, the counterbalance, economically, to a trade defecit is floating currency; but that's something we do not have with China.
China and American cannot act each other economically. Any kind of disruption would be disasterous to the other. This is why the U.S. cannot force China to float it's currency, and this is why China does not run U.S. foreign policy.
AT & T did a study, and found that to be most productive, you need 32 square feet of surface (desk, table, shelving, etc). When's the last time you saw decent shelf space in a cube farm?
My cube "farm".;-)
It's a little unorthodox, I guess. I had a choice of an office, or an unused space in our building. I went to the unused space with 32 cube panels, 5 cube desk sections, and heaps and heaps of cube shelving.
Within these constraints, I built myself a cube maze. I love it;-)
Not a typical cube setup, though. Cube furniture is fun stuff; it's like playing with legos. The problem is that most firms use it for 8 cu ft. spaces....
What I don't understand is why all the major TV players are signing on with Microsoft. Every Microsoft IPTV deployment has been buggy, overbudget, late, and required significantly higher requirements than Microsoft's initial stipulations. They must be vastly underbidding everyone else on the market; I'd guess Microsoft is spending hundred of millions, if not billions, on breaking into this market.
I'd love to see one of these Microsoft IPTV deployments flop (I'm betting on SBC's deployment). That'll drive the market away from the Vole, regardless of how cheap they're willing to do the (shoddy, useless) work.
How much it feel to work in one of these Microsoft shops? How does it feel to know that cut-rate out-sourced contracted programmers from India with no background on the project did it better and faster than you? I know that India has a wealth of high-quality programmers, but the general rule is that in-house (especially at major programming shops in the U.S.) is better than out-sourced; just more expensive.
In this case, it seems that with Microsoft you pay more, and get less. Given their monopoly status, I guess that is appropriate. Monopoly-sized market distortions = inefficency. It's too bad that survival of the fittest takes so long to damage a monopoly.
My primary argument for a transition to Linux/OS X combination. "The Vista transition will require a substantial increase in IT workforce, and will be mandatory."
At one point, wasn't the high-end A/V world heading in the direction of using a top-notch receiver as the center of your system, with your display device (HDTV or Projector) as a pure monitor? All inputs would go to your receiver, which would then connect via one cord (video only) to your monitor.
What the heck happened to do that? Is that even possible in the new, HDMI world? I know that you can do that with 0 degredation via DVI; am I going to have to stock up on those magic-DVI/HDMI descramblers?
I _like_ having a dumb "monitor" style TV. It's not about saving costs, it about purchasing components separately.
Is this still possible? My latest Harmon Kardon receiver does both DVI and Component cable switching, but I haven't purchased any HDMI equipment. Am I stuck out of this braindead, half-assed digital revolution the FCC is pushing us towards?
Seriously. The only thing that bugs me is I cannot get a good, wireless, portable encryption platform. My GSM cell phone might as well be an open book. Other than that, my SIP communication, and my GPG e-mail should be moderately difficult for the "powers that be" to crack.
If all communication was encrypted, even if that encryption is breakble, the computational needs of large scale data mining would be impossible. If you need an NSA super computer to crack every e-mail, and it takes 1 hour of processor time per e-mail, you can't very well analyze one billion e-mails a day.
Saying: "Linux application security consists of "run it as 'nobody'" or "just don't do that."'
is similar, if not even less informed, than saying, "Windows application security consists of maintaining proper backups and running everything in a virtual machine".
Linux application security consists of a variety of kernel level APIs that can be controlled by admin-level userspace programs. Unlike Windows Security Center (which, as far as I can tell, consists of an ugly GUI and a couple minor "up-to-date" hooks into Spyware soft/Firewall soft/Anti-virus software), the Linux security APIs give you extensive control on a fine grained program-by-program, user-by-user and even thread-by-thread basis, far surpassing anything dreamed up and then cut from Longhorn, let alone the crap that made it into Vista.
The other "security" implementations would be like asking Unix to allow admin userspace programs to access the Linux Kernel security interfaces, manipulating operating system controls on a real-time bases.
The Linux Security Modules (LSM) project provides a lightweight, general purpose framework for access control. Contemporary computing environments are increasingly hostile. Adding enhanced access control models to the kernel improves host security and can help a server survive malicious attacks. Security research has provided many types of enhanced access controls effective for different environments. The LSM framework allows access control models to be implemented as loadable kernel modules.
RedHat/Fedora use SELinux. openSuSE uses AppArmor. You could invent your own Kernel Security software.
Let me quote some AppArmor literature. It's really vastly superior to Vista, in that AppArmor isn't a "hacked on" bandaid, but a fundamental hook into the lowest levels of the system; AppArmor has incredibly fine grained controls; and AppArmor is not terribly difficult to work with.
Security Through LSM: Linux Security Modules Interface To achieve security (non-bypassability) mediation methods like AppArmor need to be inside the kernel. AppArmor originally was a kernel patch, but that imposes major problems for distribution and deployment, especially for enterprise users. To achieve kernel-grade security without requiring a kernel patch, Immunix Inc. (who developed AppArmor prior to Novell's acquisition) developed a feature for Linux 2.6 called LSM: Linux Security Modules interface. LSM provides a kernel API for modules that allows loadable modules to do effective access control mediation. Other participants in LSM development included the SELinux community, IBM, and assorted other open source community developers. Mediation at layers other than the kernel, e.g. in libraries, leads to bypassability: if an attacker can induce arbitrary code execution in a confined application (e.g. buffer overflow) then they can cause the program to call the kernel directly instead of through the library, thus bypassing the mediation. Moreover, such mediation is best done deep inside the kernel, rather than by intercepting system calls Transparancy Through Familiarity To achieve transparency, AppArmor uses all-classical UNIX security semantics, but applies them to programs. An AppArmor policy specifies the set of POSIX.1e capabilities that a program can have, and specifies the set of files it can access. The POSIX.1e capabilities are specified by name. The files are specified by absolute path names, including embedding shell-syntax wild cards, followed by access modes (R, W, and X, with a bit of embellishment). So an AppArmor policy to confine ntpd (the network time protocol daemon) looks like this:/usr/sbin/ntpd {
#include
#include
#include
capability ipc_lock,
capability net_bind_service,
capability sys_time,
capability sys_chroot,
capability setuid,/etc/ntp.conf r,/etc/ntp/drift* rwl,/etc/ntp/keys r,/var/lib/ntp/drift rwl,/var/lib/ntp/var/run/ntp/ntpd.pid w,/var/lib/ntp/drift/ntp.drift r,/drift/ntp.drift rwl, } Keep in mind this stuff can be created from GUI.
From here, it would be relatively straightforward to hand-craft security policy for applications through a combination of expert knowledge and trial and error. However, that would be so tedious that the vast majority of developers and users would refuse to put in the work. To further improve transparency, AppArmor includes a "learning mode" to allow policy to be built by running the application and observing what it does. In learning mode, the rules are not actually enforced, but violations are logged, and process forking is tracked, so that the log of an application's execution builds up a characteristic description of the application's activities. AppArmor includes a log analysis program that scans the log, prompts the user with questions, and automatically creates a program profile. Learning mode and the log analyzer are also capable of incremental improvement of the profile if one already exists, but omits some necessary rules.
Application Security and System Security
An individual application can be secured using an individual profile, but how to secure a system? A vital question in securing any system is "against what threats?" We could profile all of the programs on the system, but that would be a lot of effort, and in most cases unnecessary. For instance, consider the network threat model: we wa
No, grandparent poster is correct. You're misunderstanding what China's saying. (By the way, your jab at America is true, but inapproprirate. Just because our government does absolutely ridiculous things does not mean we, as private citizens, should not poo-poo other nation's stupid laws. Fight censorship and injustice, everywhere, all at once. That's the only _sound_ moral position).
Here they are:... news and information released in China by foreign news agencies shall not contain any of the following that serves to:... That one is obvious. Private, foreign news agencies.
-- undermine China's national unity, sovereignty and territorial integrity;
National Unity: This means don't write about Taiwan. You know, the democractic, capitalistic, highly succesful, health care for everyone China? Taiwan, after all, is the Republic of China. Don't write about Taiwan in Chinese news releases, or you'll get booted from the country.
Sovereignty: This means don't write about the South China Sea (which is claimed by several nations), don't write about North Korea, which is an ally of China, and whom China conducts territorial negotations on behalf of. Also, this means don't write about North Korea's disputes with other countries; after all, they occur in the Chinese sphere of influence. This means don't write about North Korea's missile tests that fly over Japan. Or South Korea. Also, this means don't write about the U.S. 7th fleet, which often conducts patrols in disputed regions of territory.
Territorial Integrity: The first thing that comes to mind here is Hong Kong. Don't write about "integration" issues, things that have gone wrong in Hong Kong since it became part of the mainland again. After all, you could be inciting those whiley Hong Kong residents to revolt. Also, don't talk about things like Tianenman Square; who knows what trouble that could cause in the border regions.
Furthermore, the Chinese government tends to interpret "Territorial Integrity" as regarding domestic economic issues. Don't write about economic disparities between Shanghai and the surrounding agriculture regions; you could be inciting a civil war between the poor and the rich.
-- endanger China's national security, reputation and interests;
National Security: This one is a doozy. Don't write about what China does in regarding to Japan, North or South Korea, China's disputes with Russia over a variety of oil fields, China's military production, or China's industrial capabilities. This is the same kind of crap King George Bush tries to push in the U.S.
Reputation: *Giggle*. The implications of this one should be obvious. Don't write about political suppression. Don't write about the mess in Beijing's streets. Don't write about crime. Don't write about widespread intellectual piracy. Don't write about.... anything negative?
Interests: This one is openended. Anything the Chinese government works upon, is a Chinese governmental interest. 'Nuff said. Alien and Sedition acts all over again.
-- violate China's religious policies or preach evil cults or superstition; China's religious policies: Don't write about religion, period. Don't write about Christ, Mohammed, or Moses. Don't write about Buddha. China is particularly intolerant of any organized religion, and that offends even me, a 'devout' athetist.
It would obviously be preferable to have a well-written universal OS, but that brings us around to the old saying: The best kind of government would be a benevolent dictator, but how many dictators stay benevolent?
It would be vastly better if we have well-written universal API layers. Like Java, C#/.NET/Mono, Qt, GTK, and other beautiful cross-platform toolkits.
Unfortunately, except for Java and C#, we don't have any toolkits that go "all the way" in being cross platform, with the possible exception of Win32 (WINE), but Wine is reverse engineered, not bottom-up designed, so there are limitations.
There's no reason for application interfaces to be deeply tied into the OS. Properly engineered, a user-space environment on Linux should be able to run Windows or OS X or whatever applications, and vice versa. The reason we do not have this is not because of engineering limitations, but because of vertical vendor lock in. Lately, this seems to be easing slightly.
I envision a future where applications come with API requirements, not OS requirements. "Requires GTK 2.42, OpenGL 3.0, and SDL. OpenAL 5 required for 3D audio." Software manufacturers would probably support particular "distributions" on the box ("Runs on OS 12.5, Mandriva 2012, and Windows Super-Next-Hubble-Viewpoint"), but like *current* binary software for Linux you shouldn't have many problems installing on the "wrong" distribution; with minor API-requirement caveats.
Think Python applications (these are often cross-platform). Think Java. Think C#. As CPUs get faster, we can put up with some of this overhead; and indeed, in some cases there is very little overhead (WINE does Win32 in userspace on Linux really quickly. Imagine if Microsoft gave up the OS business, but just started selling something like Wine. The "Windows" application layer for Linux, OS X, Unix, Solaris, whatever.
If you want an example of this environment, look at Linux, Solaris' Linux Application Environment, FreeBSD's Linux Application layer, and lxrun, the Linux application layer for (ick) SCO Unix. IIRC, AIX is also Linux compatible.
I think it can work; and giant commercial developers have no problem operating in this multisegmented space. Sure, there are a few more compatibilty bugs than in the Windows monoculture, but there's a greater diversity of applications and environments (from very small systems to giagantic systems), and if the commercial OS space was more competitive in the Desktop world (multiple vendors of multiple pedigree OSs) we would see these compatibility issues worked out quickly.
Slashdot Mirror
Nonsense.
MPEG4 is a thing of the past. H.264 is vastly better.
With H.264 MPEG-4 (technically called MPEG-4 Part 10) you can easily get a DVD quality movie into 400 MB. 600 MB with all the extras (2 channel audio for all the extras (standard on DVD), slightly lower resolution).
With H.264, you can get a 720p movie, high quality, into about 2G; and 1080p in just over 6-8 G.
This stuff is streamable, and as long as your ISP has a decent bandwidth cap, won't be an issue.
Why the *HELL* Microsoft doesn't offer Warranty protection like this.
This is a great product, IMHO. This is CA putting their money where their mouth is. I don't know anything about their actual coding abilities, but I really like it from the actual business angle.
As for me, I run OS X & Linux, and have not yet had the need for an anti-virus product, even though an up to date ClamAV does reside on my systems.
Does this establish some kind of precedent (obviously not a legal one) permitting corporations to block satellites?
After all, no one owns outerspace. If I setup a laser blinding rig, can I go willy-nilly, blinding satellites in my LoS?
Sounds like fun. I'd like to strike a blow against spying in MY territory.
The question is whether or not the MPAA will do what it must do: Guarantee online distribution.
The MPAA is the movie's industry cartel. They are SUPPOSED to strength the industries negotitating power when it comes to disputes like this. As a group, if the MPAA stood up to Walmart, not to say, "Fuck You", but instead to say, "Wally, we can't do that", it would change the market.
Unfortunately, I truly believe that the MPAA spends all of its time pursuing piracy and the like, and couldn't be bothered to support innovative technologies.
This is a major problem with shopping???
Christ almighty, get out of the big box stores, and go shop around at conventional grocery stores and little vegetable shops.
Maybe it's all stuff I learned from my father, but you save MORE money by shopping at a series of "normal" stores, buying a few items you need at the places that tend to offer the best prices (and I'm not talking about cherry-picking the specials each week, but just heading to the stores that tend to offer the best boneless chicken breat prices, or the best tomatoe prices). Not to mention you get the warm fuzzy of voting with your dollar, and supporting the little guy.
There's no reason to purchase a huge cart of stuff at one particular store, and especially not at a Super Walmart or a Costco.
Costco, also.
Costco, in terms of how they treat their employees, and how they negotiate with suppliers, is the anti-walmart.
In Oak Creek, Wisconsin, our AT&T (formerly SBC, formerly Ameritech) POTS line has a suprising amount of down time. Customers in our area experience the same issues we do, as well. We've got one POTS line on which we piggy-back our DSL, and we average a serious outage once every 3-4 months. By serious I mean lasting a minimum of 8 hours, and up to a maximum of 3 days!!!
The only time our Vonage service goes down is when AT&T goes down; if we could find an alternate provider I'm sure our VoIP reliability would exceed the POTS reliability.
So what.
There's a better solution to all these problems. Properly implemented QoS on ISPs and Servers so that the extra bandwidth usage generated by this crap doesn't prevent those of us running secure systems (Windows on a tight-ship, Linux or OS X) don't get hosed by the unwashed masses.
The vast majority of malware traffic isn't 0-day; it's ancient stuff running on older unpatched systems. As long as they don't bump us off the interwebs, I don't see why I should care.
Patching & Cleanup are a poor solution. Once your system is infected, you're screwed. Windows security these days is more in need of triage, not repair.
Somewhere in the world, anyways.
Apple's got a succesful business model. They don't tie their player to an operating system, and it sells at a good profit, and it beats out competitors in a flat marketplace.
Microsoft steps in.
They:
1. Sell their player at a loss. They make statements to the media indicating that no matter what price the iPod sells at, theirs will be cheaper, profit be damned. This is not about competition, this is not about servicing the market; this is about blowing away a competitor. Microsoft has made that clear, and intention does matter in anti-trust cases.
2. Tie it to their Operating System. Sync a Zune with OS X? Sync a Zune with Linux? Not to mention that apparently the "sync" software, WMP11, applies WMP DRM to CDs you rip via their software. iTunes doesn't do this. And the base of the matter is that the new WMP will come with all editions of Vista; the EU is *still* pissed off about this, and MS is about to release a peripheral that will ride on this WMP.
3. Windows XP & Vista will have a commanding marketing share over OS X; no risk of bundling with OS X, plenty of risk of bundling with Vista.
4. Zune will already run afoul of France's new anti-DRM law. And as I see it, unless WMP11 allows you to import unencumbered MP3s into your library, the Zune will be vastly more infringing about France's law.
5. There are no signs that Microsoft is intending on supplying API documentation regarding Zune and WMP11 interfaces; even though Zune could most definitely be interpreted to be an extension of the OS (especially by the EC), and the EU will use this behavior to demonstrate that MS has no intention of documenting APIs under their settlement until the APIs involved are outdated.
Under the current administration, the U.S. isn't going to do anything. But the EU? I have a feeling that Apple will file a lawsuit "Real Soon Now(TM)", and seek that the EU proactively implement remedies upon Microsoft's future behavior.
Not really, its more complex than that.
What's China going to do with all that debt? Liquidate it? Devalue the dollar? Doesn't work; the yuan is tied to the dollar.
The only reason China is holding all that debt is because they need to prop up the dollar, and they need America to maintain sufficent foreign reserves purchase cheap Chinese products. They're basically offering us credit to buy their stuff; that's how you (have to) resolve trade deficets. Of course, the counterbalance, economically, to a trade defecit is floating currency; but that's something we do not have with China.
China and American cannot act each other economically. Any kind of disruption would be disasterous to the other. This is why the U.S. cannot force China to float it's currency, and this is why China does not run U.S. foreign policy.
AT & T did a study, and found that to be most productive, you need 32 square feet of surface (desk, table, shelving, etc). When's the last time you saw decent shelf space in a cube farm?
My cube "farm".
It's a little unorthodox, I guess. I had a choice of an office, or an unused space in our building. I went to the unused space with 32 cube panels, 5 cube desk sections, and heaps and heaps of cube shelving.
Within these constraints, I built myself a cube maze. I love it
Not a typical cube setup, though. Cube furniture is fun stuff; it's like playing with legos. The problem is that most firms use it for 8 cu ft. spaces....
Did you read the article????
This is most CERTAINLY not about the ills of out-sourcing.
How did Verizon get the job done?
Hint: They did it in India/Texas.
Hint2: They didn't use Verizon employees.
This is most certainly a lesson in how Microsoft sucks.
A Microsoft Product?
Late, buggy, out of spec, and bloated?
Who'da thunk?
Shocked, I tell you! Shocked!
What I don't understand is why all the major TV players are signing on with Microsoft. Every Microsoft IPTV deployment has been buggy, overbudget, late, and required significantly higher requirements than Microsoft's initial stipulations. They must be vastly underbidding everyone else on the market; I'd guess Microsoft is spending hundred of millions, if not billions, on breaking into this market.
I'd love to see one of these Microsoft IPTV deployments flop (I'm betting on SBC's deployment). That'll drive the market away from the Vole, regardless of how cheap they're willing to do the (shoddy, useless) work.
How much it feel to work in one of these Microsoft shops? How does it feel to know that cut-rate out-sourced contracted programmers from India with no background on the project did it better and faster than you? I know that India has a wealth of high-quality programmers, but the general rule is that in-house (especially at major programming shops in the U.S.) is better than out-sourced; just more expensive.
In this case, it seems that with Microsoft you pay more, and get less. Given their monopoly status, I guess that is appropriate. Monopoly-sized market distortions = inefficency. It's too bad that survival of the fittest takes so long to damage a monopoly.
My primary argument for a transition to Linux/OS X combination. "The Vista transition will require a substantial increase in IT workforce, and will be mandatory."
I love it.
Your 8MP camera does not come close to the resolution of a decent home scanner.
;-)
Any HP Office-jet comes with auto-feed duplex scanning, and built-in OCR, photocopy, and faxing.
I just bought an Office-jet 5610 for $119
That's why
Plus, getting the camera to line up is not where as easy as getting the scanner to line up.
At one point, wasn't the high-end A/V world heading in the direction of using a top-notch receiver as the center of your system, with your display device (HDTV or Projector) as a pure monitor? All inputs would go to your receiver, which would then connect via one cord (video only) to your monitor.
What the heck happened to do that? Is that even possible in the new, HDMI world? I know that you can do that with 0 degredation via DVI; am I going to have to stock up on those magic-DVI/HDMI descramblers?
I _like_ having a dumb "monitor" style TV. It's not about saving costs, it about purchasing components separately.
Is this still possible? My latest Harmon Kardon receiver does both DVI and Component cable switching, but I haven't purchased any HDMI equipment. Am I stuck out of this braindead, half-assed digital revolution the FCC is pushing us towards?
Encrypted!
Seriously. The only thing that bugs me is I cannot get a good, wireless, portable encryption platform. My GSM cell phone might as well be an open book. Other than that, my SIP communication, and my GPG e-mail should be moderately difficult for the "powers that be" to crack.
If all communication was encrypted, even if that encryption is breakble, the computational needs of large scale data mining would be impossible. If you need an NSA super computer to crack every e-mail, and it takes 1 hour of processor time per e-mail, you can't very well analyze one billion e-mails a day.
What, the grandparent post, or IIS?
Please ignore (or nega-bomb) this idiot.
Saying:
"Linux application security consists of "run it as 'nobody'" or "just don't do that."'
is similar, if not even less informed, than saying, "Windows application security consists of maintaining proper backups and running everything in a virtual machine".
Linux application security consists of a variety of kernel level APIs that can be controlled by admin-level userspace programs. Unlike Windows Security Center (which, as far as I can tell, consists of an ugly GUI and a couple minor "up-to-date" hooks into Spyware soft/Firewall soft/Anti-virus software), the Linux security APIs give you extensive control on a fine grained program-by-program, user-by-user and even thread-by-thread basis, far surpassing anything dreamed up and then cut from Longhorn, let alone the crap that made it into Vista.
See my other post for the AppArmor summary.
No No No.
The other "security" implementations would be like asking Unix to allow admin userspace programs to access the Linux Kernel security interfaces, manipulating operating system controls on a real-time bases.
Which is exactly what the Linux Security Modules project did
The Linux Security Modules (LSM) project provides a lightweight, general purpose framework for access control. Contemporary computing environments are increasingly hostile. Adding enhanced access control models to the kernel improves host security and can help a server survive malicious attacks. Security research has provided many types of enhanced access controls effective for different environments. The LSM framework allows access control models to be implemented as loadable kernel modules.
RedHat/Fedora use SELinux. openSuSE uses AppArmor. You could invent your own Kernel Security software.
See the difference?
Let me quote some AppArmor literature. It's really vastly superior to Vista, in that AppArmor isn't a "hacked on" bandaid, but a fundamental hook into the lowest levels of the system; AppArmor has incredibly fine grained controls; and AppArmor is not terribly difficult to work with.
/usr/sbin/ntpd { /etc/ntp.conf r, /etc/ntp/drift* rwl, /etc/ntp/keys r, /var/lib/ntp/drift rwl, /var/lib/ntp/var/run/ntp/ntpd.pid w, /var/lib/ntp/drift/ntp.drift r, /drift/ntp.drift rwl,
Security Through LSM: Linux Security Modules Interface
To achieve security (non-bypassability) mediation methods like AppArmor need to be inside the kernel. AppArmor originally was a kernel patch, but that imposes major problems for distribution and deployment, especially for enterprise users. To achieve kernel-grade security without requiring a kernel patch, Immunix Inc. (who developed AppArmor prior to Novell's acquisition) developed a feature for Linux 2.6 called LSM: Linux Security Modules interface. LSM provides a kernel API for modules that allows loadable modules to do effective access control mediation. Other participants in LSM development included the SELinux community, IBM, and assorted other open source community developers.
Mediation at layers other than the kernel, e.g. in libraries, leads to bypassability: if an attacker can induce arbitrary code execution in a confined application (e.g. buffer overflow) then they can cause the program to call the kernel directly instead of through the library, thus bypassing the mediation. Moreover, such mediation is best done deep inside the kernel, rather than by intercepting system calls
Transparancy Through Familiarity
To achieve transparency, AppArmor uses all-classical UNIX security semantics, but applies them to programs. An AppArmor policy specifies the set of POSIX.1e capabilities that a program can have, and specifies the set of files it can access. The POSIX.1e capabilities are specified by name. The files are specified by absolute path names, including embedding shell-syntax wild cards, followed by access modes (R, W, and X, with a bit of embellishment). So an AppArmor policy to confine ntpd (the network time protocol daemon) looks like this:
#include
#include
#include
capability ipc_lock,
capability net_bind_service,
capability sys_time,
capability sys_chroot,
capability setuid,
}
Keep in mind this stuff can be created from GUI.
From here, it would be relatively straightforward to hand-craft security policy for applications through a combination of expert knowledge and trial and error. However, that would be so tedious that the vast majority of developers and users would refuse to put in the work. To further improve transparency, AppArmor includes a "learning mode" to allow policy to be built by running the application and observing what it does. In learning mode, the rules are not actually enforced, but violations are logged, and process forking is tracked, so that the log of an application's execution builds up a characteristic description of the application's activities. AppArmor includes a log analysis program that scans the log, prompts the user with questions, and automatically creates a program profile. Learning mode and the log analyzer are also capable of incremental improvement of the profile if one already exists, but omits some necessary rules.
Application Security and System Security
An individual application can be secured using an individual profile, but how to secure a system? A vital question in securing any system is "against what threats?" We could profile all of the programs on the system, but that would be a lot of effort, and in most cases unnecessary. For instance, consider the network threat model: we wa
Not to mention AppArmor, which is far more fine-grained than any Microsoft notion of security.
No, grandparent poster is correct. You're misunderstanding what China's saying. (By the way, your jab at America is true, but inapproprirate. Just because our government does absolutely ridiculous things does not mean we, as private citizens, should not poo-poo other nation's stupid laws. Fight censorship and injustice, everywhere, all at once. That's the only _sound_ moral position).
... news and information released in China by foreign news agencies shall not contain any of the following that serves to: ...
.... anything negative?
.
Here they are:
That one is obvious. Private, foreign news agencies.
-- undermine China's national unity, sovereignty and territorial integrity;
National Unity: This means don't write about Taiwan. You know, the democractic, capitalistic, highly succesful, health care for everyone China? Taiwan, after all, is the Republic of China. Don't write about Taiwan in Chinese news releases, or you'll get booted from the country.
Sovereignty: This means don't write about the South China Sea (which is claimed by several nations), don't write about North Korea, which is an ally of China, and whom China conducts territorial negotations on behalf of. Also, this means don't write about North Korea's disputes with other countries; after all, they occur in the Chinese sphere of influence. This means don't write about North Korea's missile tests that fly over Japan. Or South Korea. Also, this means don't write about the U.S. 7th fleet, which often conducts patrols in disputed regions of territory.
Territorial Integrity: The first thing that comes to mind here is Hong Kong. Don't write about "integration" issues, things that have gone wrong in Hong Kong since it became part of the mainland again. After all, you could be inciting those whiley Hong Kong residents to revolt. Also, don't talk about things like Tianenman Square; who knows what trouble that could cause in the border regions.
Furthermore, the Chinese government tends to interpret "Territorial Integrity" as regarding domestic economic issues. Don't write about economic disparities between Shanghai and the surrounding agriculture regions; you could be inciting a civil war between the poor and the rich.
-- endanger China's national security, reputation and interests;
National Security: This one is a doozy. Don't write about what China does in regarding to Japan, North or South Korea, China's disputes with Russia over a variety of oil fields, China's military production, or China's industrial capabilities. This is the same kind of crap King George Bush tries to push in the U.S.
Reputation: *Giggle*. The implications of this one should be obvious. Don't write about political suppression. Don't write about the mess in Beijing's streets. Don't write about crime. Don't write about widespread intellectual piracy. Don't write about
Interests: This one is openended. Anything the Chinese government works upon, is a Chinese governmental interest. 'Nuff said. Alien and Sedition acts all over again.
-- violate China's religious policies or preach evil cults or superstition;
China's religious policies: Don't write about religion, period. Don't write about Christ, Mohammed, or Moses. Don't write about Buddha. China is particularly intolerant of any organized religion, and that offends even me, a 'devout' athetist.
-- incite hatred and discrimination
Giggle
It would obviously be preferable to have a well-written universal OS, but that brings us around to the old saying: The best kind of government would be a benevolent dictator, but how many dictators stay benevolent?
It would be vastly better if we have well-written universal API layers. Like Java, C#/.NET/Mono, Qt, GTK, and other beautiful cross-platform toolkits.
Unfortunately, except for Java and C#, we don't have any toolkits that go "all the way" in being cross platform, with the possible exception of Win32 (WINE), but Wine is reverse engineered, not bottom-up designed, so there are limitations.
There's no reason for application interfaces to be deeply tied into the OS. Properly engineered, a user-space environment on Linux should be able to run Windows or OS X or whatever applications, and vice versa. The reason we do not have this is not because of engineering limitations, but because of vertical vendor lock in. Lately, this seems to be easing slightly.
I envision a future where applications come with API requirements, not OS requirements. "Requires GTK 2.42, OpenGL 3.0, and SDL. OpenAL 5 required for 3D audio." Software manufacturers would probably support particular "distributions" on the box ("Runs on OS 12.5, Mandriva 2012, and Windows Super-Next-Hubble-Viewpoint"), but like *current* binary software for Linux you shouldn't have many problems installing on the "wrong" distribution; with minor API-requirement caveats.
Think Python applications (these are often cross-platform). Think Java. Think C#. As CPUs get faster, we can put up with some of this overhead; and indeed, in some cases there is very little overhead (WINE does Win32 in userspace on Linux really quickly. Imagine if Microsoft gave up the OS business, but just started selling something like Wine. The "Windows" application layer for Linux, OS X, Unix, Solaris, whatever.
If you want an example of this environment, look at Linux, Solaris' Linux Application Environment, FreeBSD's Linux Application layer, and lxrun, the Linux application layer for (ick) SCO Unix. IIRC, AIX is also Linux compatible.
I think it can work; and giant commercial developers have no problem operating in this multisegmented space. Sure, there are a few more compatibilty bugs than in the Windows monoculture, but there's a greater diversity of applications and environments (from very small systems to giagantic systems), and if the commercial OS space was more competitive in the Desktop world (multiple vendors of multiple pedigree OSs) we would see these compatibility issues worked out quickly.
In the article, he says he doesn't know why China would block Wikipedia, given their position on neutrality.
t ests_of_1989a ng=zh-CN&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=T iananmen+Square&spell=1e =UTF-8&oe=UTF-8
I'm not if he's being intentionally dense, or if he honestly belives that the Chinese government is interested in neutrality.
If so, I'd ask Mr. Wales to compare the following three links:
http://en.wikipedia.org/wiki/Tiananmen_Square_pro
http://www.google.cn/search?hl=zh-CN&ie=UTF-8&inl
http://www.google.com/search?q=Tiananmen+Square&i
Just a thought...