Well, to be fair, the DMCA doesn't require that the entire site be removed. It only requires that the infringing file be removed. Yahoo is going above and beyond by removing as much as they are.
People here can't seem to think outside themselves and understand that their knowledge of Linux goes beyond most people's knowledge of any given operating environment.
I guess that it depends upon the setup. Most desktop users of Linux probably don't go to the lengths that you've seen--in fact, it sounds pretty cumbersome. I don't know how someone could get any useful work done if they don't have write access to their own files--and if they do have write access to their own files, then rm -rf would delete them. Having a backup is a completely separate issue, but it's one that few users who manage their own machines really think of (and for the purposes of this discussion, subversion is acting as a backup scheme--I'm sure that the users actually have populated $HOME environments with working copies of the version-controlled files, not just dot-files.)
Don't use sudo. Tell that to Ubuntu users, where root has no password by default and privilege escalation happens semi-transparently through gksudo.
This one is a big deal actually, I've seen a lot of Windows machines that are completely infested with stuff the crappy antivirus can't see, easy malware detection would make things much nicer for end users who buy don't get that there are good AVs and crap AVs, or who are naive enough to believe their OEM gave them a good one. Rootkit-like hiding is a big deal. If you can't see the process, you can't examine it to see if it's antivirus.
Polymorphic hiding (a process changing itself to avoid detection) is a separate issue, and can still be effective for hiding from antivirus. We recently found a bit of malware and submitted it to virustotal.com (which scans binaries with several up-to-date antivirus packages.) The day we submitted it, only two manufacturers thought that it was even suspicious (none knew for sure that it was a virus.) I'm wondering if this was part of the Kraken botnet, now.
If the virus can mutate faster than antivirus picks up the signatures, it will be able to stay hidden, despite the antivirus software being able to scan it. Storm does this for sure, to some degree.
Lastly, you refer to knowledgeable end-users. As a platform gains market share, it tends to gain both knowledgeable and ignorant users. The ignorant users will always be susceptible.
I believe that the contest ended when two of the three machines were cracked, so no.
So here's my full disclosure: I really like the design of OS X. I like it more than just about any Linux window manager that I've tried, and it's simply leaps and bounds beyond Windows Vista. I point this out so that any bias may be evident in what I'm about to say.
It's pretty likely that the Macbook Air was targeted because it's a more desirable computer. If I was going to participate in a hacking contest where I got to keep the computer I hacked, I'd go for the Mac first every time. Moreover, because of the perception of OS X as being so secure, there's a certain amount of prestige associated with hacking one. A couple of years ago, David Maynor hacked a Mac (instead of other operating systems which were equally vulnerable to similar exploits) for just this reason.
This competition did not show which OS was more secure--it showed which OS was hacked first. There's not necessarily a direct correlation with security, here. Scientific tests would look at things like how much time it took to actually hack the machine, not how much time from the start of the competition elapsed before the machine was hacked.
I don't know--do you really think that a Mac user is less likely to enter her/his password into the prompt just because they don't have to do it very often? And that's really beside the point, because a trojan like Kraken could spread without hiding itself (and given the lack of good anti-virus software on the Mac, it's likely that it would live longer on a Mac system without detection, all the while happily spamming away.)
it's also probably incorrect to assume that they'll become "just as bad as Windows" on a percentage basis. It's hard to speculate, however I'll try to:
There are simply things that Windows has been doing wrong, and still is doing wrong, that the others aren't. Those new Mac users have to come from somewhere. A lot will be coming from the Windows world, and thus will be accustomed to the way Windows handles things. Will they blink at an unusual password prompt? Will they practice safer computing by not opening bad attachments? No, I think that they've been conditioned by Windows, and will continue using the Windows mentality while on OS X.
I think that the biggest problem is that people don't distinguish between "secure" and "safer." I alluded to this in my post.
The second biggest problem is that people don't define what "secure" really means. In the context of trojan horses, it mostly means that the rest of the system is safe, even if the user account is wholly compromised. This is important, because it will be much easier to clean up the infection from a super-user account if the trojan can't use rootkit-like behavior to hide itself. In short, anti-virus running as root will have an easier time finding malware that isn't running as root. In this specific context, an operating system which (by default) runs as administrator is going to be less secure; however this has more to do with configuration and less to do with architecture, which is where a lot of people try to define security.
There are other contexts that you can look at, though. In most distributions of Linux, software updates are handled somewhat automatically for all software on the system. While this could be a security concern, in most cases, it's a boon to security. Did someone find a bug in Firefox? Ubuntu's daily security check will find it and ask you to install the new version. Bug in libc? Same thing. Since most software on the system will be updated in this way, security updates are more likely to be applied, and the system will, in general, be less susceptible to exploits.
Of course, all of this assumes classical malware that expects to be run as administrator. There's no particular reason that malware couldn't be written to be hard to detect from the user-account, and which waits until it can sniff a password or execute privileged code within a password-less sudo context. Malware also can do a lot of damage without hiding itself, and before the user becomes aware of its existence. This applies to just about any platform (indeed, any platform where the user is allowed to execute arbitrary code.)
In most shells, $HOME expands to/home/$USER (and note that capitalization is important--$user, which is what you typed, expands to nothing in most configurations.)
The point was that rm -rf/home/yourusername is going to be as disastrous to most people as rm -rf / because most people keep their data in their home directory. If you run a file that you got from some site somewhere, and that file runs such a command, you're going to be pretty sad (particularly if you don't have backups.)
"Running an unwanted program" was mentioned--in other words, a trojan. And it could wreak havoc on a user account, even if it couldn't compromise the entire system.
All of your suggestions differ significantly from the default configuration. It's pretty easy to tell Windows to show the real file extension. It's easy to create a new user on your Windows box, and it's easy to only log in as that user. It's easy to install software in this way (right-click, run as.)
Only we're talking about normal users here. Users who aren't going to go to these lengths to protect themselves and their computers. Nor are they going to modify the default behavior of their Linux computers, if we were to set them in front of one. We're talking about users who don't even realize that these are good things to do, so why do you expect them to do them?
AntiVirus software has been relatively useless for the past few years. They charge extra just to detect basic "non virus malware" and they still dont detect the REAL threats! Signature-based detection is on its way out, and antivirus manufacturers are not adapting well. They have some heuristics that look for weird types of files, but they're not great.
UAC isn't really a solution, either. All it does is to train the monkeys that you have to click an extra time in order to get the banana.
Education is what's needed. I no longer recommend antivirus to my family--I tell them to avoid running programs that they don't know about, not to trust any attachment that comes through the mail, and offer other suggestions for safe computing practices. Running without antivirus works to remove the perception of safe computing, making them actually think about the things that they're doing. This, incidentally, leads to actual safe computing.
It's far harder to get a linux or OSX or BSD infection going as you trigger the "you are trying to install "XXXX" enter your admin information to allow this to install for applications that are going to get it's hooks in the system. Or you get malware that starts up in your.bash_profile and sits around waiting for you to run sudo. Once you do, in almost every Linux distribution or BSD OS that I've seen, you get about 5 minutes where sudo can be run without entering a password.
But then, I touched on this when I mentioned that the only thing that not being an administrator gets you is that it's harder for malware to hide. A rogue process running as a user could quite easily cause a lot of problems, and most users won't have a clue of how to get rid of it. kill -9? Sure, until you reboot your computer. Did it modify your path? Did it modify your menus so that it looks like you're running Firefox, when instead you're running the trojan (which will probably spawn a Firefox process so that the user is none the wiser)?
Look at what most malware these days does. It's typically one of two things: either it sends spam, or it steals financial information. The former is quite possible without administrative privileges. The latter may be, depending upon where the information is stored and what is required to get access to it.
It's the difference between "this platform is inherently more secure" and "this platform is safer because it's not targeted as much." Apple's market share is rising--if it gets too high, it will likely become the target of malware authors.
Architecturally, there's little difference. However in practice, most vendors install Windows such that the default user is an administrator with no password, making it easier for malware to hide (but otherwise, not making it easier or harder for malware to get onto your machine.) Vista mitigates this slightly by ostensibly requiring an extra click from the user before modifying system files, even if the user is an administrator.
Despite what most Apple users would have you believe, the biggest reason that malware doesn't target OS X is the same reason that most game companies don't target OS X: market share. Because it's a cat-and-mouse game (malware writers vs. anti-malware writers--each always having to respond to the other), it makes much more sense to target the most common platform. Malware isn't a write-once, run for years kind of deal--it has to be constantly modified in order to escape detection. Effectively, this means that malware requires more updates than most software on a machine.
As Apple's market share grows, we'll probably see more malware target OS X. We may even see more infected machines initially, as there isn't much in the way of good Antivirus for OS X, most people don't run Antivirus software on OS X because of the perceived safety, and people are more likely to double-click dangerous files due to the perceived safety.
America's philosophy of firing people with no notice Generally speaking, at-will employment like this is one of the few rights left to the states. Each state can decide whether employers can fire their workers without notice or reason.
Also, while I understand the rightsholders wishes that the supposedly infringing material be removed as soon as possible, I do think it would have been better if the ISPs were required to notify the alleged infringer before the material is removed, not after. That's logistically problematic. At what point do you consider the alleged infringer notified? You can't simply wait for them to respond.
To be fair, Yahoo has gone above and beyond on this one. Their only requirement under the law is to remove the allegedly offending work. According to the summary, they have additionally threatened to remove this person's account.
In this, I feel that Yahoo is acting in a manner which is not in their customer's interest. Whoever made that threat probably thinks that the extra time required to deal with DMCA notices justifies removing the accounts of people who are likely to be repeat offenders. Unfortunately, they've got every right to do this, but it's certainly a pretty scary precedent which could lead to attacks on their users. Once word gets out that you can get a Yahoo account cancelled by forging a DMCA notice, the fit's going to hit the shan.
It is guilty untill proven inocent and the burden is on part of the defence. I don't know what the best solution is, but requiring that every case like this go through a lengthy civil trial is just going to swamp our already overloaded judicial system. It would be like a DOS on justice, and that's really not something we want. Legitimate civil cases would be backlogged, some criminal cases would be backlogged (meaning a lot of people would be held awaiting trial for longer), and frankly, it would just be a mess.
At the same time, I don't like the fact that any idiot can claim ownership of a work and get something that they don't like taken down.
There probably isn't a good solution, at this point, so we have to choose the lesser of the two evils, and I think that the current system is just that.
And my point was that Microsoft already had an easy way to ensure that a clean installation could be performed using an upgrade disc. Such a solution already existed, so to suggest that they "left this trick in" for this reason is kinda begging the question, only in reverse.
Since at least Windows 2000, you've been able to just pop out the disc, put in the older version to prove that you own it, then switch back and continue with the install. This gets you a clean install of the new OS while still verifying access to the older media. It takes less time, too (don't have to install the new OS twice in order to get a valid activation.)
Then "with intent to redistribute" is obviously bull, but in the legal profession, you basically try to throw as much stuff at your opponent as possible, and you see what sticks.
Strictly speaking, quantum cryptography really has nothing to do with it. Quantum cryptography has more to do with detecting when a conversation has been overheard. It's useful for transmitting session keys--if the session key conversation was overheard, just don't use those keys. If it wasn't overheard, it's fairly safe to proceed. Quantum cryptography, thus, aids in symmetric key exchange (key exchange, in general, being the hardest part of cryptography between two people--a problem solved by asymmetric keys in classical computing.)
The advent of quantum computing has ramifications on breaking cryptographic keys, however most people don't really understand what this means.
Symmetric key attacks can be made faster with quantum computing, but it's not a significant enough increase to make symmetric key encryption worthless. It's not nearly the same beast as using Shor's Algorithm to factor the products of primes (rendering asymmetric key algorithms close to useless). As such, increasing the length of your symmetric key is useful against a quantum computing attacks, whereas increasing your asymmetric key length doesn't help much*.
Of course, we're talking about planting evidence here. There aren't quantum computers in existence (that we know of) that can run Shor's Algorithm to factor commonly used asymmetric key sizes. It will be a long time (if ever**) before quantum computers are ubiquitous enough that local police departments have access to them. When a resource like quantum computing is scarce enough, it's fairly hard to abuse without someone noticing.
* It can help if they don't have a quantum computer large enough to factor the primes you used.
** The known applications of quantum computing are extraordinarily small in number, and unless they increase substantially, it's unlikely that there will be a consumer market for them. That's not to say that a consumer application will never be found, of course.
Encrypt your drive. When they demand the keys, get your lawyer to demand that a defense expert be involved in the extraction portion of the evidence gathering.
That hasn't been my experience. I've used a Garmin pretty extensively. When I leave it on all the time, it usually knows where it is seconds after walking outside. When I turn it off and drive a good distance away, it takes maybe 30 seconds to reacquire enough satellites to get its bearings. It may not get all of the satellites that it wants right away, but it's always been spot on after 30 seconds.
Slashdot Mirror
Well, to be fair, the DMCA doesn't require that the entire site be removed. It only requires that the infringing file be removed. Yahoo is going above and beyond by removing as much as they are.
Exactly.
People here can't seem to think outside themselves and understand that their knowledge of Linux goes beyond most people's knowledge of any given operating environment.
I guess that it depends upon the setup. Most desktop users of Linux probably don't go to the lengths that you've seen--in fact, it sounds pretty cumbersome. I don't know how someone could get any useful work done if they don't have write access to their own files--and if they do have write access to their own files, then rm -rf would delete them. Having a backup is a completely separate issue, but it's one that few users who manage their own machines really think of (and for the purposes of this discussion, subversion is acting as a backup scheme--I'm sure that the users actually have populated $HOME environments with working copies of the version-controlled files, not just dot-files.)
Polymorphic hiding (a process changing itself to avoid detection) is a separate issue, and can still be effective for hiding from antivirus. We recently found a bit of malware and submitted it to virustotal.com (which scans binaries with several up-to-date antivirus packages.) The day we submitted it, only two manufacturers thought that it was even suspicious (none knew for sure that it was a virus.) I'm wondering if this was part of the Kraken botnet, now.
If the virus can mutate faster than antivirus picks up the signatures, it will be able to stay hidden, despite the antivirus software being able to scan it. Storm does this for sure, to some degree.
Lastly, you refer to knowledgeable end-users. As a platform gains market share, it tends to gain both knowledgeable and ignorant users. The ignorant users will always be susceptible.
I believe that the contest ended when two of the three machines were cracked, so no.
So here's my full disclosure: I really like the design of OS X. I like it more than just about any Linux window manager that I've tried, and it's simply leaps and bounds beyond Windows Vista. I point this out so that any bias may be evident in what I'm about to say.
It's pretty likely that the Macbook Air was targeted because it's a more desirable computer. If I was going to participate in a hacking contest where I got to keep the computer I hacked, I'd go for the Mac first every time. Moreover, because of the perception of OS X as being so secure, there's a certain amount of prestige associated with hacking one. A couple of years ago, David Maynor hacked a Mac (instead of other operating systems which were equally vulnerable to similar exploits) for just this reason.
This competition did not show which OS was more secure--it showed which OS was hacked first. There's not necessarily a direct correlation with security, here. Scientific tests would look at things like how much time it took to actually hack the machine, not how much time from the start of the competition elapsed before the machine was hacked.
I think that the biggest problem is that people don't distinguish between "secure" and "safer." I alluded to this in my post.
The second biggest problem is that people don't define what "secure" really means. In the context of trojan horses, it mostly means that the rest of the system is safe, even if the user account is wholly compromised. This is important, because it will be much easier to clean up the infection from a super-user account if the trojan can't use rootkit-like behavior to hide itself. In short, anti-virus running as root will have an easier time finding malware that isn't running as root. In this specific context, an operating system which (by default) runs as administrator is going to be less secure; however this has more to do with configuration and less to do with architecture, which is where a lot of people try to define security.
There are other contexts that you can look at, though. In most distributions of Linux, software updates are handled somewhat automatically for all software on the system. While this could be a security concern, in most cases, it's a boon to security. Did someone find a bug in Firefox? Ubuntu's daily security check will find it and ask you to install the new version. Bug in libc? Same thing. Since most software on the system will be updated in this way, security updates are more likely to be applied, and the system will, in general, be less susceptible to exploits.
Of course, all of this assumes classical malware that expects to be run as administrator. There's no particular reason that malware couldn't be written to be hard to detect from the user-account, and which waits until it can sniff a password or execute privileged code within a password-less sudo context. Malware also can do a lot of damage without hiding itself, and before the user becomes aware of its existence. This applies to just about any platform (indeed, any platform where the user is allowed to execute arbitrary code.)
In most shells, $HOME expands to /home/$USER (and note that capitalization is important--$user, which is what you typed, expands to nothing in most configurations.)
/home/yourusername is going to be as disastrous to most people as rm -rf / because most people keep their data in their home directory. If you run a file that you got from some site somewhere, and that file runs such a command, you're going to be pretty sad (particularly if you don't have backups.)
The point was that rm -rf
"Running an unwanted program" was mentioned--in other words, a trojan. And it could wreak havoc on a user account, even if it couldn't compromise the entire system.
All of your suggestions differ significantly from the default configuration. It's pretty easy to tell Windows to show the real file extension. It's easy to create a new user on your Windows box, and it's easy to only log in as that user. It's easy to install software in this way (right-click, run as.)
Only we're talking about normal users here. Users who aren't going to go to these lengths to protect themselves and their computers. Nor are they going to modify the default behavior of their Linux computers, if we were to set them in front of one. We're talking about users who don't even realize that these are good things to do, so why do you expect them to do them?
UAC isn't really a solution, either. All it does is to train the monkeys that you have to click an extra time in order to get the banana.
Education is what's needed. I no longer recommend antivirus to my family--I tell them to avoid running programs that they don't know about, not to trust any attachment that comes through the mail, and offer other suggestions for safe computing practices. Running without antivirus works to remove the perception of safe computing, making them actually think about the things that they're doing. This, incidentally, leads to actual safe computing.
But then, I touched on this when I mentioned that the only thing that not being an administrator gets you is that it's harder for malware to hide. A rogue process running as a user could quite easily cause a lot of problems, and most users won't have a clue of how to get rid of it. kill -9? Sure, until you reboot your computer. Did it modify your path? Did it modify your menus so that it looks like you're running Firefox, when instead you're running the trojan (which will probably spawn a Firefox process so that the user is none the wiser)?
Look at what most malware these days does. It's typically one of two things: either it sends spam, or it steals financial information. The former is quite possible without administrative privileges. The latter may be, depending upon where the information is stored and what is required to get access to it.
It's the difference between "this platform is inherently more secure" and "this platform is safer because it's not targeted as much." Apple's market share is rising--if it gets too high, it will likely become the target of malware authors.
Architecturally, there's little difference. However in practice, most vendors install Windows such that the default user is an administrator with no password, making it easier for malware to hide (but otherwise, not making it easier or harder for malware to get onto your machine.) Vista mitigates this slightly by ostensibly requiring an extra click from the user before modifying system files, even if the user is an administrator.
Despite what most Apple users would have you believe, the biggest reason that malware doesn't target OS X is the same reason that most game companies don't target OS X: market share. Because it's a cat-and-mouse game (malware writers vs. anti-malware writers--each always having to respond to the other), it makes much more sense to target the most common platform. Malware isn't a write-once, run for years kind of deal--it has to be constantly modified in order to escape detection. Effectively, this means that malware requires more updates than most software on a machine.
As Apple's market share grows, we'll probably see more malware target OS X. We may even see more infected machines initially, as there isn't much in the way of good Antivirus for OS X, most people don't run Antivirus software on OS X because of the perceived safety, and people are more likely to double-click dangerous files due to the perceived safety.
To be fair, Yahoo has gone above and beyond on this one. Their only requirement under the law is to remove the allegedly offending work. According to the summary, they have additionally threatened to remove this person's account.
In this, I feel that Yahoo is acting in a manner which is not in their customer's interest. Whoever made that threat probably thinks that the extra time required to deal with DMCA notices justifies removing the accounts of people who are likely to be repeat offenders. Unfortunately, they've got every right to do this, but it's certainly a pretty scary precedent which could lead to attacks on their users. Once word gets out that you can get a Yahoo account cancelled by forging a DMCA notice, the fit's going to hit the shan.
At the same time, I don't like the fact that any idiot can claim ownership of a work and get something that they don't like taken down.
There probably isn't a good solution, at this point, so we have to choose the lesser of the two evils, and I think that the current system is just that.
Why bother feeding the trolls?
And my point was that Microsoft already had an easy way to ensure that a clean installation could be performed using an upgrade disc. Such a solution already existed, so to suggest that they "left this trick in" for this reason is kinda begging the question, only in reverse.
Never upgraded Windows before, eh?
Since at least Windows 2000, you've been able to just pop out the disc, put in the older version to prove that you own it, then switch back and continue with the install. This gets you a clean install of the new OS while still verifying access to the older media. It takes less time, too (don't have to install the new OS twice in order to get a valid activation.)
Then "with intent to redistribute" is obviously bull, but in the legal profession, you basically try to throw as much stuff at your opponent as possible, and you see what sticks.
Why? Because Slashdot can't be described as one homogeneous entity. I can't believe that you asked the question.
Strictly speaking, quantum cryptography really has nothing to do with it. Quantum cryptography has more to do with detecting when a conversation has been overheard. It's useful for transmitting session keys--if the session key conversation was overheard, just don't use those keys. If it wasn't overheard, it's fairly safe to proceed. Quantum cryptography, thus, aids in symmetric key exchange (key exchange, in general, being the hardest part of cryptography between two people--a problem solved by asymmetric keys in classical computing.)
The advent of quantum computing has ramifications on breaking cryptographic keys, however most people don't really understand what this means.
Symmetric key attacks can be made faster with quantum computing, but it's not a significant enough increase to make symmetric key encryption worthless. It's not nearly the same beast as using Shor's Algorithm to factor the products of primes (rendering asymmetric key algorithms close to useless). As such, increasing the length of your symmetric key is useful against a quantum computing attacks, whereas increasing your asymmetric key length doesn't help much*.
Of course, we're talking about planting evidence here. There aren't quantum computers in existence (that we know of) that can run Shor's Algorithm to factor commonly used asymmetric key sizes. It will be a long time (if ever**) before quantum computers are ubiquitous enough that local police departments have access to them. When a resource like quantum computing is scarce enough, it's fairly hard to abuse without someone noticing.
* It can help if they don't have a quantum computer large enough to factor the primes you used.
** The known applications of quantum computing are extraordinarily small in number, and unless they increase substantially, it's unlikely that there will be a consumer market for them. That's not to say that a consumer application will never be found, of course.
Encrypt your drive. When they demand the keys, get your lawyer to demand that a defense expert be involved in the extraction portion of the evidence gathering.
That hasn't been my experience. I've used a Garmin pretty extensively. When I leave it on all the time, it usually knows where it is seconds after walking outside. When I turn it off and drive a good distance away, it takes maybe 30 seconds to reacquire enough satellites to get its bearings. It may not get all of the satellites that it wants right away, but it's always been spot on after 30 seconds.