I know there are legal implications to certain decisions I might make, but...
But nothing. You're asking a legal question, you need to go to a legal expert. Slashdotters are not legal experts, they just think they are, and their advice is worse than useless.
If a feature is a niche item, then it's analagous to caviar. But if a feature is popular, than it's analagous to a more popular menu item.
A lot of people prefer to get their music from a stream. I know I do. It's more convenient, and if the person programming the stream is any good, you'll get a nicer mix and a chance to sample new artists and genres.
OK, good point. But if most of the latency comes from the time the fake retail box is sitting in a bigger box, on a pallet, inside a container on a container ship in the middle of the Pacific, then the whole masquerade seems to be just a little more elaborate than it needs to be.
One particular detail bugs me: the package includes an instruction booklet with blank pages. Why bother with such an unconvincing detail if it's a scam?
It's as if somebody was honestly trying to fill a bill of materials, but simply didn't know what they were doing,
You'd have to sell a lot to make back the cost of tooling up, even for lead processors, plastic motorless fans, and crude packaging. Remember, whoever originally bought them from the manufacturer must have known they weren't genuine Intel (probably thought they were getting clones with counterfeited Intel labeling) and would have paid a low unit price.
Perhaps these weird counterfeit counterfeits were created just to make somebody look stupid.
How can they not be noticed? This is the era of just-in-time supply chains, with goods reaching retail shelves within days of being manufactured. Maybe 30 years ago.
Which leaves one big question unanswered: why bother? Was somebody actually dumb enough to believe they could sell enough lead "processors" to make the whole thing worthwhile?
The way our top tier of executives is overcompensated is obscene, unfair, and discourages real capitalism. However, it's not theft. It's the result of some fundamental flaws in the way the system operates. If you really give a shit about it, stop attacking the people who benefit from the system and start working to change it.
The problem with certificates is that there are stored somewhere easier to find than inside someone's head
And if most passwords were stored only in people's heads, that would be relevant. The problem is that most people have to use more passwords than they can possibly memorize.
You're right about two-factor methods being a lot better than any single factor. But I don't see how a certificate is any easier to steal than a password. To use it, you have to be logged into a (presumably password-protected) machine.
And yes, you can copy the key file. But not as easily as you can copy a password written on a post-it. Or con the person who knows the password into sharing it with you. Not to mention that people tend to make up vulnerable passwords.
You're the second person to tell me that keys are harder to set up. I've done it, and I don't agree. The difference is that your typical server comes with password-based authentication already in place. If you take the time to provide the same kind of automated setup for certificates (as SourceForge as done), the total hassle for your users is actually reduced.
Tarpitting can slow down scripted attacks. But if you're seeing millions of attempts to login, that's probably not enough.
And I don't see a tradeoff. If you design it properly, a PKI system is actually less of a hassle for your users, and less of an administrative headache. Password systems persist out of inertia, not because of their greater simplicity.
It isn't simply a matter of having the cash lying around. As you point out, Microsoft and a lot of other companies have the cash, but as publicly-held companies, they don't have the freedom to spend it any way they want. It doesn't matter how profitable you are, if Wall Street becomes convinced that you're "under-performing", some hedge fund will buy up your shares and force a change in management. Or worse: it's not uncommon to see companies dissolved and their businesses sold off because of some theoretical improvement in profit margins.
The two guys who founded Google, Page and Brin, were intensely aware of this phenomenon, and determined to prevent it. That's why Google put off having an IPO until long after they became Wall Street's darling. When they finally did start selling shares to the public, the offering was structured so that holders of Class A could outvote holders of all the other shares. And guess who owns most of the Class A share? Brin, Page, and their CEO, Schmidt.
You might see that in terms of a "vision of the future". I see it as a way of running the company so that they can work on technology they think is kewl without worrying about whether any given project will ever turn a profit. And yeah, it does produce a lot of technological innovation. But it also means that Google is run without a lot of discipline or responsibility. The result is a lot of poorly designed, poorly documented products that never really leave beta mode.
If you assumes viruses and rootkits, then you certainly can't assume that your passwords are secure!
I have to admit that a certificate by itself has weaknesses of its own. I still think even a certificate by itself is more secure than a password by itself, but having a second authentication is a "best practice" in the industry.
And it's best practices we're talking about, not how important your data is. Even if don't care who reads your files, any system connected to the Internet is potentially vulnerable to the thousands of folks who will break in and sabotage it just to show that they can. You need to make it reasonably difficult for that kind of intruder, and I don't think you need to hire a cyber-Paladin to do it.
Except, of course, that's not the class of attack the individual posting the question was asking about. His problem is securing a site from random attackers on the internets, not from attacks as a result of a breach of physical security
So password guess-ability is a big issue. In which case certificates are more secure than even "hard" passwords, never mind the ones people usually pick.
honest-to-god corporate espionage, the risk of a written-down password being pilfered and used as an attack vector into a system is next to nil.
What, you think "corporate espionage" only happens in the movies? Why do you think companies have security guards and badges? Despite these measures, people get in all the time, usually by walking in behind somebody with a real badge. (I've been in workplaces where it was an ongoing problem.) Usually it's to steal physical stuff, but if I wanted to hack into somebody's system, I'd certainly go that route.
As you say, this is not the kind of attack the question was about. But the point is that PKI is fundamentally more secure. This is true even if you believe that passwords on post-its is a lesser issue (which I don't). You don't secure your system by only hardening the most likely attack points — you have to make life difficult for any kind of intruder.
Naw, I'm not into that thing anymore. I doubt that it's searchable beyond article titles (if that). Digitizing that much text would be way too expensive. Only Google, which can use its huge ad revenues to subsidize all kind of unprofitable project, can afford to do things like that.
Password guess-ability is not the big security issue. The problem with passwords is that people write them down and leave them in unsecure locations. Or they fall victim to phishers or other social engineers.
I've set up certificates for SSH accounts, and I don't see how it's more hassle for the users. You generate a key pair, you stick one on the server, the other on the user's computer. The only difference is that the user doesn't have to remember the password. I always set up my own SSH accounts this way, because entering a password over and over gets tedious.
Here's my excuse to ride my usual hobbyhorse about passwords being obsolete. SSH supports certificate-based authentication, which is not only more secure, it's less of a hassle for the user. Don't know if it would be practical for your application (you might tell us more about that) but it's worth a look.
No, Sun did try to re-invent itself. I should know, I was part of the reinvention. I used to be docs lead for this product, which used to be the most powerful 4U x64 server on the market. (It got replaced by another Sun server that's essentially the same box with a new version of Hypertransport.) Sun got this product by acquiring Kealia, which was founded by Andy Bechtolsheim, the same guy who designed to first Sun workstation back at the dawn of time, and who had left Sun a decade before because he couldn't get anybody to drink the x64 koolaid.
It wasn't long before Bechtolsheim left all over again, followed by most of the rest of Kealia. This repeated the acquire-and-destroy cycle that Sun went through when they bought Cobalt networks back in 2000. In both cases they expended huge resources to expand into the x64 user space, but the existing SPARC mafia made sure the new guys knew they weren't welcome.
Maybe you're right, and Symbian isn't following the same route. But if so, why is it taking them so long to get serious about Maemo? The platforms been out since 2005!
I was thinking of project GNU. It started out as nothing more or less than creating a Unix clone. You do know what the initials stand for?
Capitalism also, does not take millions of years. It only takes a few decades of freeing an economic system from the "planned development" idea, when it shows unmistakable signs of tremendous progress.
You're talking about the transition of the former Soviet block to market economies, right? But these new economies didn't grow up out of nothing. There was a lot of interaction with the existing market economies, in the form of trade, investment, and assistance. And even so, there's still a lot of state control, especially in Russia. They just don't bother justifying it with a lot of pseudo-socialist ideology.
Anyway, we're not talking about the shift from socialism to market economies in a planet already dominated by the latter. We're talking about about the invention of modern capitalism. And that took centuries. A thousand years ago, the western world was dominated by feudalism, with very little trade and nothing resembling modern currency. The change arguably started around 1200, and capitalism didn't become the dominant way of doing business until maybe the 1600s. Feudalism fought this trend every inch of the way, and didn't really disappear until the 19th century.
I don't take evolution lightly. I just don't think it's a model for any project that has to complete in a single lifetime.
Slashdot Mirror
I know there are legal implications to certain decisions I might make, but...
But nothing. You're asking a legal question, you need to go to a legal expert. Slashdotters are not legal experts, they just think they are, and their advice is worse than useless.
If a feature is a niche item, then it's analagous to caviar. But if a feature is popular, than it's analagous to a more popular menu item.
A lot of people prefer to get their music from a stream. I know I do. It's more convenient, and if the person programming the stream is any good, you'll get a nicer mix and a chance to sample new artists and genres.
How can you make fun of a man whose career is notable for its gravitas and dignity?
OK, good point. But if most of the latency comes from the time the fake retail box is sitting in a bigger box, on a pallet, inside a container on a container ship in the middle of the Pacific, then the whole masquerade seems to be just a little more elaborate than it needs to be.
One particular detail bugs me: the package includes an instruction booklet with blank pages. Why bother with such an unconvincing detail if it's a scam?
It's as if somebody was honestly trying to fill a bill of materials, but simply didn't know what they were doing,
You'd have to sell a lot to make back the cost of tooling up, even for lead processors, plastic motorless fans, and crude packaging. Remember, whoever originally bought them from the manufacturer must have known they weren't genuine Intel (probably thought they were getting clones with counterfeited Intel labeling) and would have paid a low unit price.
Perhaps these weird counterfeit counterfeits were created just to make somebody look stupid.
How can they not be noticed? This is the era of just-in-time supply chains, with goods reaching retail shelves within days of being manufactured. Maybe 30 years ago.
Which leaves one big question unanswered: why bother? Was somebody actually dumb enough to believe they could sell enough lead "processors" to make the whole thing worthwhile?
Eye don bee leaf any ting yu sey.
And even then, the malware has to be G-rated, since Apple really cares about you.
The way our top tier of executives is overcompensated is obscene, unfair, and discourages real capitalism. However, it's not theft. It's the result of some fundamental flaws in the way the system operates. If you really give a shit about it, stop attacking the people who benefit from the system and start working to change it.
The problem with certificates is that there are stored somewhere easier to find than inside someone's head
And if most passwords were stored only in people's heads, that would be relevant. The problem is that most people have to use more passwords than they can possibly memorize.
You're right about two-factor methods being a lot better than any single factor. But I don't see how a certificate is any easier to steal than a password. To use it, you have to be logged into a (presumably password-protected) machine.
And yes, you can copy the key file. But not as easily as you can copy a password written on a post-it. Or con the person who knows the password into sharing it with you. Not to mention that people tend to make up vulnerable passwords.
You're the second person to tell me that keys are harder to set up. I've done it, and I don't agree. The difference is that your typical server comes with password-based authentication already in place. If you take the time to provide the same kind of automated setup for certificates (as SourceForge as done), the total hassle for your users is actually reduced.
You know, there are treatments for your condition. There's no need to suffer!
Tarpitting can slow down scripted attacks. But if you're seeing millions of attempts to login, that's probably not enough.
And I don't see a tradeoff. If you design it properly, a PKI system is actually less of a hassle for your users, and less of an administrative headache. Password systems persist out of inertia, not because of their greater simplicity.
It isn't simply a matter of having the cash lying around. As you point out, Microsoft and a lot of other companies have the cash, but as publicly-held companies, they don't have the freedom to spend it any way they want. It doesn't matter how profitable you are, if Wall Street becomes convinced that you're "under-performing", some hedge fund will buy up your shares and force a change in management. Or worse: it's not uncommon to see companies dissolved and their businesses sold off because of some theoretical improvement in profit margins.
The two guys who founded Google, Page and Brin, were intensely aware of this phenomenon, and determined to prevent it. That's why Google put off having an IPO until long after they became Wall Street's darling. When they finally did start selling shares to the public, the offering was structured so that holders of Class A could outvote holders of all the other shares. And guess who owns most of the Class A share? Brin, Page, and their CEO, Schmidt.
You might see that in terms of a "vision of the future". I see it as a way of running the company so that they can work on technology they think is kewl without worrying about whether any given project will ever turn a profit. And yeah, it does produce a lot of technological innovation. But it also means that Google is run without a lot of discipline or responsibility. The result is a lot of poorly designed, poorly documented products that never really leave beta mode.
If you assumes viruses and rootkits, then you certainly can't assume that your passwords are secure!
I have to admit that a certificate by itself has weaknesses of its own. I still think even a certificate by itself is more secure than a password by itself, but having a second authentication is a "best practice" in the industry.
And it's best practices we're talking about, not how important your data is. Even if don't care who reads your files, any system connected to the Internet is potentially vulnerable to the thousands of folks who will break in and sabotage it just to show that they can. You need to make it reasonably difficult for that kind of intruder, and I don't think you need to hire a cyber-Paladin to do it.
Except, of course, that's not the class of attack the individual posting the question was asking about. His problem is securing a site from random attackers on the internets, not from attacks as a result of a breach of physical security
So password guess-ability is a big issue. In which case certificates are more secure than even "hard" passwords, never mind the ones people usually pick.
honest-to-god corporate espionage, the risk of a written-down password being pilfered and used as an attack vector into a system is next to nil.
What, you think "corporate espionage" only happens in the movies? Why do you think companies have security guards and badges? Despite these measures, people get in all the time, usually by walking in behind somebody with a real badge. (I've been in workplaces where it was an ongoing problem.) Usually it's to steal physical stuff, but if I wanted to hack into somebody's system, I'd certainly go that route.
As you say, this is not the kind of attack the question was about. But the point is that PKI is fundamentally more secure. This is true even if you believe that passwords on post-its is a lesser issue (which I don't). You don't secure your system by only hardening the most likely attack points — you have to make life difficult for any kind of intruder.
Naw, I'm not into that thing anymore. I doubt that it's searchable beyond article titles (if that). Digitizing that much text would be way too expensive. Only Google, which can use its huge ad revenues to subsidize all kind of unprofitable project, can afford to do things like that.
Why does the user have to set things up? You put a file on their machine, or you give them a script that creates the file.
Password guess-ability is not the big security issue. The problem with passwords is that people write them down and leave them in unsecure locations. Or they fall victim to phishers or other social engineers.
I've set up certificates for SSH accounts, and I don't see how it's more hassle for the users. You generate a key pair, you stick one on the server, the other on the user's computer. The only difference is that the user doesn't have to remember the password. I always set up my own SSH accounts this way, because entering a password over and over gets tedious.
You can get every single issue on DVD for about $80. If I'd had that set when I was a kid...
As for the Popular Science archive: the mind simply boggles. Geek heaven!
Here's my excuse to ride my usual hobbyhorse about passwords being obsolete. SSH supports certificate-based authentication, which is not only more secure, it's less of a hassle for the user. Don't know if it would be practical for your application (you might tell us more about that) but it's worth a look.
So, what will you do when your Zaurus dies? Sharp has abandoned the Linux device market, and I don't see any other sources.
No, Sun did try to re-invent itself. I should know, I was part of the reinvention. I used to be docs lead for this product, which used to be the most powerful 4U x64 server on the market. (It got replaced by another Sun server that's essentially the same box with a new version of Hypertransport.) Sun got this product by acquiring Kealia, which was founded by Andy Bechtolsheim, the same guy who designed to first Sun workstation back at the dawn of time, and who had left Sun a decade before because he couldn't get anybody to drink the x64 koolaid.
It wasn't long before Bechtolsheim left all over again, followed by most of the rest of Kealia. This repeated the acquire-and-destroy cycle that Sun went through when they bought Cobalt networks back in 2000. In both cases they expended huge resources to expand into the x64 user space, but the existing SPARC mafia made sure the new guys knew they weren't welcome.
Maybe you're right, and Symbian isn't following the same route. But if so, why is it taking them so long to get serious about Maemo? The platforms been out since 2005!
I was thinking of project GNU. It started out as nothing more or less than creating a Unix clone. You do know what the initials stand for?
Capitalism also, does not take millions of years. It only takes a few decades of freeing an economic system from the "planned development" idea, when it shows unmistakable signs of tremendous progress.
You're talking about the transition of the former Soviet block to market economies, right? But these new economies didn't grow up out of nothing. There was a lot of interaction with the existing market economies, in the form of trade, investment, and assistance. And even so, there's still a lot of state control, especially in Russia. They just don't bother justifying it with a lot of pseudo-socialist ideology.
Anyway, we're not talking about the shift from socialism to market economies in a planet already dominated by the latter. We're talking about about the invention of modern capitalism. And that took centuries. A thousand years ago, the western world was dominated by feudalism, with very little trade and nothing resembling modern currency. The change arguably started around 1200, and capitalism didn't become the dominant way of doing business until maybe the 1600s. Feudalism fought this trend every inch of the way, and didn't really disappear until the 19th century.
I don't take evolution lightly. I just don't think it's a model for any project that has to complete in a single lifetime.