The problem is trust. You can't trust that the remote server is who they say they are. A man-in-the-middle attack (rather than just snooping) will allow someone to impersonate the remote server and read all your communications. Yes, you'll have to click-through a "Hey, the certificate is suspect!" message--but for a default setting, this could be anything. Did they upgrade the server? Deinstall and reinstall? Did the certificate expire and they had to renew it? Real, third-party-based certificates avoid these issues, meaning that you can trust that the SSL cert belongs to that domain--any suspicion on the part of your browser can be assumed to be a man-in-the-middle attack, and you can take appropriate measures.
As to IRC, I use it on a daily basis, for work and to keep up with friends. The problem is that there are too many failure points. Is the link between the networks encrypted? Is the person you're PRIVMSGing using an encrypted connection? What about EVERY person on the channel? Is the person you're talking to even who they claim to be? There is no way you can trust anything on an IRC network to be impervious to snooping.
People (like you) seem to think that encryption is some magic bullet for privacy. Here's a hint: it's not.
I hope other Internet clients (and servers) come with encryption turned on by default as well (like Web servers, email clients, IRC clients, etc). Do you understand what goes in to encrypting these things? For the web, you need a trusted certificate, or the encryption is completely useless. There's no way to have this "turned on by default." E-mail clients can turn on SSL by default--assuming the server supports it--but you've got similar issues. If the server doesn't support it, or uses an unsigned cert, it's largely irrelevant. IRC clients? Please.
All of this is transport layer, anyway. If you want true privacy, you have to encrypt the content, then transmit it encrypted, and then leave it encrypted on the disk. Because key management is hard, there is simply no way to do this "by default." Even if you had a method for assigning keys automatically, you've still got management issues. Does the user know to back the key up? Do they know to protect it?
Security is very, very hard. There aren't automated solutions out there because it's a tough problem, and because there are implications that most people would never think of.
This can have nothing to do with self-preservation. The monkey showed no preference in M&Ms until it was required to choose between two colors. It had already learned that all three colors were "safe."
This wasn't the same decision, exactly. The monkey was provided with one option he hadn't had before (at least, not before he was presented with options--remember, initially the monkey showed no preference between any of the three colors.) There are probably better ways to test this, but I wouldn't immediately dismiss it as a bad interpretation.
Cognitive dissonance is more subtle than that. It's simply trying to hold multiple, conflicting throughts in your head.
Say you staunchly believe in idea A. Someone presents you with evidence that conflicting idea B is actually true. What do you do?
The experiment suggests that you would try to rationalize idea A and stick with it. There's evidence of this all over humanity (not saying this validates the science, because it doesn't, but it's an interesting observation.)
In the experiment, the monkeys did know that all of the choices were equal (they showed no preference between the three colors early in the experiment.) That's what makes this so interesting. It was only when provided with an either-or choice that they started degrading options.
What's really interesting here is the implications on other aspects of life. Republican vs. Democrat? Creationism vs. Evolution? To war or not to war? Sports team mentality (choosing a side for no particularly good reason, but sticking with it come hell or high water.)
Don't fall into this trap! You did not purchase a license, you purchased a copy. There are huge differences in the rights you acquire when you purchase a copy vs. a license to view.
I'm not the original poster, but here are some thoughts.
Funny how everyone here hopes that the general public is unhappy with Vista so they will switch to something else Everyone here doesn't do this. Did the original poster? Did you bother to check?
But, if you have the gall to hate something that is en vogue, then all of the sudden there's something wrong with you. You didn't just express hatred of Apple products, you expressed your desire that people who like Apple have bad things happen to them. That's a might different from complaining about the operating system in a public forum.
For example, I hate Vista with a passion. I think it's the worst designed interface to come out of Microsoft since Microsoft Bob. But I don't care if you like it. My philosophy is that the individual should use what works for him. I'll go beyond that if the manufacturer is doing sleazy things that affect my personal OS choice (for example, claiming that my OS infringes on patents when there's no real evidence of it.) Otherwise, if you like using the piece of crap that is Vista, more power to you;)
But see, how can they deliver informative ads if they can't track what you're doing? If you're looking for a doohickey and search for it online, it's convenient to you (and the advertiser) if the ads which appeared for you happened to be for doohickies. But what they don't have to do is keep track of you. Entering search terms and providing ads based upon those terms and the results returned by those terms can be done statelessly. The ad conglomerates keep records of you, though. That's the difference.
That said, I don't like the ads because I don't know where they came from. It's all too easy to trick someone with an ad from a search term.
Through word of mouth and my circle of friends whom I trust, I've found a few online retailers that I trust--I trust that when I send them my money, I'll receive the product I asked for. I trust that their return policy is sound (though I verify it myself) and that returns are handled expediently and correctly. If I search for information on a brand or specific product, I'm not going to click on the ads that come up for that product because I have no prior relationship or knowledge about that company. Instead, I'm going to read about the product, and then I'm going to go to one of the retailers I trust to order it. A secondary (useful) effect of this behavior is that my personal and financial information is not all over the place.
As for GPG in the browser, you can take a look at FireGPG (http://firegpg.tuxfamily.org/) which purports to do this for GMail. Unfortunately, it requires that you install GnuPG, so it's not precisely what you were looking for. I think that someone could probably package the two together in an installer and make it a bit easier for people.
Of course, doing this removes one of the big advantages of using Gmail--the fantastic search options.
Then perhaps the original poster mis-typed when he said:
PS: I'll note that I've been saying for years that it's imperative for stand-alone personal MTAs to remain viable, and this is why. Routine, passive end-to-end encryption is the way that we make this impractical. The MTA has nothing to do with user-to-user encryption. It does have something to do with passive encryption (as in the user doesn't have to be aware of the encryption if the MTA is encrypting) but if you're just encrypting between MTAs, you're not encrypting when it hits the mbox. Likewise, if you're encrypting in the MUA, you don't have to worry about MTA encryption for content (only for headers, and even then, it's only to avoid sniffing.)
Looking back at the post, in fact, it looks like the guy just has no clue what he's talking about and is throwing around words and fragmented ideas in order to get modded up.
Getting back to the discussion at hand, it's all pretty pointless anyway, since most people won't ever encrypt their mail. If I want to e-mail someone else, I'm going to have to do it plaintext 99% of the time, and 99% of the time, I won't be able to get my peers to encrypt messages to me. Webmail makes it even less likely that someone will encrypt messages to me.
PS: I'll note that I've been saying for years that it's imperative for stand-alone personal MTAs to remain viable, and this is why. Routine, passive end-to-end encryption is the way that we make this impractical. That only stops sniffing on the wire. What about reading it while it's in your inbox?
The MUAs need to be encrypting it, and that's much harder to get mom-and-pop to do.
--snip-- The show, however, is going to be on Fox. And Fox has a history of screwing up. A list of my fears: - The show is called Dollhouse. No one who will be interested in the show is going to see it in their cablebox guide, wonder what it is, turn it on, and get hooked. The people who are going to turn it on and get hooked are 8 year old girls and soccer moms. And maybe people who saw Welcome to the Dollhouse. This means that the show must rely entirely on promotions and word-of-mouth. - Fox tends to under-promote shows. Fox also tends to move new shows to new timeslots constantly in an effort either to mitigate the damage of an apparently failing show, or to try to get new viewers. Neither of these is good for shows. - Fox tends to stick genre shows in a dead time slot. Friday nights at 8 is the norm for sci-fi. Every time it happens, I visualize an executive at Fox saying, "Hey, this is a show for geeks. Geeks have nothing better to do on a Friday night than to watch TV. Let's not clutter up the schedule by putting this somewhere where it might get a wider audience, let's just toss it on Friday." They also forget that geeks tend to DVR shows or buy them on iTunes/Unbox/Video-Site-du-Jour. This is a deadly combination that leads to devastating viewership when combined with a crappy rating system like Nielson. - It's Joss Whedon and Tim Minnear. They are cursed when it comes to Fox. - It's Joss Whedon. He commands a fairly high salary, and Dushku probably does too. The show sounds like it's going to be rampant with special effects and stunt work. This means it's going to be way more expensive than your typical hour-long drama, much less a reality show that could fill the same spot and rake in tons more money. - Did I mention that it's called Dollhouse? --snip--
I'm wary of this one. Joss tends to have good writing, even if you don't care for the content itself. He's smart, snappy, and witty. But there's a lot going against this show, and I'm not sure it's going to last much longer than the last Tim Minear project on Fox.
I love pf quite a bit--it's one of the reasons I prefer FreeBSD to Linux. That said, it's simply not true to state that it has more functionality than Netfilter (what most Linux users call iptables.) Netfilter has lots of modules that let you do a ton of really absurd and esoteric networking. pf can do a lot of stuff, and it's blazingly fast and simple, but it's not nearly as extensible or functional (when you consider the Netfilter mods.)
Suing individual downloaders is just impractical. There has yet to be a precedent in the courts determining whether or not downloading is also making a copy of a copyrighted work.
It was also, almost certainly a mistake. Compare to most copyright infringement, which is almost always willful.
The band absolutely deserves every cent that EMI made selling their music. They might even deserve a bit extra. But to suggest that this was intentional without knowing for sure is really pretty silly. "Never attribute to malice that which is easily attributed to stupidity," and all that jazz.
What's more interesting to me is the intellectual masturbation that this can generate. The customers didn't know that they were buying illegal songs. They expected, due to the distribution mechanism, legal downloads.
What about people on p2p? They tend to expect illegal downloads, but some bands such as NIN have released music on these networks. How can anyone differentiate between legitimate and illegitimate downloads?
Ah, and so it comes out. What you don't realize is that we can audit sudo for security. We can't do the same for UAC. That's where the difference is.
What's more, if we don't feel like auditing sudo completely, we can at least audit the (rather short) code path from execution to password request. It really is a very small amount of code (yes, I've looked at it) and let's face it--it's the part that matters most from a security perspective. Once you've entered your password, the game's pretty much over.
*shrug*
I'm not sure who doesn't understand security at this point, but I'm growing tired of your insipid Microsoft fanboyism. See? I can call names too.
Good day. I wish I could say good discussion, but you've been pretty belligerent the whole way through.
There is no contradiction in making a broad statement and then listing the exceptions. Don't get so caught up trying to prove the other guy wrong that you aren't logical.
Most hardware is in an uninitialized state when the computer boots. By extending your reasoning, that hardware shouldn't be touched either?
That's stupid. Linux (and operating systems in general) have mucked around with hardware since they were invented. Older versions of X would destroy monitors if they didn't apply sane defaults to the video card. And now, hard drives are destroying themselves when this stupid power mode turns on.
Hence, the only difference between Vista and the *NIX systems in this regard is that on Vista it's much more comfortable and much faster (one click). Security-wise, there's no real difference. Incidentally, if you aren't in the Administrators group on Vista, you do have to enter your password. I'd consider that a slight security enhancement. If a bug in UAC is ever discovered which allows for the program to simulate a click on the UAC control, it would mean the difference between a rooted system and a secure one.
Anyway. I took most umbrage at the notion that Vista's security was something that "OS X and Linux don't even come close" to. Vista took cues from OS X and Linux, and managed to handle it in a way that didn't break most applications that assume Admin privileges. I don't think they really improved on the concept, though.
Yes, but the amount of protection you get is based almost solely upon your knowledge as a user. Here's a hint: most of the people out there are click-happy idiots.
I think where we really got off track was in post #21085803, where you suggested that That's the brilliance of the solution. OS X and Linux don't even come close to this. The semantics argument over what qualifies as administrator devolved from there, but you've successfully brought the original point back into focus.Anyway, the point is that on Vista people run as non-admins by default Semantics aside, the essence here is true. That is, you can't just perform administrative actions willy-nilly, or more specifically, malware can't do it. It requires that extra click.
Of course, the same can be said of OS X and Linux.
and can easily elevate with per-app granularity. And again, the same can be said of OS X and Linux.
Vista's UAC works and it's orders of magnitude more secure than XP. Again, only if you've got a clue.
Of course, most people with clues won't get infected in the first place. I used XP for years with no outward signs of infection (that is, no unaccounted for traffic in the external firewall logs.) If there was malware, it wasn't talking to the outside world, and it didn't delete anything that I noticed. That leaves a very small group of people who will notice UAC and use it correctly--that is, people who know enough to know that they didn't perform an action, and they don't just want to get back to what they were doing enough to click "Continue." In my years in IT, I've come to the conclusion that most people don't fall into this category.
Slashdot Mirror
The problem is trust. You can't trust that the remote server is who they say they are. A man-in-the-middle attack (rather than just snooping) will allow someone to impersonate the remote server and read all your communications. Yes, you'll have to click-through a "Hey, the certificate is suspect!" message--but for a default setting, this could be anything. Did they upgrade the server? Deinstall and reinstall? Did the certificate expire and they had to renew it? Real, third-party-based certificates avoid these issues, meaning that you can trust that the SSL cert belongs to that domain--any suspicion on the part of your browser can be assumed to be a man-in-the-middle attack, and you can take appropriate measures.
As to IRC, I use it on a daily basis, for work and to keep up with friends. The problem is that there are too many failure points. Is the link between the networks encrypted? Is the person you're PRIVMSGing using an encrypted connection? What about EVERY person on the channel? Is the person you're talking to even who they claim to be? There is no way you can trust anything on an IRC network to be impervious to snooping.
All of this is transport layer, anyway. If you want true privacy, you have to encrypt the content, then transmit it encrypted, and then leave it encrypted on the disk. Because key management is hard, there is simply no way to do this "by default." Even if you had a method for assigning keys automatically, you've still got management issues. Does the user know to back the key up? Do they know to protect it?
Security is very, very hard. There aren't automated solutions out there because it's a tough problem, and because there are implications that most people would never think of.
This can have nothing to do with self-preservation. The monkey showed no preference in M&Ms until it was required to choose between two colors. It had already learned that all three colors were "safe."
This wasn't the same decision, exactly. The monkey was provided with one option he hadn't had before (at least, not before he was presented with options--remember, initially the monkey showed no preference between any of the three colors.) There are probably better ways to test this, but I wouldn't immediately dismiss it as a bad interpretation.
Cognitive dissonance is more subtle than that. It's simply trying to hold multiple, conflicting throughts in your head.
Say you staunchly believe in idea A. Someone presents you with evidence that conflicting idea B is actually true. What do you do?
The experiment suggests that you would try to rationalize idea A and stick with it. There's evidence of this all over humanity (not saying this validates the science, because it doesn't, but it's an interesting observation.)
In the experiment, the monkeys did know that all of the choices were equal (they showed no preference between the three colors early in the experiment.) That's what makes this so interesting. It was only when provided with an either-or choice that they started degrading options.
What's really interesting here is the implications on other aspects of life. Republican vs. Democrat? Creationism vs. Evolution? To war or not to war? Sports team mentality (choosing a side for no particularly good reason, but sticking with it come hell or high water.)
Google "The Paradox of Choice." It doesn't make logical sense, but then, lots of things don't.
NO NO NO!
Don't fall into this trap! You did not purchase a license, you purchased a copy. There are huge differences in the rights you acquire when you purchase a copy vs. a license to view.
Geez, everyone seems to have missed the joke.
They were accused of using school funds for personal gain.
They're now using school funds to fund personal lawsuits.
For example, I hate Vista with a passion. I think it's the worst designed interface to come out of Microsoft since Microsoft Bob. But I don't care if you like it. My philosophy is that the individual should use what works for him. I'll go beyond that if the manufacturer is doing sleazy things that affect my personal OS choice (for example, claiming that my OS infringes on patents when there's no real evidence of it.) Otherwise, if you like using the piece of crap that is Vista, more power to you
Interesting links, and definitely something I'll have to check out. Thanks!
That said, I don't like the ads because I don't know where they came from. It's all too easy to trick someone with an ad from a search term.
Through word of mouth and my circle of friends whom I trust, I've found a few online retailers that I trust--I trust that when I send them my money, I'll receive the product I asked for. I trust that their return policy is sound (though I verify it myself) and that returns are handled expediently and correctly. If I search for information on a brand or specific product, I'm not going to click on the ads that come up for that product because I have no prior relationship or knowledge about that company. Instead, I'm going to read about the product, and then I'm going to go to one of the retailers I trust to order it. A secondary (useful) effect of this behavior is that my personal and financial information is not all over the place.
Yeah, it was probably MUA/MTA confusion.
As for GPG in the browser, you can take a look at FireGPG (http://firegpg.tuxfamily.org/) which purports to do this for GMail. Unfortunately, it requires that you install GnuPG, so it's not precisely what you were looking for. I think that someone could probably package the two together in an installer and make it a bit easier for people.
Of course, doing this removes one of the big advantages of using Gmail--the fantastic search options.
Looking back at the post, in fact, it looks like the guy just has no clue what he's talking about and is throwing around words and fragmented ideas in order to get modded up.
Getting back to the discussion at hand, it's all pretty pointless anyway, since most people won't ever encrypt their mail. If I want to e-mail someone else, I'm going to have to do it plaintext 99% of the time, and 99% of the time, I won't be able to get my peers to encrypt messages to me. Webmail makes it even less likely that someone will encrypt messages to me.
The MUAs need to be encrypting it, and that's much harder to get mom-and-pop to do.
Here's my rant on this one.
--snip--
The show, however, is going to be on Fox. And Fox has a history of screwing up. A list of my fears:
- The show is called Dollhouse. No one who will be interested in the show is going to see it in their cablebox guide, wonder what it is, turn it on, and get hooked. The people who are going to turn it on and get hooked are 8 year old girls and soccer moms. And maybe people who saw Welcome to the Dollhouse. This means that the show must rely entirely on promotions and word-of-mouth.
- Fox tends to under-promote shows. Fox also tends to move new shows to new timeslots constantly in an effort either to mitigate the damage of an apparently failing show, or to try to get new viewers. Neither of these is good for shows.
- Fox tends to stick genre shows in a dead time slot. Friday nights at 8 is the norm for sci-fi. Every time it happens, I visualize an executive at Fox saying, "Hey, this is a show for geeks. Geeks have nothing better to do on a Friday night than to watch TV. Let's not clutter up the schedule by putting this somewhere where it might get a wider audience, let's just toss it on Friday." They also forget that geeks tend to DVR shows or buy them on iTunes/Unbox/Video-Site-du-Jour. This is a deadly combination that leads to devastating viewership when combined with a crappy rating system like Nielson.
- It's Joss Whedon and Tim Minnear. They are cursed when it comes to Fox.
- It's Joss Whedon. He commands a fairly high salary, and Dushku probably does too. The show sounds like it's going to be rampant with special effects and stunt work. This means it's going to be way more expensive than your typical hour-long drama, much less a reality show that could fill the same spot and rake in tons more money.
- Did I mention that it's called Dollhouse?
--snip--
I'm wary of this one. Joss tends to have good writing, even if you don't care for the content itself. He's smart, snappy, and witty. But there's a lot going against this show, and I'm not sure it's going to last much longer than the last Tim Minear project on Fox.
I love pf quite a bit--it's one of the reasons I prefer FreeBSD to Linux. That said, it's simply not true to state that it has more functionality than Netfilter (what most Linux users call iptables.) Netfilter has lots of modules that let you do a ton of really absurd and esoteric networking. pf can do a lot of stuff, and it's blazingly fast and simple, but it's not nearly as extensible or functional (when you consider the Netfilter mods.)
Suing individual downloaders is just impractical. There has yet to be a precedent in the courts determining whether or not downloading is also making a copy of a copyrighted work.
It was also, almost certainly a mistake. Compare to most copyright infringement, which is almost always willful.
The band absolutely deserves every cent that EMI made selling their music. They might even deserve a bit extra. But to suggest that this was intentional without knowing for sure is really pretty silly. "Never attribute to malice that which is easily attributed to stupidity," and all that jazz.
What's more interesting to me is the intellectual masturbation that this can generate. The customers didn't know that they were buying illegal songs. They expected, due to the distribution mechanism, legal downloads.
What about people on p2p? They tend to expect illegal downloads, but some bands such as NIN have released music on these networks. How can anyone differentiate between legitimate and illegitimate downloads?
Ah, and so it comes out. What you don't realize is that we can audit sudo for security. We can't do the same for UAC. That's where the difference is.
What's more, if we don't feel like auditing sudo completely, we can at least audit the (rather short) code path from execution to password request. It really is a very small amount of code (yes, I've looked at it) and let's face it--it's the part that matters most from a security perspective. Once you've entered your password, the game's pretty much over.
*shrug*
I'm not sure who doesn't understand security at this point, but I'm growing tired of your insipid Microsoft fanboyism. See? I can call names too.
Good day. I wish I could say good discussion, but you've been pretty belligerent the whole way through.
Please do. Make sure you end with, "you still have to enter your password." A bug in sudo can't allow malware to just click right past the prompt.
There is no contradiction in making a broad statement and then listing the exceptions. Don't get so caught up trying to prove the other guy wrong that you aren't logical.
Most hardware is in an uninitialized state when the computer boots. By extending your reasoning, that hardware shouldn't be touched either?
That's stupid. Linux (and operating systems in general) have mucked around with hardware since they were invented. Older versions of X would destroy monitors if they didn't apply sane defaults to the video card. And now, hard drives are destroying themselves when this stupid power mode turns on.
Anyway. I took most umbrage at the notion that Vista's security was something that "OS X and Linux don't even come close" to. Vista took cues from OS X and Linux, and managed to handle it in a way that didn't break most applications that assume Admin privileges. I don't think they really improved on the concept, though.
I think where we really got off track was in post #21085803, where you suggested that That's the brilliance of the solution. OS X and Linux don't even come close to this. The semantics argument over what qualifies as administrator devolved from there, but you've successfully brought the original point back into focus. Anyway, the point is that on Vista people run as non-admins by default Semantics aside, the essence here is true. That is, you can't just perform administrative actions willy-nilly, or more specifically, malware can't do it. It requires that extra click.
Of course, the same can be said of OS X and Linux. and can easily elevate with per-app granularity. And again, the same can be said of OS X and Linux. Vista's UAC works and it's orders of magnitude more secure than XP. Again, only if you've got a clue.
Of course, most people with clues won't get infected in the first place. I used XP for years with no outward signs of infection (that is, no unaccounted for traffic in the external firewall logs.) If there was malware, it wasn't talking to the outside world, and it didn't delete anything that I noticed. That leaves a very small group of people who will notice UAC and use it correctly--that is, people who know enough to know that they didn't perform an action, and they don't just want to get back to what they were doing enough to click "Continue." In my years in IT, I've come to the conclusion that most people don't fall into this category.