Not really. Once it was hip and great to write "Bismut" because it looked latin and thus scientific. Now it's the english language. Somehow it's impossible to go with the original name, originally invented in the southern mountains of Saxony, to celebrate the original scientific effort which lead to the discovery of a new chemical element.
(As a side note: I also don't understand why one should name Natrium [chemical symbol Na] Sodium and Kalium [chemical symbol K] Potassium. When the symbols got defined, surely Natrium and Kalium were the names widely used.)
Most black lists are for smtp servers only, and the origial article was about sending "traffic" (which i read icmp or dos, typically not e-mail).
It depends on the type of the attack. "Traffic" is quite unspecific, but it's not necessarily ICMP echo-request (a.k.a. "ping"). For DoS ping is rather uninteresting, because there are enough sites that don't allow ping to their servers and filter it out some hops before the servers anyway. At least I was recommending to customers to allow ping only from monitoring and maintenance sites. (As a side note: A lot of IPs for servers are not coupled with a specified hardware address anyway, but handled and distributed by loadbalancers and serverfarms, so there is no point in having those virtual servers respond on anything else than the service they are supposed to provide.)
So if you have a site that only allows a very limited number of packet types through, attacking it with something outside of the scope of the firewall is somewhat pointless, except you manage to muster such an high bandwidth that it clogs up the pipe at some hops way before the original site. And traffic that is easily to distinguish from legitimate traffic is also easily filtered directly at the backbone routers of the really big ISPs or exchange points ("drop anything not TPC to the site in question").
To make your attack more effective you have at least to mimick the legitimate traffic a little. Your DoS-requests thus should be at least formally correct (or being incorrect in a quite sophisticated manner to trigger complex fault and exception handling.) If you manage to cause the service to calculate a long or data intensive response, it's even better, because then you are clogging up CPU time now missing to handle requests that generate business for the site ("Give me all betting quotes which are either between 1:1 and 1:5 or between 1:4 and 1:10 or between 1:8 and 1:100 or are better than 1:75" forces the site to answer with a large sheet containing all quotes, but the answer set consists of several subsets to be calculated separately. Not every site has middleware in place to change this to "give me all quotes"). If you manage to make your request variable, so filtering out the DoS request with a single pattern doesn't work, it's much better. If you change your attacking pattern during the attack, so the filters in place have to be changed the whole time by the defending site, your DoS will be further more effective.
In the end for an effective DoS you should a) fill all available bandwidth with traffic indistinguishable from legitimate traffic b) use up as much CPU time on the servers as possible to handle your request c) try to generate an asymmetric pattern (your request should use up much less bandwidth for you than the answer of the site is using) d) make it as variable as possible to avoid static filtering.
Another little clarification: German: Wismut. Discovered about 1540 in the Schneeberg mining region. Translated into latin by Georgius Agricola to Bismutum (there is no W in the latin alphabet). Therefore the chemical symbol Bi.
Newest english-asskissing craze: Writing "Bismut" in german, because it looks so english and thus so scientific.
Wood's metal for instance (an amalgam containing bismut) melts at 70C. While this is still to much for cooling (you want your coolant being liquid at 35C). But other bismut amalgams melt at 35C (Bismut itself melts at 271,4C).
One of the great misconceptions about the eye is the assumption that the complexity of the eye would be irreducible, so it had to be mutated into being at once. This is simply wrong.
There are lots of species that have 'rudimentary' eyes, that means: eyes which don't have the full fledged feature set of the eyes of vertebrates or insects.
The lancelet (branchiostomus) for instance has a simple light sensing system consisting of two cells, called pigment cup ocellus. Basicly it's a single light sensing cell and a single nerve cell to transmit the signal.
The snail patella has little pits in the skin, where some light sensing cells are located. This doesn't just sense 'light' and 'dark', it also allows for a rudimentary determination where the light comes from.
The flatworm planaria gonocephala has similar light organs (pigment cups) like the lancelet, but here, like the patella, the pigment cups are located in a deep pit in the skin, thus allowing for a good direction sense and a beginning sense for movement. A similar rudimentary eye can be found with some jellyfish (sarsia). An eye like this works on the principle of a camera obscura: An opening at one end of a box allows single beams of lights to reach the other side of the box and project a (side reversed and on its head) picture of the surrounding. Several cells at this inner side then get different levels of light and send different signals to a brain, which then can reconstruct the surrounding world.
Ross worms (sabellaria) have a so called bubble eye. It is similar to the eyes of the flatworms, but here the pit is closed by a single cell thin skin, thus protecting the light sensing skin at the bottom of the pit. The bubble is filled with a watery jelly. Here you have already a quite complete eye, with the outer skin working as a primitive lens, an eyeball and a retina, where the picture projected by the lens skin is recorded by light sensing cells.
From here the different types of eyes have evolved: complex eyes for insects, where hundreds and thousands of those pits were grouped together to create a very accurate picture of the surrounding world, and the eves with adaptable lenses, either by moving the lenses (fishes) to accomodate to different distances or by pressing them to change the refraction of the lense, as with octopoda or mammalia.
First: If you read the article from Wired, you will notice, that resistance against RoundUp (glyphosate) is not normal within coca plants. There was a mutation somewhere, which made some coca plants immune. While this was no selection advantage in a normal jungle, it became one as soon as the DEA started with RoundUp attacks against coca crops. So a certain trait of coca plants will die out (those without mutation), and only those plants with glyphosate immunity will survive.
ID has no merits other than being non-Darwinist. There is no evidence supporting a designer being active to generate creatures (interestingly though we still call individual lifeforms 'creatures' even when we claim that they don't have been created by a creator;) ), there is no conclusion we can draw out of ID that helps us deal with a problem we have with a single or a group of lifeforms.
We all know the problem with antibiotics: If you use them, and you are not reaching every single lifeform you want to wipe out with a deadly dose, some of the lifeforms might survive long enough to have offspring, which in turn might survive the antibiotics too. They even might be able to survive a low dose of antibiotics without any harm, so if you use the antibiotic again, they survive all competing lifeforms, which die due to the antibiotic, making the field free for a growing population of the slightly antibiotic resistant lifeforms. In the end your antibiotic is not able anymore to harm the resistant lifeform, and all that happens if you use it: You increase the growing of the species, because the antibiotic helps battling all those other lifeforms once competing. This is evolution at work, and there are enough antibiotics which are not effective anymore, because there are lifeforms resistant to them.
It does not only work for bacterias and other single cell organisms: Exactly those evolutative mechanisms were at work when coca plants grew resistant to RoundUp: The spraying of RoundUp on Columbian coca plantages had a strange effect: Because spraying from an airplane is quite incorrect, and you can't make sure that all plants you want to hit are hit with a full dose, and the one's you don't want to hit aren't, the coca growing pawns in Columbia faced a strange problem after a spraying attack: Most of their crops, coca and other crops, died. Most tomatos, most corn, most vegetables and fruit, and most coca plants. But some survived, having only got a low dose and were able to survive.
Coca plants are mostly multiplied by the pawns by cutting small twigs and planting them into the earth rather than sowing the coca seeds. After a spraying attack almost the complete plantage of a pawn is destroyed, and only the coca plants which have survived can be used to plant anew, just cut some twigs and regrow your crops. Most cultural plants need to be grown again from seeds, and you have to wait until the RoundUp is washed out of the earth. In the end the whole coca plantages once attacked were replanted with twigs from coca plants that survived a RoundUp attack. And they were growing faster than before because the weed normally growing with the coca plants was suppressed by the RoundUp remains in the soil.
Within four years a coca plant was covering large areas which was completely immune against RoundUp. No genetic engineering (a.k.a. intelligent design) was necessary to outwith the DEA and Monsanto: Just having evolution go its way and taking the survivors of RoundUp attacks and replant the field with them.
You might love or hate Darwinism. But evolution is all around you every day.
When the AN 124 was designed, Ukraine was part of the Soviet Union, and the money and the specifications for the AN 124 were sent to Antonov by the soviet government. I also guess that most of the engineers working at Antonov were somehow or sometime educated at Moscow University.
In fact the Ukraine has been part of Russia for 350 years until it broke away from the CIS in 1992. This makes anything that predates 1992 quite complicated to assign to a state or nation.
This is why double bookkeeping was invented in the first place: Having one column being the checksum for the other column. Spreadsheets don't necessarily provide checksums (you have to code them into the spreadsheet, and people are lazy), so it is not easy to spot if there is a typo somewhere.
And if it goes about error margins: I once was programming for a large real estate bank, and we had to do a report for interest coverage calculation (that is: proving that you didn't lend more money to your customers than you can cover with your own capital and enough debt bills from the finance markets). At first the sums our report was showing were $20 mio away from the sums the Finance Controlling was calculating. Finance Controlling was refusing the report until the sum was below $2.5 mio. So the report was reworked, differences in the interpretation for contracts were ironed out, errors corrected, and finally we had a report which was close to the $2.5 mio error. This was the point when Finance Controlling themselves started to look for their own errors. In the end their spreadsheets proved to be wrong for about $3 mio, and they used our report to consolidate.
There were two lessons for me: First: For a large bank a bookkeeping error of $2.5mio is acceptable. Second: Computers don't solve problems double bookkeeping is pointing out. So if you have a chance to recalculate your finances from a new point of view, do it. It might save you $$$. Computers and double bookkeeping are orthogonal to each other when it comes to finances. Both cover completely different areas of correctness.
ActiveX as a concept (having a small, compact application run locally and communicate with a remote server) is a nice idea. The fact that ActiveX runs with the full priviledges of the local user and thus, if used under normal WinNT usage patterns with full OS priviledges, is a serious problem. There are no shields anymore between an ActiveX applet and the OS kernel.
ActiveX might have been a good concept if it was accompagnied with concepts like chroot, and if the local functions it is able to call are restrictible to the chroot environment.
And the question if a driver needs to execute entirely in Kernel mode is the same I asked in my last paragraph. Normal driver design should split the driver into two parts: The so called bottom half which deals directly with the hardware and is often time-critical and the upper half which is decoupled from direct hardware access. So only a very short code path should be needed to access hardware directly, which in turn often requires kernel priviledges. One can design kernels which don't encapsule every hardware access into kernel functions, but in general it is a good idea to have a separation between userland and hardware access. Hardware often triggers interrupts which stop normal program execution and jump into a new execution path, thus the interrupt code paths should be short and return as soon as possible to normal execution, which often is equivalent to not having to ask for any priviledges first.
Bluetooth, USB and other hot plugging devices have a very complicated driver model, because here the driver not only accesses hardware that was available during boot time, where most administation routines are done before the kernel is completely loaded and the first applications have started to run. Hotplugging a device often means a small little boot process with rearranging hardware pointers and interrupts. In most cases at least some of those functions need kernel priviledges (or at least priviledges within the generic USB or Bluetooth modules). It is imaginable to have the whole hotplug modules run completely in a separate application process with only a generic bottom driver half accessing the hotplug ports. But this needs a lot of experience with the model and design refitting until it offers similar functionality and speed as the current kernel module model.
The NT security model itself is quite sophisticated, it derives directly from the old VMS model. Butler Lampson et.al., who designed it, are some of the computer security gurus.
The main problem with NT's security is not the model itself, it's the various ways how it gets circumvented to either have some nifty feature which looks nice at a demonstration without a real use (ActiveX) or because the ways how NT is used by application designers and users is contradictionary to the model. Applications that need administrator priviledges to run are inherently flawed. They are applications, something that is applied on top of the inner workings and shouldn't know about any priviledges necessary for system administration.
NT is a good example how OS design itself doesn't create computer security. It is the way how an OS is used, procedures, usage patterns, deployment, applications, which create an environment for computers which is more or less secure. OS security is a single aspect of overall computer security.
Your first example is not really a Linux/Unix vulnerability (in fact the vulnerability is the same on WinNT), it is an application vulnerability. If it propagates through to the operating system (as it does if the user has far reaching OS priviledges), then it may point out an OS problem. Under Unix/Linux it should normally not affect OS integrity.
The second is indeed an OS problem, because it is a driver problem, and most drivers need OS priviledges to run. It would be possible to have drivers run in a sandbox like environment with a protection layer against the kernel and other drivers which helps to keep driver vulnerabilities local to the driver and the hardware the driver is operating. Sadly neither the Linux kernel nor the WinNT kernel are well prepared for such security layers. There are experiments with minimalistic kernels (microkernels) which provide such layering, but they didn't have much impact into mainstream computing yet. You might be interested in the L3/L4 series which allow userland drivers.
Present day: "We want better security in Windows! Why can't it have something like UNIX's security model?"
10 years later: "Those bastards! They copied/snarfed/stole the UNIX security model!"
You forgot 10 years ago: "Why has Microsoft never used the security features built into the WinNT Kernel by the DEC people?"
So maybe it's 10 years later: "Those bastards! They finally copied/snarfed/stole the UNIX security model! And they got it screwed up again!"
So Microsoft Windows has a builtin security model, which would allow to emulate the UNIX security model, because it is a superset of the UNIX model. But the way different layers of shells and applications are built not only above the kernel, but are intertwined with each other and different kernel functions, this model is often superseded by other mechanisms, and the interactions are not fully understood, not even by the developers.
The sum you pay to the doctor for staying healthy was negotiable. You just had to make sure that it was more interesting for the doctor to keep you alive and healthy to get your money than to just kill you for being a hopeless case.
Imagine if plumbers demanded that you pay them every time you use the sink they fixed. Or if doctors wanted a percentage of your income earned with that broken arm they mended.
At least the second is how the chinese medicine worked: You paid your doctor as long as you were healthy and stopped the payment as soon as you felt sick. This forced the doctor to get you feeling better as soon as possible.
The Berne Convention allows something like this. Because the Berne Convention doesn't know copyrights, only the Author's right (and subsequent licensing of a subset), it works this:
If an author licenses his rights to someone else, and the other one doesn't use it for a certain amount of time, the author can reclaim the license and publish the work himself or relicense it to someone else. It is not public domain though, but it gives the original author more control about the publishers and forces them to publish the works they aquire licenses for.
It has always its merits to outsource stuff you are not really prepared to do to someone who knows better:) But alas, it boils down to the question: Which one is better for you in the long run? A private person might be better off with untested memory and the chance to replace defective RAMs under fair conditions at his reseller. For a company running critical tasks it often is better to have a life cycle warranty for the RAM and even have it built in from an external company, so they can blame someone else (and extort money) for blowing the RAM into oblivion. A datacenter with hundreds of redundant computers might build in the untested RAM and just wait for a machine to break, then replacing the whole computer without a thourough failure analysis, because the next computer is cheaper than the time of the employes trying to figure out what happened.
But Germany is another case after all, as is the whole EU: Here every seller of technical equipment has to give a 2 year warranty to every piece of hardware he sells. So if a RAM trader buys those untested RAMs and sells them within EU borders, he has to replace every single RAM that fails within 2 years for free (except he can prove the customer is at fault). In fact according to the law he has to give the money for the original RAM back, but he can instead try to 'better afterwards' a.k.a. repair or replace the faulty part if the customer agrees. So there are enough specialized labs out there that can perform RAM testing in large numbers, because the RAM traders need them.
And Munich (München) means 'founded by monks'. So this etymology is not so wrong after all. As far as I remember Munich was founded by Cistercensian monks settling in a large swamp at the Isar river and gradually turning the swamp into fields to plant crops.
Just to be nitpicking: Pornography is no latin word. It derives from ancient greek: porneia = whore and graphein = writing. So "a whore's text" or "text about whores" would be a good translation for the actual meaning of pornography.
In a not RIAA related case I just wrote a letter to the debt collection company asking if they had a phone number or email address I can reach, because their 800 number didn't work. I got another letter back, where they offered me payment by rates. I responded again and said: I just want to talk about the debt you are collecting, and I can't do because I can't phone you, your 800 phone number doesn't work to me. I have never heard from the company since.
As a german I can say: No. Definitely. The renaming from "Champagner" to "Sekt" took place 1918. As far as I remember back all german champagne brands were named "Sekt". From the cheapest up to the most expensive. Some vineyards were selling Sekt which was fermented using the "méthode champagnoise", and it said so on the bottle, but you didn't find any german champagne calling itself "Champagne" for at least 85 years.
I grew up in East Germany (which wasn't in any way related to the European Community, being member of the Warsaw Contract). And even there no single bottle of champagne was named "Champagner". There was the Krim champagne, which calls itself 'Krimskoye Shampanskoye', but the Krim peninsula was russian anyway (and is ukrainian today).
Not really. Once it was hip and great to write "Bismut" because it looked latin and thus scientific. Now it's the english language. Somehow it's impossible to go with the original name, originally invented in the southern mountains of Saxony, to celebrate the original scientific effort which lead to the discovery of a new chemical element.
(As a side note: I also don't understand why one should name Natrium [chemical symbol Na] Sodium and Kalium [chemical symbol K] Potassium. When the symbols got defined, surely Natrium and Kalium were the names widely used.)
It depends on the type of the attack. "Traffic" is quite unspecific, but it's not necessarily ICMP echo-request (a.k.a. "ping"). For DoS ping is rather uninteresting, because there are enough sites that don't allow ping to their servers and filter it out some hops before the servers anyway. At least I was recommending to customers to allow ping only from monitoring and maintenance sites. (As a side note: A lot of IPs for servers are not coupled with a specified hardware address anyway, but handled and distributed by loadbalancers and serverfarms, so there is no point in having those virtual servers respond on anything else than the service they are supposed to provide.)
So if you have a site that only allows a very limited number of packet types through, attacking it with something outside of the scope of the firewall is somewhat pointless, except you manage to muster such an high bandwidth that it clogs up the pipe at some hops way before the original site. And traffic that is easily to distinguish from legitimate traffic is also easily filtered directly at the backbone routers of the really big ISPs or exchange points ("drop anything not TPC to the site in question").
To make your attack more effective you have at least to mimick the legitimate traffic a little. Your DoS-requests thus should be at least formally correct (or being incorrect in a quite sophisticated manner to trigger complex fault and exception handling.) If you manage to cause the service to calculate a long or data intensive response, it's even better, because then you are clogging up CPU time now missing to handle requests that generate business for the site ("Give me all betting quotes which are either between 1:1 and 1:5 or between 1:4 and 1:10 or between 1:8 and 1:100 or are better than 1:75" forces the site to answer with a large sheet containing all quotes, but the answer set consists of several subsets to be calculated separately. Not every site has middleware in place to change this to "give me all quotes"). If you manage to make your request variable, so filtering out the DoS request with a single pattern doesn't work, it's much better. If you change your attacking pattern during the attack, so the filters in place have to be changed the whole time by the defending site, your DoS will be further more effective.
In the end for an effective DoS you should a) fill all available bandwidth with traffic indistinguishable from legitimate traffic b) use up as much CPU time on the servers as possible to handle your request c) try to generate an asymmetric pattern (your request should use up much less bandwidth for you than the answer of the site is using) d) make it as variable as possible to avoid static filtering.
Another little clarification: German: Wismut. Discovered about 1540 in the Schneeberg mining region. Translated into latin by Georgius Agricola to Bismutum (there is no W in the latin alphabet). Therefore the chemical symbol Bi.
Newest english-asskissing craze: Writing "Bismut" in german, because it looks so english and thus so scientific.
No one talks about sodium or lead cooled CPUs.
Wood's metal for instance (an amalgam containing bismut) melts at 70C. While this is still to much for cooling (you want your coolant being liquid at 35C). But other bismut amalgams melt at 35C (Bismut itself melts at 271,4C).
One of the great misconceptions about the eye is the assumption that the complexity of the eye would be irreducible, so it had to be mutated into being at once. This is simply wrong.
There are lots of species that have 'rudimentary' eyes, that means: eyes which don't have the full fledged feature set of the eyes of vertebrates or insects.
The lancelet (branchiostomus) for instance has a simple light sensing system consisting of two cells, called pigment cup ocellus. Basicly it's a single light sensing cell and a single nerve cell to transmit the signal.
The snail patella has little pits in the skin, where some light sensing cells are located. This doesn't just sense 'light' and 'dark', it also allows for a rudimentary determination where the light comes from.
The flatworm planaria gonocephala has similar light organs (pigment cups) like the lancelet, but here, like the patella, the pigment cups are located in a deep pit in the skin, thus allowing for a good direction sense and a beginning sense for movement. A similar rudimentary eye can be found with some jellyfish (sarsia). An eye like this works on the principle of a camera obscura: An opening at one end of a box allows single beams of lights to reach the other side of the box and project a (side reversed and on its head) picture of the surrounding. Several cells at this inner side then get different levels of light and send different signals to a brain, which then can reconstruct the surrounding world.
Ross worms (sabellaria) have a so called bubble eye. It is similar to the eyes of the flatworms, but here the pit is closed by a single cell thin skin, thus protecting the light sensing skin at the bottom of the pit. The bubble is filled with a watery jelly. Here you have already a quite complete eye, with the outer skin working as a primitive lens, an eyeball and a retina, where the picture projected by the lens skin is recorded by light sensing cells.
From here the different types of eyes have evolved: complex eyes for insects, where hundreds and thousands of those pits were grouped together to create a very accurate picture of the surrounding world, and the eves with adaptable lenses, either by moving the lenses (fishes) to accomodate to different distances or by pressing them to change the refraction of the lense, as with octopoda or mammalia.
First: If you read the article from Wired, you will notice, that resistance against RoundUp (glyphosate) is not normal within coca plants. There was a mutation somewhere, which made some coca plants immune. While this was no selection advantage in a normal jungle, it became one as soon as the DEA started with RoundUp attacks against coca crops. So a certain trait of coca plants will die out (those without mutation), and only those plants with glyphosate immunity will survive.
ID has no merits other than being non-Darwinist. There is no evidence supporting a designer being active to generate creatures (interestingly though we still call individual lifeforms 'creatures' even when we claim that they don't have been created by a creator ;) ), there is no conclusion we can draw out of ID that helps us deal with a problem we have with a single or a group of lifeforms.
We all know the problem with antibiotics: If you use them, and you are not reaching every single lifeform you want to wipe out with a deadly dose, some of the lifeforms might survive long enough to have offspring, which in turn might survive the antibiotics too. They even might be able to survive a low dose of antibiotics without any harm, so if you use the antibiotic again, they survive all competing lifeforms, which die due to the antibiotic, making the field free for a growing population of the slightly antibiotic resistant lifeforms.
In the end your antibiotic is not able anymore to harm the resistant lifeform, and all that happens if you use it: You increase the growing of the species, because the antibiotic helps battling all those other lifeforms once competing.
This is evolution at work, and there are enough antibiotics which are not effective anymore, because there are lifeforms resistant to them.
It does not only work for bacterias and other single cell organisms: Exactly those evolutative mechanisms were at work when coca plants grew resistant to RoundUp: The spraying of RoundUp on Columbian coca plantages had a strange effect: Because spraying from an airplane is quite incorrect, and you can't make sure that all plants you want to hit are hit with a full dose, and the one's you don't want to hit aren't, the coca growing pawns in Columbia faced a strange problem after a spraying attack: Most of their crops, coca and other crops, died. Most tomatos, most corn, most vegetables and fruit, and most coca plants.
But some survived, having only got a low dose and were able to survive.
Coca plants are mostly multiplied by the pawns by cutting small twigs and planting them into the earth rather than sowing the coca seeds. After a spraying attack almost the complete plantage of a pawn is destroyed, and only the coca plants which have survived can be used to plant anew, just cut some twigs and regrow your crops. Most cultural plants need to be grown again from seeds, and you have to wait until the RoundUp is washed out of the earth. In the end the whole coca plantages once attacked were replanted with twigs from coca plants that survived a RoundUp attack. And they were growing faster than before because the weed normally growing with the coca plants was suppressed by the RoundUp remains in the soil.
Within four years a coca plant was covering large areas which was completely immune against RoundUp. No genetic engineering (a.k.a. intelligent design) was necessary to outwith the DEA and Monsanto: Just having evolution go its way and taking the survivors of RoundUp attacks and replant the field with them.
You might love or hate Darwinism. But evolution is all around you every day.
The formula for Coke might be found here. I thought this was your backup.
When the AN 124 was designed, Ukraine was part of the Soviet Union, and the money and the specifications for the AN 124 were sent to Antonov by the soviet government. I also guess that most of the engineers working at Antonov were somehow or sometime educated at Moscow University.
In fact the Ukraine has been part of Russia for 350 years until it broke away from the CIS in 1992. This makes anything that predates 1992 quite complicated to assign to a state or nation.
In fact they got so many blueprints that they were able to have it fly one year early. Wonder what the french-british consortium was doing that year.
This is why double bookkeeping was invented in the first place: Having one column being the checksum for the other column. Spreadsheets don't necessarily provide checksums (you have to code them into the spreadsheet, and people are lazy), so it is not easy to spot if there is a typo somewhere.
And if it goes about error margins: I once was programming for a large real estate bank, and we had to do a report for interest coverage calculation (that is: proving that you didn't lend more money to your customers than you can cover with your own capital and enough debt bills from the finance markets). At first the sums our report was showing were $20 mio away from the sums the Finance Controlling was calculating. Finance Controlling was refusing the report until the sum was below $2.5 mio. So the report was reworked, differences in the interpretation for contracts were ironed out, errors corrected, and finally we had a report which was close to the $2.5 mio error. This was the point when Finance Controlling themselves started to look for their own errors. In the end their spreadsheets proved to be wrong for about $3 mio, and they used our report to consolidate.
There were two lessons for me:
First: For a large bank a bookkeeping error of $2.5mio is acceptable.
Second: Computers don't solve problems double bookkeeping is pointing out. So if you have a chance to recalculate your finances from a new point of view, do it. It might save you $$$. Computers and double bookkeeping are orthogonal to each other when it comes to finances. Both cover completely different areas of correctness.
ActiveX as a concept (having a small, compact application run locally and communicate with a remote server) is a nice idea. The fact that ActiveX runs with the full priviledges of the local user and thus, if used under normal WinNT usage patterns with full OS priviledges, is a serious problem. There are no shields anymore between an ActiveX applet and the OS kernel.
ActiveX might have been a good concept if it was accompagnied with concepts like chroot, and if the local functions it is able to call are restrictible to the chroot environment.
And the question if a driver needs to execute entirely in Kernel mode is the same I asked in my last paragraph. Normal driver design should split the driver into two parts: The so called bottom half which deals directly with the hardware and is often time-critical and the upper half which is decoupled from direct hardware access. So only a very short code path should be needed to access hardware directly, which in turn often requires kernel priviledges. One can design kernels which don't encapsule every hardware access into kernel functions, but in general it is a good idea to have a separation between userland and hardware access. Hardware often triggers interrupts which stop normal program execution and jump into a new execution path, thus the interrupt code paths should be short and return as soon as possible to normal execution, which often is equivalent to not having to ask for any priviledges first.
Bluetooth, USB and other hot plugging devices have a very complicated driver model, because here the driver not only accesses hardware that was available during boot time, where most administation routines are done before the kernel is completely loaded and the first applications have started to run. Hotplugging a device often means a small little boot process with rearranging hardware pointers and interrupts. In most cases at least some of those functions need kernel priviledges (or at least priviledges within the generic USB or Bluetooth modules). It is imaginable to have the whole hotplug modules run completely in a separate application process with only a generic bottom driver half accessing the hotplug ports. But this needs a lot of experience with the model and design refitting until it offers similar functionality and speed as the current kernel module model.
The NT security model itself is quite sophisticated, it derives directly from the old VMS model. Butler Lampson et.al., who designed it, are some of the computer security gurus.
The main problem with NT's security is not the model itself, it's the various ways how it gets circumvented to either have some nifty feature which looks nice at a demonstration without a real use (ActiveX) or because the ways how NT is used by application designers and users is contradictionary to the model. Applications that need administrator priviledges to run are inherently flawed. They are applications, something that is applied on top of the inner workings and shouldn't know about any priviledges necessary for system administration.
NT is a good example how OS design itself doesn't create computer security. It is the way how an OS is used, procedures, usage patterns, deployment, applications, which create an environment for computers which is more or less secure. OS security is a single aspect of overall computer security.
Your first example is not really a Linux/Unix vulnerability (in fact the vulnerability is the same on WinNT), it is an application vulnerability. If it propagates through to the operating system (as it does if the user has far reaching OS priviledges), then it may point out an OS problem. Under Unix/Linux it should normally not affect OS integrity.
The second is indeed an OS problem, because it is a driver problem, and most drivers need OS priviledges to run. It would be possible to have drivers run in a sandbox like environment with a protection layer against the kernel and other drivers which helps to keep driver vulnerabilities local to the driver and the hardware the driver is operating. Sadly neither the Linux kernel nor the WinNT kernel are well prepared for such security layers. There are experiments with minimalistic kernels (microkernels) which provide such layering, but they didn't have much impact into mainstream computing yet. You might be interested in the L3/L4 series which allow userland drivers.
You forgot 10 years ago: "Why has Microsoft never used the security features built into the WinNT Kernel by the DEC people?"
So maybe it's 10 years later: "Those bastards! They finally copied/snarfed/stole the UNIX security model! And they got it screwed up again!"
So Microsoft Windows has a builtin security model, which would allow to emulate the UNIX security model, because it is a superset of the UNIX model. But the way different layers of shells and applications are built not only above the kernel, but are intertwined with each other and different kernel functions, this model is often superseded by other mechanisms, and the interactions are not fully understood, not even by the developers.
The sum you pay to the doctor for staying healthy was negotiable. You just had to make sure that it was more interesting for the doctor to keep you alive and healthy to get your money than to just kill you for being a hopeless case.
At least the second is how the chinese medicine worked: You paid your doctor as long as you were healthy and stopped the payment as soon as you felt sick. This forced the doctor to get you feeling better as soon as possible.
The Berne Convention allows something like this. Because the Berne Convention doesn't know copyrights, only the Author's right (and subsequent licensing of a subset), it works this:
If an author licenses his rights to someone else, and the other one doesn't use it for a certain amount of time, the author can reclaim the license and publish the work himself or relicense it to someone else. It is not public domain though, but it gives the original author more control about the publishers and forces them to publish the works they aquire licenses for.
Done already for my Win Box, now Linux and Solaris are in the works.
It has always its merits to outsource stuff you are not really prepared to do to someone who knows better :) But alas, it boils down to the question: Which one is better for you in the long run? A private person might be better off with untested memory and the chance to replace defective RAMs under fair conditions at his reseller. For a company running critical tasks it often is better to have a life cycle warranty for the RAM and even have it built in from an external company, so they can blame someone else (and extort money) for blowing the RAM into oblivion. A datacenter with hundreds of redundant computers might build in the untested RAM and just wait for a machine to break, then replacing the whole computer without a thourough failure analysis, because the next computer is cheaper than the time of the employes trying to figure out what happened.
But Germany is another case after all, as is the whole EU: Here every seller of technical equipment has to give a 2 year warranty to every piece of hardware he sells. So if a RAM trader buys those untested RAMs and sells them within EU borders, he has to replace every single RAM that fails within 2 years for free (except he can prove the customer is at fault).
In fact according to the law he has to give the money for the original RAM back, but he can instead try to 'better afterwards' a.k.a. repair or replace the faulty part if the customer agrees.
So there are enough specialized labs out there that can perform RAM testing in large numbers, because the RAM traders need them.
And Munich (München) means 'founded by monks'. So this etymology is not so wrong after all. As far as I remember Munich was founded by Cistercensian monks settling in a large swamp at the Isar river and gradually turning the swamp into fields to plant crops.
I don't have the correct word here right now, but derived from porneia is also the greek word for adultery (something like porneion).
Just to be nitpicking: Pornography is no latin word. It derives from ancient greek: porneia = whore and graphein = writing. So "a whore's text" or "text about whores" would be a good translation for the actual meaning of pornography.
In a not RIAA related case I just wrote a letter to the debt collection company asking if they had a phone number or email address I can reach, because their 800 number didn't work. I got another letter back, where they offered me payment by rates. I responded again and said: I just want to talk about the debt you are collecting, and I can't do because I can't phone you, your 800 phone number doesn't work to me.
I have never heard from the company since.
As a german I can say: No. Definitely. The renaming from "Champagner" to "Sekt" took place 1918. As far as I remember back all german champagne brands were named "Sekt". From the cheapest up to the most expensive. Some vineyards were selling Sekt which was fermented using the "méthode champagnoise", and it said so on the bottle, but you didn't find any german champagne calling itself "Champagne" for at least 85 years.
I grew up in East Germany (which wasn't in any way related to the European Community, being member of the Warsaw Contract). And even there no single bottle of champagne was named "Champagner". There was the Krim champagne, which calls itself 'Krimskoye Shampanskoye', but the Krim peninsula was russian anyway (and is ukrainian today).