Everyone wants something different. Here's my list:
1) Digitally remastered original series. Some cleanup of the animation (using computers) would be nice, but no recreations, please (as reference, see the Jawa scenes in Ep 4 and Cloud City in Ep 5).
2) The/option/ to have the new CG in place with the old story (i.e. Han shoots first, no extra scenes added).
3) The/option/ to have the new CG with the new story, but keeping all the old characters (i.e. no Hayden at the end of Jedi).
4) The/option/ to have the new CG, new story, and new characters.
In my pipe dream, this would all be on one disc. But I'd take them on multiples if I could just have a guarantee of number 1. Also, all of the above should be in anamorphic widescreen.
Maybe I'm too picky. I'd definitely take any of 2-4 above if I could have 1 as well.
This is freaking ILM we're talking about. If they can't undo the changes they made from the Special Edition 'masters' (whether they're in digital form or actually some type of celluloid, I don't know) then I'll eat my non-SE VHS tapes. These people are masters at digital manipulation and restoration. There is simply no way that they are incapable of recreating the originals using the SE versions as a base + laserdisc (for reference).
Not that I advocate the destruction of the world as we know it, but only people who have something to fear in the afterlife have any reason to fear being instantly compressed into a virtual nothingness.
Of course, if it wasn't instantaneous, then I guess it could hurt a lot. I dunno. Not a big physics guy, personally.
Plenty of people go day-to-day with Linux and never see the errors you're reporting.
My biggest beef with X Linux distro is that it's a painful job to get it to interoperate with other computers in many ways. Setting up Samba isn't one-touch like it is in Windows, and don't even get me started on WPA. I run Linux-only on my main machine and FreeBSD-only on my work machine. I might get an unexplained error once every couple of months, but it definitely feels longer. Meanwhile, my wife's Windows box crashes constantly, and if she logs in as Administrator, it never ceases (literally) to ask if we want to send a debug report to Microsoft. She actually has to drag it down below the taskbar to hide it so she can muck with whatever she needs to as Administrator.
I'm not trying to rally up the pro-Linux/anti-Microsoft camp--I'm just making a point. Most of the time, nobody sees problems with Linux that aren't attributed to user-error. That's not to say that it shouldn't handle user-error more gracefully or be more compatible with standards, but most of the specific issues you're listing are uncommon.
I won't speak to the first flaw, as I didn't read it and it's just a DoS.
As to the second, you should have read the second part of that article:
The problem isn't directly related to the algorithm or WPA initialization process, but is instead tied to the simple fact that the process can be reproduced. This fact, combined with the reality that most users select poor passwords, provides an opportunity that can be exploited. (emphasis mine).
They're just talking about brute-forcing the password. Rainbow tables speed that up a lot, but if you don't have the password in your dictionary, you aren't getting it.
As to your last question, of course. If you don't trust your password, use VPN to the wireless access point or something similar, with whatever form of trusted authentication you like.
That still used a dictionary attack, I believe. A random string of characters shouldn't be as easily crackable, and using a non-precomputed SSID helps, too.
How is he backtracking? The newsforge article you quoted even points out that it was a video. They could have tried a dozen times before they got it right, but once they get it right, it happens in under a minute. Now if that's the exploit, it's not really a great one or a particularly big deal--yet. But if his suspicions are true and the exploit can be made more precise, then it/could/ be a problem.
Also, the point of the Blackhat/Defcon talk was actually not about proving Macs are vulnerable--it was about proving that/drivers/ are vulnerable. They chose a Mac because they were tired of all the "Macs are secure" bullshit, and thus the huge media backlash has really distorted the original message: that with wireless getting longer and longer range, it's going to be easier and easier to root insecure drivers without even necessarily being connected to a network.
Did you read the relevant articles? The challenge didn't allow for more than one attempt, that I could see, whereas here's Johnny (heh) saying that it could take multiple attempts to exploit the race condition correctly (since it's timing based and they haven't implemented it with RTC).
It's interesting that we learn this now because it gives (another|the real) reason they didn't demo the exploit at Blackhat/Defcon: it might not have worked. I wonder how many takes they had to do to get the exploit to work on camera....
There are all sorts of reasons to target people who use Google:
1) They probably have a computer. That they are using Google Calendar means that they are probably/slightly/ more geeky than the average person, so they probably have other electronics.
2) They use it to plan/events/ which are probably not at their/home/.
Also, try logging into Google Calendar and searching for whatever city you live in. For me, Houston, TX showed a bunch of people, many with full names and travel/event schedules that they plan on attending. Doesn't seem to be that hard, unless maybe you live in a smaller town.
Anyway, as other people have said, this is nothing new. If you broadcast to people when you'll be out of your house, you put your belongings at more risk.
There are multiple issues here that everyone is confusing.
1) Microsoft DRM, a crack for which was released and linked to on Slashdot. 2) Apple DRM, a crack for which was released a few years ago, which prompted a race between Apple and the cracker to fix the problem/re-crack.
and
1) Using a Windows tool to crack (Windows users). 2) Using an Apple tool to crack (Apple users).
Microsoft has a huge lead in the OS market, no doubt about that. Nevertheless, Apple has a huge lead in the downloadable-music market. For the purposes of talking about "who is more likely to break DRM", it's definitely Windows users because they have the marketshare in that department. But for the purposes of "which DRM is more likely to get cracked", Apple 'wins'.
Of course, from an analytical standpoint, it's moot. The two tools on which Slashdot reported ran Windows, I believe, meaning only Windows users would be doing the cracking. Therefore we only care about which type of DRM is being cracked. Far fewer people are likely to crack Microsoft DRM because far fewer people use it. Releasing information about that tool is, in a sense, less dangerous.
"That bad" depends on what your needs are. Ubuntu seems to "Just work" for a lot of stuff that needed coaxing before. It's sorely lacking on the WPA-Enterprise front, which is a shame. Ubuntu has a nice package manager, though you have to tweak the sources.list file to get non-Ubuntu supported packages on there. You can always compile from source, of course. I think that the only tweaks I've really had to make are the alsa-oss one to get Flash working and sources.list. Currently on my "things that don't work list" are WPA (specific to Ubuntu--I can connect to my office wireless WPA-Radius with Gentoo) and Cedega/SATA CDrom (Transgaming claims that this is a problem with the Linux kernel--I have a suspicion that they're passing the buck--nevertheless it's a "problem with Linux" if you have a hardware setup similar to mine and you want to use Cedega).
Of course, Macs aren't (yet) better on that last bit, though Parallels is promising "full speed" DirectX and OpenGL in an upcoming version of their virtualization software. Other companies are talking about Windows emulation on the Mac, too, and since it's got a higher workstation/personal use marketshare than Linux, I'm willing to believe it. That's one reason I'm tempted to switch: I can run any OS I want on the Mac under the virtualizer while having a stable, supported solution for my everyday tasks (web browsing with multimedia, legitimate DVD player, ssh, word processing, simple network connectivity, etc.)
Of course, all that comes at a hefty price tag, but more and more, I'm thinking it's worth it. As soon as both the Core 2 Duo gets put in the Macbook Pro and Parallels announces 3D card support, I'll probably be down a couple grand on a Mac.
I definitely think that Linux (in its current state) is for tweakers and fiddlers. I used to take great joy in tinkering and getting things to work under Linux and other OSS operating systems. That joy is starting to wane as I get older and my time becomes more valuable (working >40 hours/week does that, I think). At this point, I think I'd rather things just work rather than changing options in a configuration file and messing with my OS to try to get something simple like synchronized audio and video working. My current issue is with WPA/WPA2-Radius. In Windows, it works great with my router. In Linux, I constantly lose my association before I can even grab an IP (though the logs on the server side indicate successful Radius authentication).
I'm thinking of making The Switch to OS X. My peers seem to think that it's the perfect balance of tinker/tweak and things simply working. It's gotta be better than reinstalling Windows all the time or fighting with Linux to get my wireless working....
You can get in-sync audio by using alsa-oss. I'm sure if you Google around, you'll find the solution to your problem.
The out-of-sync sound on Linux annoyed me to no end until I installed Ubuntu on a notebook to see what all the fuss was about. I was having problems getting Flash sound to play/at/all/ and hit the forums--sure enough, there was a solution to that/and/ the sync issue. I was ecstatic!
Allegedly (from sources quoting Lucas) the DVDs are transfers from the laserdisc versions in letterbox (non-anamorphic) widescreen. They won't be cleaned up at all--basically, they'll just be dumped onto DVD in yet another money grab. Maybe in a few years they'll release the 'superdupercleantransfer' and get even more money from people.
I haven't decided whether or not I'll be buying this one, but I'm leaning towards a big fat "NO."
I'm a big fan of cleaning up the artifacts and even redoing special effects, so long as the story remains the same.
I know a lot of people (myself included) who refuse to purchase Star Wars until the originals are released on DVD. It looks like that's going to happen soon, but not in a particularly satisfactory way.
So? I update while I'm doing other tasks, and I don't always want to stop doing those tasks so that the machine can (forcibly) reboot in 5 minutes. Not having the option to delay the reboot is absurd.
1) Would be really nice, though I wonder if 802.11n will trounce all over the entire spectrum that 802.11b uses.
2) This is not true. Aside from high-end units that are out of most consumer's price range, there is an Asus WAP that can broadcast multiple SSIDs and have separate security settings for each. In theory, this would mean you could have WPA-Radius encryption on one SSID and have a WEP encryption SSID for your Nintendo DS. I think the model is WL-500g Deluxe--it's hard to come by right now.
Everyone wants something different. Here's my list:
/option/ to have the new CG in place with the old story (i.e. Han shoots first, no extra scenes added).
/option/ to have the new CG with the new story, but keeping all the old characters (i.e. no Hayden at the end of Jedi).
/option/ to have the new CG, new story, and new characters.
1) Digitally remastered original series. Some cleanup of the animation (using computers) would be nice, but no recreations, please (as reference, see the Jawa scenes in Ep 4 and Cloud City in Ep 5).
2) The
3) The
4) The
In my pipe dream, this would all be on one disc. But I'd take them on multiples if I could just have a guarantee of number 1. Also, all of the above should be in anamorphic widescreen.
Maybe I'm too picky. I'd definitely take any of 2-4 above if I could have 1 as well.
I gotta call bullshit.
This is freaking ILM we're talking about. If they can't undo the changes they made from the Special Edition 'masters' (whether they're in digital form or actually some type of celluloid, I don't know) then I'll eat my non-SE VHS tapes. These people are masters at digital manipulation and restoration. There is simply no way that they are incapable of recreating the originals using the SE versions as a base + laserdisc (for reference).
Not that I advocate the destruction of the world as we know it, but only people who have something to fear in the afterlife have any reason to fear being instantly compressed into a virtual nothingness.
Of course, if it wasn't instantaneous, then I guess it could hurt a lot. I dunno. Not a big physics guy, personally.
Plenty of people go day-to-day with Linux and never see the errors you're reporting.
My biggest beef with X Linux distro is that it's a painful job to get it to interoperate with other computers in many ways. Setting up Samba isn't one-touch like it is in Windows, and don't even get me started on WPA. I run Linux-only on my main machine and FreeBSD-only on my work machine. I might get an unexplained error once every couple of months, but it definitely feels longer. Meanwhile, my wife's Windows box crashes constantly, and if she logs in as Administrator, it never ceases (literally) to ask if we want to send a debug report to Microsoft. She actually has to drag it down below the taskbar to hide it so she can muck with whatever she needs to as Administrator.
I'm not trying to rally up the pro-Linux/anti-Microsoft camp--I'm just making a point. Most of the time, nobody sees problems with Linux that aren't attributed to user-error. That's not to say that it shouldn't handle user-error more gracefully or be more compatible with standards, but most of the specific issues you're listing are uncommon.
I won't speak to the first flaw, as I didn't read it and it's just a DoS.
As to the second, you should have read the second part of that article:
The problem isn't directly related to the algorithm or WPA initialization process, but is instead tied to the simple fact that the process can be reproduced. This fact, combined with the reality that most users select poor passwords, provides an opportunity that can be exploited.
(emphasis mine).
They're just talking about brute-forcing the password. Rainbow tables speed that up a lot, but if you don't have the password in your dictionary, you aren't getting it.
As to your last question, of course. If you don't trust your password, use VPN to the wireless access point or something similar, with whatever form of trusted authentication you like.
That still used a dictionary attack, I believe. A random string of characters shouldn't be as easily crackable, and using a non-precomputed SSID helps, too.
Also, WPA2 has the exact same vulnerability.
I've never been able to get wpa_supplicant to work on a Linux client while using FreeRADIUS on the OpenWRT. Any secrets I'm missing?
Works fine with Windows. I sadly don't have a Mac to test it with.
Yes, now. Originally, the challenge did not grant an hour.
Cool. That closes that particular loophole.
Well, in all fairness, they've answered it. They just haven't proven it.
How is he backtracking? The newsforge article you quoted even points out that it was a video. They could have tried a dozen times before they got it right, but once they get it right, it happens in under a minute. Now if that's the exploit, it's not really a great one or a particularly big deal--yet. But if his suspicions are true and the exploit can be made more precise, then it /could/ be a problem.
/drivers/ are vulnerable. They chose a Mac because they were tired of all the "Macs are secure" bullshit, and thus the huge media backlash has really distorted the original message: that with wireless getting longer and longer range, it's going to be easier and easier to root insecure drivers without even necessarily being connected to a network.
Also, the point of the Blackhat/Defcon talk was actually not about proving Macs are vulnerable--it was about proving that
Did you read the relevant articles? The challenge didn't allow for more than one attempt, that I could see, whereas here's Johnny (heh) saying that it could take multiple attempts to exploit the race condition correctly (since it's timing based and they haven't implemented it with RTC).
It's interesting that we learn this now because it gives (another|the real) reason they didn't demo the exploit at Blackhat/Defcon: it might not have worked. I wonder how many takes they had to do to get the exploit to work on camera....
Right. This guy is trying to get people to not do that, or at least think about what they're posting before they do.
There are all sorts of reasons to target people who use Google:
/slightly/ more geeky than the average person, so they probably have other electronics.
/events/ which are probably not at their /home/.
1) They probably have a computer. That they are using Google Calendar means that they are probably
2) They use it to plan
Also, try logging into Google Calendar and searching for whatever city you live in. For me, Houston, TX showed a bunch of people, many with full names and travel/event schedules that they plan on attending. Doesn't seem to be that hard, unless maybe you live in a smaller town.
Anyway, as other people have said, this is nothing new. If you broadcast to people when you'll be out of your house, you put your belongings at more risk.
There are multiple issues here that everyone is confusing.
1) Microsoft DRM, a crack for which was released and linked to on Slashdot.
2) Apple DRM, a crack for which was released a few years ago, which prompted a race between Apple and the cracker to fix the problem/re-crack.
and
1) Using a Windows tool to crack (Windows users).
2) Using an Apple tool to crack (Apple users).
Microsoft has a huge lead in the OS market, no doubt about that. Nevertheless, Apple has a huge lead in the downloadable-music market. For the purposes of talking about "who is more likely to break DRM", it's definitely Windows users because they have the marketshare in that department. But for the purposes of "which DRM is more likely to get cracked", Apple 'wins'.
Of course, from an analytical standpoint, it's moot. The two tools on which Slashdot reported ran Windows, I believe, meaning only Windows users would be doing the cracking. Therefore we only care about which type of DRM is being cracked. Far fewer people are likely to crack Microsoft DRM because far fewer people use it. Releasing information about that tool is, in a sense, less dangerous.
Or maybe I just like to argue.
"That bad" depends on what your needs are. Ubuntu seems to "Just work" for a lot of stuff that needed coaxing before. It's sorely lacking on the WPA-Enterprise front, which is a shame. Ubuntu has a nice package manager, though you have to tweak the sources.list file to get non-Ubuntu supported packages on there. You can always compile from source, of course. I think that the only tweaks I've really had to make are the alsa-oss one to get Flash working and sources.list. Currently on my "things that don't work list" are WPA (specific to Ubuntu--I can connect to my office wireless WPA-Radius with Gentoo) and Cedega/SATA CDrom (Transgaming claims that this is a problem with the Linux kernel--I have a suspicion that they're passing the buck--nevertheless it's a "problem with Linux" if you have a hardware setup similar to mine and you want to use Cedega).
Of course, Macs aren't (yet) better on that last bit, though Parallels is promising "full speed" DirectX and OpenGL in an upcoming version of their virtualization software. Other companies are talking about Windows emulation on the Mac, too, and since it's got a higher workstation/personal use marketshare than Linux, I'm willing to believe it. That's one reason I'm tempted to switch: I can run any OS I want on the Mac under the virtualizer while having a stable, supported solution for my everyday tasks (web browsing with multimedia, legitimate DVD player, ssh, word processing, simple network connectivity, etc.)
Of course, all that comes at a hefty price tag, but more and more, I'm thinking it's worth it. As soon as both the Core 2 Duo gets put in the Macbook Pro and Parallels announces 3D card support, I'll probably be down a couple grand on a Mac.
I definitely think that Linux (in its current state) is for tweakers and fiddlers. I used to take great joy in tinkering and getting things to work under Linux and other OSS operating systems. That joy is starting to wane as I get older and my time becomes more valuable (working >40 hours/week does that, I think). At this point, I think I'd rather things just work rather than changing options in a configuration file and messing with my OS to try to get something simple like synchronized audio and video working. My current issue is with WPA/WPA2-Radius. In Windows, it works great with my router. In Linux, I constantly lose my association before I can even grab an IP (though the logs on the server side indicate successful Radius authentication).
I'm thinking of making The Switch to OS X. My peers seem to think that it's the perfect balance of tinker/tweak and things simply working. It's gotta be better than reinstalling Windows all the time or fighting with Linux to get my wireless working....
You can get in-sync audio by using alsa-oss. I'm sure if you Google around, you'll find the solution to your problem.
/at/all/ and hit the forums--sure enough, there was a solution to that /and/ the sync issue. I was ecstatic!
The out-of-sync sound on Linux annoyed me to no end until I installed Ubuntu on a notebook to see what all the fuss was about. I was having problems getting Flash sound to play
A friend of mine has those. They're not awful, but they're not great.
I don't buy that it's $90 a movie. Not even Lucas has balls that big. Are you sure it's not $30/movie, $90 for the set?
Allegedly (from sources quoting Lucas) the DVDs are transfers from the laserdisc versions in letterbox (non-anamorphic) widescreen. They won't be cleaned up at all--basically, they'll just be dumped onto DVD in yet another money grab. Maybe in a few years they'll release the 'superdupercleantransfer' and get even more money from people.
I haven't decided whether or not I'll be buying this one, but I'm leaning towards a big fat "NO."
I'm a big fan of cleaning up the artifacts and even redoing special effects, so long as the story remains the same.
I know a lot of people (myself included) who refuse to purchase Star Wars until the originals are released on DVD. It looks like that's going to happen soon, but not in a particularly satisfactory way.
So? I update while I'm doing other tasks, and I don't always want to stop doing those tasks so that the machine can (forcibly) reboot in 5 minutes. Not having the option to delay the reboot is absurd.
OpenWRT (my preferred WRT54G firmware) has this scheduled, but not implemented.
https://dev.openwrt.org/ticket/16 The ASUS firmware has it implemented, as does (supposedly) DD-Wrt.
1) Would be really nice, though I wonder if 802.11n will trounce all over the entire spectrum that 802.11b uses.
2) This is not true. Aside from high-end units that are out of most consumer's price range, there is an Asus WAP that can broadcast multiple SSIDs and have separate security settings for each. In theory, this would mean you could have WPA-Radius encryption on one SSID and have a WEP encryption SSID for your Nintendo DS. I think the model is WL-500g Deluxe--it's hard to come by right now.