In my experience with these types of services, the first question out of the non-tech-savvy folks I know is always "Can they read my data?". I think we can thank all the ID theft coverage for this.
1) Convince the Muslim clerics in Nigeria that the polio vaccine is not a Western conspiracy to kill off Muslims.
1a) Fix polio.
Right On.
2) Stop the hysteria over genetically modified food, so that people can grow 'golden rice', rice modified to produce beta carotene, so that people who live only on rice, at least get some nutrition from it.
Except that Monsanto and ADM also modify the grain so that it's sterile, meaning if you want to plant a new crop you cannot use seed from the previous one. You must buy it all over again. Think of it as DRM for food.
3) Provide real birth control options for developing nations.
Excellent suggestion. Except whenever the U.N. does it, the U.S. witholds funding and support. (Not that the U.S. has to run everything.)
4) Stop pouring money into China.
A) Why? B) Try it. Go to Wal-Mart and buy something NOT made there.
5) Get the French out of the Sudan, so that the UN can actually fix the problems there....
No comment.
1001) Get them all laptops, so that the power of the Internet can Change Their Lives.
Right On. Until people are fed, housed and safe, they (rightly) aren't interested in the Uplift.
That means lawful U.S. citizens who don't fit the parameters are automatically ruled out.
And this says almost nothing. The following would also be true:
. Unlawful U.S. Citizens who don't fit the parameters are automatically ruled out.
. Lawful U.S. Citizens who fit the profile are automatically rules in.
. Unlawful non-U.S. Citizens who don't fit the profile are automatically ruled out.
And equally content-free.
So one state we want, plus three we don't, equals...
To be able to judge the value of this, we'd need a count of how many fall in each category. Schneier reminds us that we have no way of reliably determining intent.
In response to the other demi-god comment, qmail offers a reward if bugs are found ($500US?).
Of course, there are arguments that this does not constitute security. I think the concept of free fixes for bugs found by customers works a little better - it keeps all the stakeholders in the loop.
I think Nick is great, and I'm supporting the OLPC program, but...
Q: So what's to keep unscrupulous folks from buying these out the back door of warehouses?
A: First the local communities will likely look down on this theft of their resources pretty intensely.[...]
I've seen too many sacks of food marked "UNICEF - For Emergency Relief Use Only" being sold out of the backs of trucks to finance some warlords next BMW, "technical" or Barrett light-50 to believe this. Maybe in Fresno.
This is interesting. Many years ago (in the 1930's) European countries did in fact used to maintain call records. This was primarily for business purposes.
Then came World War Two. As the German Army overcame and occupied Allied countries, they immediately headed for the Post & Telecommunications (or Telegraph) offices. This was to sieze the call records maintained there. They then looked up call records for known Allied agents and sympathizers, Jews and other groups. They used these call records to discover who was talking to whom and went to investigate and/or arrest people who might also be agents/Jews/Etc., or collaborators. These people were then sent to prison, or worse.
After the war, Western European countries decided not to keep call records any longer and instead moved to a metered system. This prevented a reccurance of the bad situation they found themselves in while occupied.
Now these records have been reinstated, in a blatent case of not learning from earlier mistakes. It seems the phrase "Those who cannot learn from history are doomed to repeat it" has once again been demonstrated.
There is a very important cultural difference between culpability in Japanese society and in the West (say, the U.S.). In Japan, to admit ones mistake and ask for forgiveness is considered normal and honorable. Generally Japanese society is willing to let it go at that (adding on, of course, correction of the mistake paid for by those who committed it). There is generally little risk of being sued.
In the U.S., immediate admission of guilt in a public forum is likely to generate lawsuits. In such a litigeous society, it is wiser to not admit anything, and let your attorneys negotiate the best possible outcome from the error.
How any of this factors into Sony's current behaviour, I'm not certain...
I didn't want this to be a thread on proposed alternatives (after all, THEY'RE the ones with lots of bright people and $4B US in the bank). There's a substantial amount of trust going on in this new transaction. Being inflammatory, perhaps the new slogan should be "Don't be Evil, but plan for it."
The catch is it's such a tempting offer - they've implemented a really good webmail service here. The addition of rewriting your "From" address is just perfect. I'm just glad I already had my account before this new requirement, or I'd be reluctant to get it.
So Google has all of Usenet under their (practical) control (as the only source I know of with the full archive), they have a lock on geek email, they dominate retain (non-corporate) 'net ads, and are the premier aggregator of 'net data for their wildly popular search engine. Oh, and they have killer mapping tools.
Now they want to keep and store mobile numbers. I understand why they're doing it, but couldn't another approach be used to limit account generation? (linking to a valid, non-GMail account for example) Their privacy policy is Ok so far, but they don't actually have to follow it (how would we know?) and they can change it at any time. (Recall Disney's purchase of that kids web service.)
I'm a middle-of-the-road/. user in terms of paranoia, but I hear that box of Reynolds a-calling.
IIRC, this is exactly the decision that improved the performance of, but decreased the stability of Windows NT 3.51; when they added video drivers to the kernel and released NT 4.0.
And I've been running it for several years, using ATA100 hot-swap sleds, with no difficulties. Works, too - had a transparent drive failure about two years ago.
I don't quite understand how you're going to boot a mirrored root volume automagically via software raid (much less a striped one). Or is it acceptable to have to reconfigure to boot?
Take a look at StarBridge Systems, who have been advocating this approach for years. When they first came out (with claims of 100-1000 fold performance improvement of vector supercomputers for certain applications at 1/10 the price) they were the vaporware of the high-performance computing industry. I didn't believe in it either, but slowly we're all coming around.
One of the main reasons for raised flooring is airflow - cool air from below is drawn up through the floor, and hot air is expelled above and vented away.
Since that's not likely practical for you, consider the other option that large data centers use: overhead raceways. Run your power and data cables overhead, then down into your racks/shelves.
This will save you the (possibly substantial) cost and hassle of raised flooring that you likely can't put to good use anyway. The cabling is actually more accessible, still out of harms way, and if neatly done it can be nice to look at.
CC Evaluations are widely misunderstood, but are actually relevent and valuable if you know how to use them (which it seems most don't).
The key to the CC is the Security Target or Protection Profile. The EAL number indicates how rigorously the claims in these documents have been verified. (The article linked covers this.) If the claims in an ST or PP are important to you, higher EAL's provide more assurance that what is claimed is in fact true. If you require something that isn't in the ST or PP, then even an EAL7 means nothing to you.
It seems that most people think of the EAL as a simple "security score," which isn't the case.
it will not be connected to any outside network at all. your box will be. (Microsoft pulled this to give a high security rating to NT, i believe)
Not exactly. I don't want to be an MS apologist, but the TCSEC rating that MS got for Windows NT was indeed while it was not connected to a network. We all agree that is rather useless these days. The problem was the TCSEC (Orange Book) certification; it specifically does not cover networked systems. Networks are covered by the Red Book. This problem is one of the reasons the Common Criteria was created, which can certify systems including networks.
The Japanese fork of Freenet (Winny) was popular, and supposedly included a fundemental flaw in their implimentation (which does not appear in Freenet). Two users were arrested, and the Winny network collapsed.
Anyone writing on technological matters in a popular publication should be required to have a modicum of a clue.
And the author didn't go to any practitioners in the field, either. Like...
. an analyst at the United States Army's Foreign Military Studies Office at Fort Leavenworth
. a computer forensics specialist and a senior fellow at Mitretek Systems
. an author and a specialist on the National Security Agency.
. a former Arab linguist with the National Security Agency and the Defense Information Systems Agency
. the author of a new book, "Hacking a Terror Network: The Silent Threat of Covert Channels"
. the former director of central intelligence
Nope, not a shred of research or searching for opposing viewpoints.
Slashdot Mirror
I don't know about the experience of other players, but I'm much more likely to be cussed out by the 9 year olds than anyone else on the system.
Sharks. With Lasers.
Brings a tear to my eye.
1a) Fix polio.
Right On.
2) Stop the hysteria over genetically modified food, so that people can grow 'golden rice', rice modified to produce beta carotene, so that people who live only on rice, at least get some nutrition from it.
Except that Monsanto and ADM also modify the grain so that it's sterile, meaning if you want to plant a new crop you cannot use seed from the previous one. You must buy it all over again. Think of it as DRM for food.
3) Provide real birth control options for developing nations.
Excellent suggestion. Except whenever the U.N. does it, the U.S. witholds funding and support. (Not that the U.S. has to run everything.)
4) Stop pouring money into China.
A) Why? B) Try it. Go to Wal-Mart and buy something NOT made there.
5) Get the French out of the Sudan, so that the UN can actually fix the problems there. ...
No comment.
1001) Get them all laptops, so that the power of the Internet can Change Their Lives.
Right On. Until people are fed, housed and safe, they (rightly) aren't interested in the Uplift.
And this says almost nothing. The following would also be true:
. Unlawful U.S. Citizens who don't fit the parameters are automatically ruled out.
. Lawful U.S. Citizens who fit the profile are automatically rules in.
. Unlawful non-U.S. Citizens who don't fit the profile are automatically ruled out.
And equally content-free.
So one state we want, plus three we don't, equals...
To be able to judge the value of this, we'd need a count of how many fall in each category. Schneier reminds us that we have no way of reliably determining intent.
Of course, there are arguments that this does not constitute security. I think the concept of free fixes for bugs found by customers works a little better - it keeps all the stakeholders in the loop.
Q: So what's to keep unscrupulous folks from buying these out the back door of warehouses?
A: First the local communities will likely look down on this theft of their resources pretty intensely.[...]
I've seen too many sacks of food marked "UNICEF - For Emergency Relief Use Only" being sold out of the backs of trucks to finance some warlords next BMW, "technical" or Barrett light-50 to believe this. Maybe in Fresno.
Then came World War Two. As the German Army overcame and occupied Allied countries, they immediately headed for the Post & Telecommunications (or Telegraph) offices. This was to sieze the call records maintained there. They then looked up call records for known Allied agents and sympathizers, Jews and other groups. They used these call records to discover who was talking to whom and went to investigate and/or arrest people who might also be agents/Jews/Etc., or collaborators. These people were then sent to prison, or worse.
After the war, Western European countries decided not to keep call records any longer and instead moved to a metered system. This prevented a reccurance of the bad situation they found themselves in while occupied.
Now these records have been reinstated, in a blatent case of not learning from earlier mistakes. It seems the phrase "Those who cannot learn from history are doomed to repeat it" has once again been demonstrated.
In the U.S., immediate admission of guilt in a public forum is likely to generate lawsuits. In such a litigeous society, it is wiser to not admit anything, and let your attorneys negotiate the best possible outcome from the error.
How any of this factors into Sony's current behaviour, I'm not certain...
The catch is it's such a tempting offer - they've implemented a really good webmail service here. The addition of rewriting your "From" address is just perfect. I'm just glad I already had my account before this new requirement, or I'd be reluctant to get it.
Now they want to keep and store mobile numbers. I understand why they're doing it, but couldn't another approach be used to limit account generation? (linking to a valid, non-GMail account for example) Their privacy policy is Ok so far, but they don't actually have to follow it (how would we know?) and they can change it at any time. (Recall Disney's purchase of that kids web service.)
I'm a middle-of-the-road /. user in terms of paranoia, but I hear that box of Reynolds a-calling.
Techo-utopianism? Have you actually READ any of Gibson's work?
You already do - to travel by air, rail or Greyhound bus. This simply adds private car to the list.
IIRC, this is exactly the decision that improved the performance of, but decreased the stability of Windows NT 3.51; when they added video drivers to the kernel and released NT 4.0.
And the cake machine needs to assemble itself. Preferrably from other cakes.
I don't quite understand how you're going to boot a mirrored root volume automagically via software raid (much less a striped one). Or is it acceptable to have to reconfigure to boot?
Take a look at StarBridge Systems, who have been advocating this approach for years. When they first came out (with claims of 100-1000 fold performance improvement of vector supercomputers for certain applications at 1/10 the price) they were the vaporware of the high-performance computing industry. I didn't believe in it either, but slowly we're all coming around.
Since that's not likely practical for you, consider the other option that large data centers use: overhead raceways. Run your power and data cables overhead, then down into your racks/shelves.
This will save you the (possibly substantial) cost and hassle of raised flooring that you likely can't put to good use anyway. The cabling is actually more accessible, still out of harms way, and if neatly done it can be nice to look at.
But Otto suffered from multiple personalities. One of whom, Emily, thought she was a Czech farmer.
The key to the CC is the Security Target or Protection Profile. The EAL number indicates how rigorously the claims in these documents have been verified. (The article linked covers this.) If the claims in an ST or PP are important to you, higher EAL's provide more assurance that what is claimed is in fact true. If you require something that isn't in the ST or PP, then even an EAL7 means nothing to you.
It seems that most people think of the EAL as a simple "security score," which isn't the case.
Prepare to be harvested.
Not exactly. I don't want to be an MS apologist, but the TCSEC rating that MS got for Windows NT was indeed while it was not connected to a network. We all agree that is rather useless these days. The problem was the TCSEC (Orange Book) certification; it specifically does not cover networked systems. Networks are covered by the Red Book. This problem is one of the reasons the Common Criteria was created, which can certify systems including networks.
The Japanese fork of Freenet (Winny) was popular, and supposedly included a fundemental flaw in their implimentation (which does not appear in Freenet). Two users were arrested, and the Winny network collapsed.
And the author didn't go to any practitioners in the field, either. Like...
. an analyst at the United States Army's Foreign Military Studies Office at Fort Leavenworth
. a computer forensics specialist and a senior fellow at Mitretek Systems
. an author and a specialist on the National Security Agency.
. a former Arab linguist with the National Security Agency and the Defense Information Systems Agency
. the author of a new book, "Hacking a Terror Network: The Silent Threat of Covert Channels"
. the former director of central intelligence
Nope, not a shred of research or searching for opposing viewpoints.
Check your game licensing. Most require permission for public display or charging for play.