The AC made the point. Yeah, taking the quick jab at the lack of features weakened what I was saying, but I couldn't help it.
The poster who made the initial statement said that the Macbook and Macbook Air were roughly comparable in price. While such a statement is subjective, not many people would suggest that a $450 price difference or such a large percentage difference is really comparable at the price points we're discussing.
You can always figure out which ones are affected by the Jobsian Reality Distortion Field.
The cheapest Macbook Air is $1799. The cheapest Macbook with an extra 1GB of RAM (to bring it up to the 2GB that the Air has) is $1249. I don't consider that even remotely "comparable."
Of course it's hard to make a fair comparison. That extra $450 gets you 400mhz less, no optical drive, and fewer ports.
Perhaps it is right according to the letter of the law, but it's still troubling. As it stands, the government can seemingly declare any potentially unconstitutional act as "top secret" and they get no oversight. We can't even get the courts to take a look at it, because we don't know the details of the act. It's really quite disturbing.
You either get proper and secure encryption, or you don't. Are you one of those "It's always black-and-white," kind of people? There are shades of gray, you know.
Loosing... Loosing... I don't want to be a grammar nazi, but I do want to point out that the word is "losing." I mention this only because you typed it incorrectly twice, and if I made a similar mistake, I'd want to know about it. It's obviously irrelevant to the discussion at hand.
That's the "right" solution for some users. Key escrow gives up quite a bit of confidentiality of your data, since you are no longer the sole keeper of your keys. Well, the point is for a home user to be able to use encryption without having to worry about losing his key. It's about someone not getting turned off of encryption because he lost his key.
It is not, however, a good default. I disagree. I think it's a fine default as long as the user receives a warning that the vendor will be able to decrypt his drives if he loses his key or if the vendor is subpoenaed by a government entity.
The minute your key is not in escrow, you become suspicious. Right now, the minute you use crypto, you become suspicious (well, the minute they find out that you use crypto.) Under this scenario, someone using crypto without key escrow would be off of the radar. If a 3LA is observing you closely enough to find out that you're using crypto without key escrow, they're already suspicious of you.
I assume this guy has promoted mandatory escrow of encryption keys--and that's not what I'm suggesting at all. I'm suggesting it as default behavior from encryption vendors so that people don't lose their digital lives when they forget their password. It should obviously be optional, but a default so that people who turn it on without knowing what they're doing have a way to recover.
We're trying to get to the point where cryptography for sensitive data is ubiquitous. Who's going to use crypto in the future if the first time that they lose their key, Microsoft tells them, "Sorry. Nothing we can do for you?"
Unfortunately, this is the wrong solution. The right solution would be an escrow keystore, and informing the user of what's going on.
The GoogleBot doesn't execute JavaScript. Google listing any content from a given site means it does, to a certain point, degrade gracefully. I browse with Javascript off. I've noticed many pages (indexed from Google) which have Javascript-requirements for navigation. Usually, it's a menu bar which doesn't degrade (something I can't understand, as it's got to be easy to do.)
Also, what's your problem with JavaScript? If you ever used the Google front page (instead of your browser's quick search function or/search?q=your+query), you probably didn't mind not having to click into that textbox, now did you? JavaScript can cause some problems, but implemented sensibly (by the browser devs) it is no security threat and used responsibly (by web devs) has great benefits. With Javascript, you can do a lot of neat things, sure (though I almost always use my browser's box to search Google, so I never see the home page.) It's mostly a security thing. Your assertion that sensibly-implemented Javascript is no security threat hasn't really been tested, as there hasn't been a sensible implementation yet. People don't understand security, cross-site security, etc. and until they do, I'm going to err on the side of caution.
Besides, my mobile phone doesn't handle Javascript very well at all. Sites which don't degrade nicely aren't viewable on my phone, so it would be nice if Google didn't return those queries (particularly when I'm using Google from my phone.)
Of course, there are also problems with the design of Javascript (such as the lack of threading) but that's not a reason to avoid its use--just a reason to dislike it.
Punishing JavaScript will punish everyone using Ruby on Rails, Wordpress, or anything else that does AJAX stuff. Sure, JavaScript can be used to do bad things, but a lot of UI enhancement and "Web 2.0" stuff depends on it. Any website which requires JavaScript should be punished. Sites which degrade gracefully should not be. This would be a difficult thing to determine, however.
then webmasters would be much more diligent about keeping the crap off their sites, or at least keep a few more hapless victims out of harm's way. What is it the kids say these days? Reading comprehension for the win? I'd love to see more due diligence on the part of web admins, but the only way to really get that is to hit them where it hurts.
Lots of programs still aren't threaded. These programs just won't see much of a speed improvement with multi-core. The best you get in those situations is that the thread tends to get more CPU time overall. Keep throwing more cores at the problem--with today's software, you'll hit diminishing returns pretty quickly. It's entirely possible that tri-core is the sweet spot right now.
Not necessarily. If these processors are popular, and AMD's fab process improves to the point where there are fewer defective cores, they'll have to ship some fully-functional quad-cores with one core disabled in order to meet Phenom demand.
How about a.kids TLD with subdomains of.net.com.org, etc. Then just mirror DNS for kid-friendly sites, and don't mirror it for kid-unfriendly sites. There's not even any need to reregister all of those domains--make it automatic. massiveporno.com could exist, but massiveporno.com.kids would not. linux.com could exist, as could linux.com.kids.
There would still be things to think about--other uses for DNS besides just web portals. Do you block jabber except from.kids domains? How does mail work in this scenario? But it's an interesting idea.
Then, the only problem is figuring out who decides what can have a.kids domain. CNN? They show some pretty graphic stuff on there, sometimes. A comments thread could host a picture which is inappropriate.
You don't have to trust your peers! That's where signing comes in. I can get a download, check that it was signed by Microsoft, and refuse to install it if there's something fishy going on.
Honestly, this sort of thing is well understood--it's just hard to get users to do it. It can be done automatically, however, in some cases.
It could be done right with the correct combination of hardware, software, and keys. Use TPM to verify that the worm is valid and to verify the keys, then standard use of certificates and signing can be used to ensure that the patches aren't tampered with before they hit the drive.
Unfortunately, without the infrastructure in place, it's going to be much harder to ensure that nothing goes wrong.
Every Dell laptop I've ever gotten--4 personal ones now, and some I've used at work--has gotten loose hinges. It's not that they break (always--sometimes they do), it's that they'll get about an inch of give at the top of the LCD. That is, you can wiggle the laptop, and the top of the LCD will move freely by about an inch.
I have a feeling that it's at least partially the weight of the things. I usually only buy dense 15" screens (dense being 1920x1200 resolution) which are apparently heavier.
I'm by no means an expert on these hardware dongles, but what they usually do is act as a secure private key store. Software on the computer issues a challenge to the dongle, which then computes the response using the private key and sends that response back to the computer. The key never leaves the dongle, and is thus protected. Software spoofing would work, assuming you could get at the key.
A lot of these dongles are write-only, however. You can write a key to the device, and you can delete the key, but you can't ever read it back. This prevents attacks where a malicious user steals the fob to extract the key, or where malicious software tries to do the same. They're really quite secure.
Providing the signature is checked, they cannot be meaningfully tampered with. That's a big "providing." Someone using a third-party tool to download and install patches isn't going to be checking the signature first.
I don't usually run Windows, but for those rare instances where I need to install it, I have to say that I was always tempted by Autopatcher. And I never ran it for the reasons stated (unknown source of patches.)
What I did use was a script to download and install updates automatically. I could read the script and verify that it was doing what it claimed to be doing, and that it was getting updates from Microsoft.
Slashdot Mirror
The AC made the point. Yeah, taking the quick jab at the lack of features weakened what I was saying, but I couldn't help it.
The poster who made the initial statement said that the Macbook and Macbook Air were roughly comparable in price. While such a statement is subjective, not many people would suggest that a $450 price difference or such a large percentage difference is really comparable at the price points we're discussing.
You can always figure out which ones are affected by the Jobsian Reality Distortion Field.
The cheapest Macbook Air is $1799. The cheapest Macbook with an extra 1GB of RAM (to bring it up to the 2GB that the Air has) is $1249. I don't consider that even remotely "comparable."
Of course it's hard to make a fair comparison. That extra $450 gets you 400mhz less, no optical drive, and fewer ports.
Perhaps it is right according to the letter of the law, but it's still troubling. As it stands, the government can seemingly declare any potentially unconstitutional act as "top secret" and they get no oversight. We can't even get the courts to take a look at it, because we don't know the details of the act. It's really quite disturbing.
Context?
I assume this guy has promoted mandatory escrow of encryption keys--and that's not what I'm suggesting at all. I'm suggesting it as default behavior from encryption vendors so that people don't lose their digital lives when they forget their password. It should obviously be optional, but a default so that people who turn it on without knowing what they're doing have a way to recover.
We're trying to get to the point where cryptography for sensitive data is ubiquitous. Who's going to use crypto in the future if the first time that they lose their key, Microsoft tells them, "Sorry. Nothing we can do for you?"
Unfortunately, this is the wrong solution. The right solution would be an escrow keystore, and informing the user of what's going on.
Besides, my mobile phone doesn't handle Javascript very well at all. Sites which don't degrade nicely aren't viewable on my phone, so it would be nice if Google didn't return those queries (particularly when I'm using Google from my phone.)
Of course, there are also problems with the design of Javascript (such as the lack of threading) but that's not a reason to avoid its use--just a reason to dislike it.
It depends upon what you want to do.
Lots of programs still aren't threaded. These programs just won't see much of a speed improvement with multi-core. The best you get in those situations is that the thread tends to get more CPU time overall. Keep throwing more cores at the problem--with today's software, you'll hit diminishing returns pretty quickly. It's entirely possible that tri-core is the sweet spot right now.
Not necessarily. If these processors are popular, and AMD's fab process improves to the point where there are fewer defective cores, they'll have to ship some fully-functional quad-cores with one core disabled in order to meet Phenom demand.
How about a .kids TLD with subdomains of .net .com .org, etc. Then just mirror DNS for kid-friendly sites, and don't mirror it for kid-unfriendly sites. There's not even any need to reregister all of those domains--make it automatic. massiveporno.com could exist, but massiveporno.com.kids would not. linux.com could exist, as could linux.com.kids.
.kids domains? How does mail work in this scenario? But it's an interesting idea.
.kids domain. CNN? They show some pretty graphic stuff on there, sometimes. A comments thread could host a picture which is inappropriate.
There would still be things to think about--other uses for DNS besides just web portals. Do you block jabber except from
Then, the only problem is figuring out who decides what can have a
Yes, I was asking about the general case. Read into things much?
Is it ok to hate haters? To be intolerant of intolerance?
You don't have to trust your peers! That's where signing comes in. I can get a download, check that it was signed by Microsoft, and refuse to install it if there's something fishy going on.
Honestly, this sort of thing is well understood--it's just hard to get users to do it. It can be done automatically, however, in some cases.
It could be done right with the correct combination of hardware, software, and keys. Use TPM to verify that the worm is valid and to verify the keys, then standard use of certificates and signing can be used to ensure that the patches aren't tampered with before they hit the drive.
Unfortunately, without the infrastructure in place, it's going to be much harder to ensure that nothing goes wrong.
I'll add one bitch.
Every Dell laptop I've ever gotten--4 personal ones now, and some I've used at work--has gotten loose hinges. It's not that they break (always--sometimes they do), it's that they'll get about an inch of give at the top of the LCD. That is, you can wiggle the laptop, and the top of the LCD will move freely by about an inch.
I have a feeling that it's at least partially the weight of the things. I usually only buy dense 15" screens (dense being 1920x1200 resolution) which are apparently heavier.
Or they could have used a USB floppy drive. Honestly, this sounds like a made up story.
I'm by no means an expert on these hardware dongles, but what they usually do is act as a secure private key store. Software on the computer issues a challenge to the dongle, which then computes the response using the private key and sends that response back to the computer. The key never leaves the dongle, and is thus protected. Software spoofing would work, assuming you could get at the key.
A lot of these dongles are write-only, however. You can write a key to the device, and you can delete the key, but you can't ever read it back. This prevents attacks where a malicious user steals the fob to extract the key, or where malicious software tries to do the same. They're really quite secure.
There have always been solutions you could use to solve this problem, though. http://technet.microsoft.com/en-us/wsus/default.aspx
Toss it on a laptop, and away you go.
This doesn't solve the problem of updating a current Windows install offline.
That's partially true. You can download the WSUS server from Microsoft so that you can run your own Windows Update server.
I don't usually run Windows, but for those rare instances where I need to install it, I have to say that I was always tempted by Autopatcher. And I never ran it for the reasons stated (unknown source of patches.)
What I did use was a script to download and install updates automatically. I could read the script and verify that it was doing what it claimed to be doing, and that it was getting updates from Microsoft.