The choice of protocol is going to be your first decision. I picked Z-wave because there are many different manufacturers and a wide variety of devices. Every so often, someone will have devices on clearance or closeout. And you can find them in lots of places: Home Depot, Staples, and a wide variety of online merchants carry them. If you go with a more proprietary system like Insteon, you'll pay more per device and be more locked in.
The hub cost should be less important to you than the per-device cost. You need to buy only one hub, but you'll end up buying a lot of devices. Be prepared to pay about $40/device (list), or $10-20/device (clearance).
Unlike the protocol, the controller isn't something you have to be stuck with forever. You can upgrade them. Z-wave controllers are available in a USB stick form factor, which means you can build a home controller out of any computer you want. I chose to buy a Vera because I wanted an open system that didn't have a monthly fee, and I wanted the whole controller as a turnkey system. The Vera has a really good UI and a lot of mobile phone clients that connect to it, but there are several other Z-wave controller options, including HomeGenie (completely open source, designed around a small platform like the RasPi or the Beagle Board), and OpenHAB (platform agnostic Java, completely open source, but very weak UI.)
People have recently started rooting the Wink, which is a really cheap controller with a lot of connectivity options (including Z-wave), but it's not an open source device. And the Staples Connect Hub (made for them by D-Link) has lots of connectivity options for only $49. My Vera2 is currently at the limits of capacity for all my devices, so I'm considering options besides migrating to their Vera 3, including building my own HomeGenie system. The Vera 3 is about $299, but I think I could build a very capable HomeGenie box for under $100.
1. Evil hacker creates some malicious javascript that does three things: it attempts to connect to a local Asus router; upon finding one it reconfigures it to allow external access; after successfully hacking a router it opens a connection to his server to report another victim. 2. Evil hacker sets up a rogue WiFi hotspot in a coffee shop near your office, and lures people into connecting to his evil open proxy (check out the WiFi Pineapple if you want to see how such a device works, or if you just want to purchase one.) 3. The evil proxy injects the javascript into the bottom of whatever pages the victims visit, and modifies the cache-control directives to cache those pages for a long time. This is called a cache poisoning attack. 4. The evil hacker waits for one of those victims to return to your office with their poisoned laptop, reconnect to your network, open their browser, and re-visit one of the poisoned sites in their cache. The malware script launches in the user's browser, attacks your router from within the trusted side of your network, then visits his site to report "mission accomplished, here's the IP address of another hacked router." All of this is of course invisible to the average random coffee-drinking employee. 5. ??? 6. I don't know exactly what happens in step 5, but it is likely nothing you would consider good.
This type of attack was fairly common when google was using http instead of https, and evil proxy operators could count on lots of people visiting the google page. It's still easy enough to do, and remains one of the biggest risks of trusting any unsecured wifi networks.
More often than not, the evil hackers are just phishing for random victims. But by setting up his access point in a coffee shop frequented by your employees, this is one way the evil hacker could target you specifically.
Don't forget the robust community that supports Vera. It's easy to create new devices, and people have. This is extremely helpful for devices that Vera can't reach via Z-wave or any other technology. For example, I installed a "device" that talks to the Craftsman AssureLink web service to find the status of my garage door (the AssureLink internet bridge talks only to their service, and I haven't yet found it to offer a locally accessible interface. Time to break out wireshark, I think.)
There are also many "virtual devices" people have written to do all kinds of interesting things. One will monitor other devices, and fire an event when certain combinations of things are met. I have a virtual switch that pings our phones' local wifi IP addresses so the house knows when we're home. It can fire an event when our phones connect to our access point, or fire one when we've been out of range for 15 continual minutes, or whatever. Someone built an interface to Apple's locator service, so I could have the house know when I was approaching within 5 miles, but that had the unintended consequence of draining my iPhone's battery flat after about 6 hours - I uninstalled that one.
Sorry to deliver the bad news, but home automation systems will never contribute more than about 100 milliFonzies to your Coolness score. There is very little cred amongst most people about having an automated home; only the nerds seem to care, and the Nerd Equivalent Factor of.1 means that even if your home automation system rated a full Fonzie, the owner simply cannot be that cool.
I also have a Vera (the older Vera 2) and highly recommend it. No cloud server needed, although you can optionally set your Vera up to communicate with their servers for free, if you want. (If you don't want, you can set up a VPN to access it from outside the home.)
It's built on OpenWRT, and has a robust community building support for all kinds of devices. It's primarily a Z-wave controller, but it can talk to Insteon systems if you buy the appropriate hardware.
I'd recommend getting whatever the big version is, instead of the Lite version. My Vera 2 is running out of horsepower, and I don't have all that many devices.
And what makes you think I missed it? Heinlein was a strong advocate for a military-based society; Verhoeven camped it up to its absurd extreme.
It's camp. It's entertainment. Laugh. But if you are concerned that people are learning social structures from it, then you've probably been watching too much Fox News.
That's irrelevant. If demand goes up because of whatever-external-market-force, then price will go down as competition increases. If LowerPrice+NewTax goes below CurrentUntaxedPrice, then the cost goes down. The tax is only a component of cost, and it's foolish to believe that it's what will set the price.
While I haven't personally used GoGo, I presume that you have to click "I Agree" after being shown a bunch of legalese that probably includes something like this:
"By clicking 'I Agree', I consent to having all of my traffic monitored while using this service. This includes traffic I might otherwise think would be private. Furthermore, by clicking 'I Agree', I grant such access and I renounce any claims of improper use of the data."
If you click "I agree", you pretty much give up any chance of fighting said nonsense.
Yeah, that related article stated it poorly. Its conclusion was only "Internet as a public utility will likely result in new taxes". It ignores the fact that supply and demand drive pricing, and overall cost.
Starship Troopers was directed by Paul Verhoeven, who likes to push action movies just over the edge of campiness. Action movies that don't fit either the comedy or drama genre fall flat, because frankly, shoot-run-shoot-chase-shoot is tedious. You need to either care deeply about the characters portrayed, or be entertained by laughing at the absurdity of the situation. Verhoeven emphasizes the absurd, which makes scenes like the one where Clancy Brown throws the dagger through Jake Busey's hand during training ( then yells "Medic!") hilarious.
Before I saw it, there was a part of me that wanted Starship Troopers to be a serious movie worthy of the title of Sci Fi, and I remember being initially disappointed that it wasn't. But because he turned it into a "fun" movie, I came to appreciate it as entertainment.
I have been building my home automation system since the first iteration of Vera came out (still using my original Vera controller, which is woefully underpowered.) I initially bought it to control the plant lights by having the duration of supplemental lighting follow the duration of the actual day, providing seasonally appropriate lighting which causes the plants to bloom on schedule. It has been much more reliable at keeping track of the time than I ever was, and our plant growth has been much improved as a result. That was the initial outlay; further additions included automating lights, coordinating indoor and outdoor lighting without having to rewire the house, and the additions of temperature and water sensors. In terms of money, though, I don't know that any of those qualify as a "savings". At best, they've been a cost avoidance (one of the sensors alerted me to a water leak before the basement flooded.)
In terms of my time spent, like you, it's a hobby for me. I'm learning what works, what doesn't, and playing with various things to see if I get interesting or valuable results. Home automation has long claimed to have potential, but it's going to take a lot of real world examples to prove it.
People are all panicky about smart meters, and they imagine they're some kind of Big Brother device that reports on their TV watching habits, or know exactly what kinds of subversive web sites they visit based on their power usage, and report their pr0n habits to the gubbamint. But "smart meters" are not "omniscient meters". They just measure your home's overall consumption of electricity, same as your current meter.
Smart meters essentially work like what you're talking about. The difference is they are in near constant communication with the utility, so they broadcast a rate schedule to your home's appliances that advertise the current and near future electric rates, and they can report overall house consumption on a near-real-time basis. And that's about it.
The utility can predict "At 4:00 today it will be very hot, so we will be bringing on supplemental generators at that time to meet all the extra A/C demand." They also know that regular electricity normally goes for $0.08/kWh, but supplemental generators cost them $3.00/kWh. They then tell the meters the rate schedule for today is $0.50/kWh from 12:00 to 3:00; $0.60/kWh for the first 2kW from 3:01 to 8:00, but $5.00/kWh for everything above 2kW; and $0.20/kWh from 8:01 to 12:00. The meter then announces the price schedule to your home appliances. You may choose to have your washing machine configured to run only if the cost of your electricity is less than $0.25/kWh; you may have your thermostat set to reduce air conditioner use when the cost is greater than $0.75/kWh; and you may set your electric water heater and pool pump to switch completely off if the cost is greater than $1.00/kWh. It's all your choice, how you want to manage your consumption remains up to you. You simply have to know you'll pay more when overall demand is greater.
Your electricity usage today is not a secret. Your meter already reports usage to your utility company so you can pay for what you use. But today, your dumb meter can't tell what time of day the electricity was consumed, and it doesn't know the rate in effect when you consume it, so your utility company has to front-load everyone's rates with the predicted cost of supplemental generation, the future cost of fuel, etc, and they only change the rate on a monthly or annual basis. What will change with smart meters is the rate you pay will depend on the rate in effect when you consume it; the meter will know the current rate and you will be charged accordingly. Even after smart meters roll out, how you choose to use the energy your house consumes is still up to you, and whether or not you're spending it on a dishwasher or indoor pot-growing farm is still not the utility company's business.
We've had a few packages dominate the landscape, and each of them has had some of the best and the brightest people looking at it, reviewing it, analyzing it, looking for flaws, running code analysis, fuzzers, everything. We've done exactly what you've said: we dedicated resources to develop a single (or few) libraries. Yet they still have flaws.
I don't believe the perfection-alone-model works, because there is no evidence that it does. So far we have evidence that every commercial-grade protocol and implementation has had some kind of security flaw. Therefore we need to stop believing that we can engineer our way out of the situation, because we haven't. We need a completely different and complementary approach. We need to better manage the risk of failure.
To me it doesn't matter why someone would choose a particular library over another, only that we don't all put our eggs in the one basket. The evidence suggests they're all going to fail at some point; it's only a matter of when.
So all we need are 11 more sets of programmers to program free version of SSL 2-12?
Yes, and demand for them. But the big problem you're correctly implying is there's no economic justification that will drive this behavior. Maybe it will take a dozen big companies and foundations to drive this. Imagine if IBM, Microsoft, Google, RedHat, Yahoo, HP, Dell, Apache, Wikimedia, Mozilla, FSF, Apple, Intel, AMD, nVidia, Bungiesoft, and others each contributed their own versions of openSSL; each written in their own choice of language, using their own code, and building their own implementations of everything from the crypto through the command line interpreter logic. My company may decide we do more business with Intel, so we choose theirs. Or your company may be more Apple focused, so you'd choose theirs. In every case, we'd all nervously watch each other looking for signs of intrusions, hoping we won't be the victims, but knowing that alternatives exist if we are.
While a 1/12th scale incident of Heartbleed is still a huge problem for a lot of companies, it's no longer the catastrophe-sized disaster that Heartbleed actually was.
The security of the open source model isn't really the problem or the answer here. The problem is homogeneity. A million different sites and applications rely on just a few libraries, so that when a bug hits one, it has massive impact on the entire internet.
We also know that the answer isn't in rolling your own security. Very few people or organizations are likely to be able to securely implement their own version of TLS. Even the best packages of today didn't start out perfect, they had to iterate through several flaws to get to where they are today.
So perhaps the better answer is in having more packages to choose from? Instead of picking just openssl by default, it would be better to have a broad array of choices. With a dozen packages on the market, that might mean 11 times out of 12 the bad guys wouldn't exploit our site. If the packages are interchangeable, we'd be better positioned to switch them quickly in case of emergency.
There is always some demand for lone-wolf revenge movies. Remember all the Charles Bronson "Death Wish" movies from the 1970s? He also looked like an ordinary guy, living an ordinary life; not at all dissimilar from Liam Neeson.
Many people enjoy seeing vigilante justice, and for some reason they especially enjoy seeing a guy who has been wronged taking out an entire gang of deserving villains (with just a little help from his friends.) They also get to overlook the fact that in normal circumstances we'd label such a person a "mass murderer".
That would mean movies would cost like a buck or two? Even I'd go for that price.
I wouldn't. Remember "dollar theaters" from the 1990s? They were built on that exact premise. It turned out the audience was primarily a bunch of noisy kids who could afford to go at that rate, so they went to the theater to socialize instead of watching the movie. They had all the manners and polish of a herd of goats.
Even though the dollar theaters had much higher attendance numbers than the first-run theaters, the local ones went out of business. I think it's due to the amount of cleaning staff they had to run through the auditorium after each show, mopping up spilled drinks, clearing pathways paved with popcorn and litter, and chiseling used chewing gum off of every surface. We tried the dollar theater a few times, but it was so disgusting we chose to continue to pay full price for the few movies we did attend. The higher prices set a bar where the people in the theater actually want to see the show.
Something else that the dollar theaters can't compete with is cable. When we are in a theater watching the previews, my wife and I will critique each: "that looks good, we'll have to go see it"; "that looks like your kind of movie"; "let's wait for it to come out on cable"; or it looks so ridiculously awful or inappropriate that all we can do is laugh or cringe. But "wait for cable" is pretty much the stock answer for everything of interest. When we were at the theater yesterday, I don't recall seeing a single preview for any movie we really wanted to catch in the theater.
The point is not that the messages are being intercepted by the stingrays, the point is that the individual phones are being identified. If they have a stingray in downtown Ferguson when the protesters are marching, they can add you to that list of "troublemakers".
Unfortunately, that will primarily give false positives. Cell companies bring in COWs to serve in temporary situations, such as county fairs, sporting events, concerts, and disasters. A COW is indistinguishable from a StingRay.
No, it wouldn't stop everyone from doing stupid things, but it might help a few people make better decisions.
Hardly.
Attacker: It's Christmastime, so just install this greeting card program that has dancing cats! Above Average Victim: Might this be a virus? A: But dancing cats! AAV: OK! *click*
Attacker: It's Christmastime, so just install this greeting card *click* program that has dancing cats! Average Victim: You had me at greeting card! Oh, look! Dancing cats!
If you are going to allow people to own their own computers, and make their own decisions about what software they're going to run on them, they will always be a security vulnerability. Either they have to outsource their trust (digital signatures on programs, antivirus programs, etc) or there needs to be a new way to compartmentalize and isolate authentication and authorization.
Let's see how that plays out in the Open Source world: Step 0: discover exploitable vulnerability in Linux kernel random number generator. Step 1: send a private message to Linus Torvalds saying you've found a vulnerability Step 2: endure a private tirade of racist and misogynistic abuse about how stupid you are in not recognizing this as not-a-bug Step 3: publicly post details of exploit Step 4: endure a public tirade of racist and misogynistic abuse about how irresponsible you are for not disclosing this privately Step 5: wait for it... Step 6: enjoy your now-patched system.
I'm sure I missed an unpleasant step somewhere in the above, but it should be enough to acknowledge that Open Source isn't always the perfect solution we imagine it to be.
There needs to be enough chance so that you have to apply new strategies and skills to overcome the luck of the draw. Chance that simply promotes or demotes you without any recourse is pointless. Chance that puts you in situation A or situation B is slightly more interesting. Chance that puts you in situation(n!) is where you have to exercise your brain to map out a new strategy, and it's where games get fun.
"The database has already one worried comment saying that automatically revealing a vulnerability just like that might be a bad idea." Really? They had 90 days to fix this. That is plenty of time.
It's no big deal. I'm posting this from my Windows 8.1 box, and nothing bad has happened.... @LizardMafia RULEZ!1! d0wn with S0NY!!11!
Slashdot Mirror
The choice of protocol is going to be your first decision. I picked Z-wave because there are many different manufacturers and a wide variety of devices. Every so often, someone will have devices on clearance or closeout. And you can find them in lots of places: Home Depot, Staples, and a wide variety of online merchants carry them. If you go with a more proprietary system like Insteon, you'll pay more per device and be more locked in.
The hub cost should be less important to you than the per-device cost. You need to buy only one hub, but you'll end up buying a lot of devices. Be prepared to pay about $40/device (list), or $10-20/device (clearance).
Unlike the protocol, the controller isn't something you have to be stuck with forever. You can upgrade them. Z-wave controllers are available in a USB stick form factor, which means you can build a home controller out of any computer you want. I chose to buy a Vera because I wanted an open system that didn't have a monthly fee, and I wanted the whole controller as a turnkey system. The Vera has a really good UI and a lot of mobile phone clients that connect to it, but there are several other Z-wave controller options, including HomeGenie (completely open source, designed around a small platform like the RasPi or the Beagle Board), and OpenHAB (platform agnostic Java, completely open source, but very weak UI.)
People have recently started rooting the Wink, which is a really cheap controller with a lot of connectivity options (including Z-wave), but it's not an open source device. And the Staples Connect Hub (made for them by D-Link) has lots of connectivity options for only $49. My Vera2 is currently at the limits of capacity for all my devices, so I'm considering options besides migrating to their Vera 3, including building my own HomeGenie system. The Vera 3 is about $299, but I think I could build a very capable HomeGenie box for under $100.
Consider this scenario.
1. Evil hacker creates some malicious javascript that does three things: it attempts to connect to a local Asus router; upon finding one it reconfigures it to allow external access; after successfully hacking a router it opens a connection to his server to report another victim.
2. Evil hacker sets up a rogue WiFi hotspot in a coffee shop near your office, and lures people into connecting to his evil open proxy (check out the WiFi Pineapple if you want to see how such a device works, or if you just want to purchase one.)
3. The evil proxy injects the javascript into the bottom of whatever pages the victims visit, and modifies the cache-control directives to cache those pages for a long time. This is called a cache poisoning attack.
4. The evil hacker waits for one of those victims to return to your office with their poisoned laptop, reconnect to your network, open their browser, and re-visit one of the poisoned sites in their cache. The malware script launches in the user's browser, attacks your router from within the trusted side of your network, then visits his site to report "mission accomplished, here's the IP address of another hacked router." All of this is of course invisible to the average random coffee-drinking employee.
5. ???
6. I don't know exactly what happens in step 5, but it is likely nothing you would consider good.
This type of attack was fairly common when google was using http instead of https, and evil proxy operators could count on lots of people visiting the google page. It's still easy enough to do, and remains one of the biggest risks of trusting any unsecured wifi networks.
More often than not, the evil hackers are just phishing for random victims. But by setting up his access point in a coffee shop frequented by your employees, this is one way the evil hacker could target you specifically.
Don't forget the robust community that supports Vera. It's easy to create new devices, and people have. This is extremely helpful for devices that Vera can't reach via Z-wave or any other technology. For example, I installed a "device" that talks to the Craftsman AssureLink web service to find the status of my garage door (the AssureLink internet bridge talks only to their service, and I haven't yet found it to offer a locally accessible interface. Time to break out wireshark, I think.)
There are also many "virtual devices" people have written to do all kinds of interesting things. One will monitor other devices, and fire an event when certain combinations of things are met. I have a virtual switch that pings our phones' local wifi IP addresses so the house knows when we're home. It can fire an event when our phones connect to our access point, or fire one when we've been out of range for 15 continual minutes, or whatever. Someone built an interface to Apple's locator service, so I could have the house know when I was approaching within 5 miles, but that had the unintended consequence of draining my iPhone's battery flat after about 6 hours - I uninstalled that one.
Sorry to deliver the bad news, but home automation systems will never contribute more than about 100 milliFonzies to your Coolness score. There is very little cred amongst most people about having an automated home; only the nerds seem to care, and the Nerd Equivalent Factor of .1 means that even if your home automation system rated a full Fonzie, the owner simply cannot be that cool.
I also have a Vera (the older Vera 2) and highly recommend it. No cloud server needed, although you can optionally set your Vera up to communicate with their servers for free, if you want. (If you don't want, you can set up a VPN to access it from outside the home.)
It's built on OpenWRT, and has a robust community building support for all kinds of devices. It's primarily a Z-wave controller, but it can talk to Insteon systems if you buy the appropriate hardware.
I'd recommend getting whatever the big version is, instead of the Lite version. My Vera 2 is running out of horsepower, and I don't have all that many devices.
I can't figure out if he's trying to be Fozzie Bear or PacMan.
And what makes you think I missed it? Heinlein was a strong advocate for a military-based society; Verhoeven camped it up to its absurd extreme.
It's camp. It's entertainment. Laugh. But if you are concerned that people are learning social structures from it, then you've probably been watching too much Fox News.
That's irrelevant. If demand goes up because of whatever-external-market-force, then price will go down as competition increases. If LowerPrice+NewTax goes below CurrentUntaxedPrice, then the cost goes down. The tax is only a component of cost, and it's foolish to believe that it's what will set the price.
While I haven't personally used GoGo, I presume that you have to click "I Agree" after being shown a bunch of legalese that probably includes something like this:
"By clicking 'I Agree', I consent to having all of my traffic monitored while using this service. This includes traffic I might otherwise think would be private. Furthermore, by clicking 'I Agree', I grant such access and I renounce any claims of improper use of the data."
If you click "I agree", you pretty much give up any chance of fighting said nonsense.
Yeah, that related article stated it poorly. Its conclusion was only "Internet as a public utility will likely result in new taxes". It ignores the fact that supply and demand drive pricing, and overall cost.
Starship Troopers was directed by Paul Verhoeven, who likes to push action movies just over the edge of campiness. Action movies that don't fit either the comedy or drama genre fall flat, because frankly, shoot-run-shoot-chase-shoot is tedious. You need to either care deeply about the characters portrayed, or be entertained by laughing at the absurdity of the situation. Verhoeven emphasizes the absurd, which makes scenes like the one where Clancy Brown throws the dagger through Jake Busey's hand during training ( then yells "Medic!") hilarious.
Before I saw it, there was a part of me that wanted Starship Troopers to be a serious movie worthy of the title of Sci Fi, and I remember being initially disappointed that it wasn't. But because he turned it into a "fun" movie, I came to appreciate it as entertainment.
F**king magnets, how do they work?
I have been building my home automation system since the first iteration of Vera came out (still using my original Vera controller, which is woefully underpowered.) I initially bought it to control the plant lights by having the duration of supplemental lighting follow the duration of the actual day, providing seasonally appropriate lighting which causes the plants to bloom on schedule. It has been much more reliable at keeping track of the time than I ever was, and our plant growth has been much improved as a result. That was the initial outlay; further additions included automating lights, coordinating indoor and outdoor lighting without having to rewire the house, and the additions of temperature and water sensors. In terms of money, though, I don't know that any of those qualify as a "savings". At best, they've been a cost avoidance (one of the sensors alerted me to a water leak before the basement flooded.)
In terms of my time spent, like you, it's a hobby for me. I'm learning what works, what doesn't, and playing with various things to see if I get interesting or valuable results. Home automation has long claimed to have potential, but it's going to take a lot of real world examples to prove it.
People are all panicky about smart meters, and they imagine they're some kind of Big Brother device that reports on their TV watching habits, or know exactly what kinds of subversive web sites they visit based on their power usage, and report their pr0n habits to the gubbamint. But "smart meters" are not "omniscient meters". They just measure your home's overall consumption of electricity, same as your current meter.
Smart meters essentially work like what you're talking about. The difference is they are in near constant communication with the utility, so they broadcast a rate schedule to your home's appliances that advertise the current and near future electric rates, and they can report overall house consumption on a near-real-time basis. And that's about it.
The utility can predict "At 4:00 today it will be very hot, so we will be bringing on supplemental generators at that time to meet all the extra A/C demand." They also know that regular electricity normally goes for $0.08/kWh, but supplemental generators cost them $3.00/kWh. They then tell the meters the rate schedule for today is $0.50/kWh from 12:00 to 3:00; $0.60/kWh for the first 2kW from 3:01 to 8:00, but $5.00/kWh for everything above 2kW; and $0.20/kWh from 8:01 to 12:00. The meter then announces the price schedule to your home appliances. You may choose to have your washing machine configured to run only if the cost of your electricity is less than $0.25/kWh; you may have your thermostat set to reduce air conditioner use when the cost is greater than $0.75/kWh; and you may set your electric water heater and pool pump to switch completely off if the cost is greater than $1.00/kWh. It's all your choice, how you want to manage your consumption remains up to you. You simply have to know you'll pay more when overall demand is greater.
Your electricity usage today is not a secret. Your meter already reports usage to your utility company so you can pay for what you use. But today, your dumb meter can't tell what time of day the electricity was consumed, and it doesn't know the rate in effect when you consume it, so your utility company has to front-load everyone's rates with the predicted cost of supplemental generation, the future cost of fuel, etc, and they only change the rate on a monthly or annual basis. What will change with smart meters is the rate you pay will depend on the rate in effect when you consume it; the meter will know the current rate and you will be charged accordingly. Even after smart meters roll out, how you choose to use the energy your house consumes is still up to you, and whether or not you're spending it on a dishwasher or indoor pot-growing farm is still not the utility company's business.
I look at it as a methodology to spread the risk.
We've had a few packages dominate the landscape, and each of them has had some of the best and the brightest people looking at it, reviewing it, analyzing it, looking for flaws, running code analysis, fuzzers, everything. We've done exactly what you've said: we dedicated resources to develop a single (or few) libraries. Yet they still have flaws.
I don't believe the perfection-alone-model works, because there is no evidence that it does. So far we have evidence that every commercial-grade protocol and implementation has had some kind of security flaw. Therefore we need to stop believing that we can engineer our way out of the situation, because we haven't. We need a completely different and complementary approach. We need to better manage the risk of failure.
To me it doesn't matter why someone would choose a particular library over another, only that we don't all put our eggs in the one basket. The evidence suggests they're all going to fail at some point; it's only a matter of when.
So all we need are 11 more sets of programmers to program free version of SSL 2-12?
Yes, and demand for them. But the big problem you're correctly implying is there's no economic justification that will drive this behavior. Maybe it will take a dozen big companies and foundations to drive this. Imagine if IBM, Microsoft, Google, RedHat, Yahoo, HP, Dell, Apache, Wikimedia, Mozilla, FSF, Apple, Intel, AMD, nVidia, Bungiesoft, and others each contributed their own versions of openSSL; each written in their own choice of language, using their own code, and building their own implementations of everything from the crypto through the command line interpreter logic. My company may decide we do more business with Intel, so we choose theirs. Or your company may be more Apple focused, so you'd choose theirs. In every case, we'd all nervously watch each other looking for signs of intrusions, hoping we won't be the victims, but knowing that alternatives exist if we are.
While a 1/12th scale incident of Heartbleed is still a huge problem for a lot of companies, it's no longer the catastrophe-sized disaster that Heartbleed actually was.
The security of the open source model isn't really the problem or the answer here. The problem is homogeneity. A million different sites and applications rely on just a few libraries, so that when a bug hits one, it has massive impact on the entire internet.
We also know that the answer isn't in rolling your own security. Very few people or organizations are likely to be able to securely implement their own version of TLS. Even the best packages of today didn't start out perfect, they had to iterate through several flaws to get to where they are today.
So perhaps the better answer is in having more packages to choose from? Instead of picking just openssl by default, it would be better to have a broad array of choices. With a dozen packages on the market, that might mean 11 times out of 12 the bad guys wouldn't exploit our site. If the packages are interchangeable, we'd be better positioned to switch them quickly in case of emergency.
There is always some demand for lone-wolf revenge movies. Remember all the Charles Bronson "Death Wish" movies from the 1970s? He also looked like an ordinary guy, living an ordinary life; not at all dissimilar from Liam Neeson.
Many people enjoy seeing vigilante justice, and for some reason they especially enjoy seeing a guy who has been wronged taking out an entire gang of deserving villains (with just a little help from his friends.) They also get to overlook the fact that in normal circumstances we'd label such a person a "mass murderer".
That would mean movies would cost like a buck or two? Even I'd go for that price.
I wouldn't. Remember "dollar theaters" from the 1990s? They were built on that exact premise. It turned out the audience was primarily a bunch of noisy kids who could afford to go at that rate, so they went to the theater to socialize instead of watching the movie. They had all the manners and polish of a herd of goats.
Even though the dollar theaters had much higher attendance numbers than the first-run theaters, the local ones went out of business. I think it's due to the amount of cleaning staff they had to run through the auditorium after each show, mopping up spilled drinks, clearing pathways paved with popcorn and litter, and chiseling used chewing gum off of every surface. We tried the dollar theater a few times, but it was so disgusting we chose to continue to pay full price for the few movies we did attend. The higher prices set a bar where the people in the theater actually want to see the show.
Something else that the dollar theaters can't compete with is cable. When we are in a theater watching the previews, my wife and I will critique each: "that looks good, we'll have to go see it"; "that looks like your kind of movie"; "let's wait for it to come out on cable"; or it looks so ridiculously awful or inappropriate that all we can do is laugh or cringe. But "wait for cable" is pretty much the stock answer for everything of interest. When we were at the theater yesterday, I don't recall seeing a single preview for any movie we really wanted to catch in the theater.
The point is not that the messages are being intercepted by the stingrays, the point is that the individual phones are being identified. If they have a stingray in downtown Ferguson when the protesters are marching, they can add you to that list of "troublemakers".
Unfortunately, that will primarily give false positives. Cell companies bring in COWs to serve in temporary situations, such as county fairs, sporting events, concerts, and disasters. A COW is indistinguishable from a StingRay.
No, it wouldn't stop everyone from doing stupid things, but it might help a few people make better decisions.
Hardly.
Attacker: It's Christmastime, so just install this greeting card program that has dancing cats!
Above Average Victim: Might this be a virus?
A: But dancing cats!
AAV: OK! *click*
Attacker: It's Christmastime, so just install this greeting card *click* program that has dancing cats!
Average Victim: You had me at greeting card! Oh, look! Dancing cats!
If you are going to allow people to own their own computers, and make their own decisions about what software they're going to run on them, they will always be a security vulnerability. Either they have to outsource their trust (digital signatures on programs, antivirus programs, etc) or there needs to be a new way to compartmentalize and isolate authentication and authorization.
Let's see how that plays out in the Open Source world: ...
Step 0: discover exploitable vulnerability in Linux kernel random number generator.
Step 1: send a private message to Linus Torvalds saying you've found a vulnerability
Step 2: endure a private tirade of racist and misogynistic abuse about how stupid you are in not recognizing this as not-a-bug
Step 3: publicly post details of exploit
Step 4: endure a public tirade of racist and misogynistic abuse about how irresponsible you are for not disclosing this privately
Step 5: wait for it
Step 6: enjoy your now-patched system.
I'm sure I missed an unpleasant step somewhere in the above, but it should be enough to acknowledge that Open Source isn't always the perfect solution we imagine it to be.
I loath chance-driven games.
There needs to be enough chance so that you have to apply new strategies and skills to overcome the luck of the draw. Chance that simply promotes or demotes you without any recourse is pointless. Chance that puts you in situation A or situation B is slightly more interesting. Chance that puts you in situation(n!) is where you have to exercise your brain to map out a new strategy, and it's where games get fun.
"The database has already one worried comment saying that automatically revealing a vulnerability just like that might be a bad idea."
Really? They had 90 days to fix this. That is plenty of time.
It's no big deal. I'm posting this from my Windows 8.1 box, and nothing bad has happened. ... @LizardMafia RULEZ!1! d0wn with S0NY!!11!