Slashdot Mirror


User: argent

argent's activity in the archive.

Stories
0
Comments
12,456
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,456

  1. The Firefox XPI model needs re-evaluation... on Firefox Greasemonkey Extension Security Problem · · Score: 3, Insightful

    I would like to first address a lot of the people who are taking this as a chance to really dog Firefox and the Open Source Community as a failure on their part.

    I've been arguing that the Firefox XPI model needs to be re-evaluated from a security standpoint for some time now.

    1. Installing XPIs should not be initiated from a web page. They should be downloaded and manually installed, like any other application or application plug-in. This would allow any attacks that involve using the installer for privilege escalation to be eliminated.

    2. Expanded rights should not be granted to any javascript that has not been explicitly installed.

    3. As a corollary to this, any method that leads to an eval should, when run from a script that's part of chrome, unconditionally revoke those rights. A new method that explicitly evals code with greater rights with a name that makes it clear that it's dangerous can be added if it's actually necessary.

  2. If a cold is no better than pneumonia... on Firefox Greasemonkey Extension Security Problem · · Score: 4, Interesting

    Mozilla is just as much of an insecure platform as IE, because they allow plug-ins.

    Not quite.

    The big problem with IE is not just that it has a plug-in mechanism, but it has a plug-in mechanism that's based on the HTML control (the actual browser component) assigning the right to install plugins to an object (the web page) based on an ad-hoc security model that's based on the location the object is believed to originate. Certificates, security dialogs, and so on... these are layered on top of this, but basically the HTML control is responsible for figuring out if a "dangerous" action should be allowed with no more than hints from the calling applications, and a jargon-filled dialog box that the user has to decide on RIGHT AWAY.

    I get calls from my users all the time that are variants on "this dialog box came up and I hit 'yes' without thinking".

    So... the control is pervasive, it's used by lots of applications, the API can't be significantly changed without creating a mass upgrade day for every app that uses it, responsibility is placed in the wrong place, and the user interaction encourages mistakes.

    Firefox's extension mechanism has a similar problem with its installer, but:

    The extension installation mechanism is part of Firefox, not the Gecko HTML display object, so applications using gecko aren't automatically exposed as well.

    The Firefox extension API does not depend on the installer's behaviour, it's possible for Firefox to switch to a more secure download-and-install design without breaking any applications.

    The user interaction requires three separate steps, and there's no path through those steps that simply answering "yes" by reflex will result in the extension being installed.

    In addition, in Windows, there have been a number of attacks that involved tricking the HTML control into thinking that a remotely downloaded object was local... or even already installed. This approach is not possible in Firefox because instead of allowing plugins to run from anywhere except the places it thinks are dangerous, it doesn't allow plugins to run from anywhere except a specific directory that's got a randomly generated name in its path so it can't be targeted by a download.

    I would still recommend using a shell other than Firefox around a Gecko- or KHTML- based browser. I use Camino (Gecko) and Safari (KHTML) on Mac OS X, but I'm sure there are equivalents to these for Windows. But regardless, the exposure from using Firefox is so far less than using IE that if Firefox and IE are your only choices... use Firefox.

    I do not recommend using the Netscape browser, because of the way it allows the use of either Gecko or the Microsoft HTML control.

  3. Boot time MAY be relevant, but... on yellowTAB's Zeta 1.0 Reviewed · · Score: 3, Informative

    The short boottime is something that has always been a huge selling point for the Be to me, as I hate slow-booting operating systems (luckily OS X has good sleep/wake functionality, else it would be such a pain to use).

    Boot time can actually be relevant... but you have to know what it means. By itself it's only an issue if it extends into mainframe-class hour-long melodramas, because rebooting the computer is not something you should need to do all that often.

    % uptime
    9:18AM up 702 days...
    % uptime
    7:18AM up 217 days...
    % uptime
    9:18AM up 50 days...
    % uptime
    9:18AM up 73 days...

    Windows "boots fast" because it puts up the login dialog as soon as the graphics subsystem has initialised far enough to display it, and because it preloads a lot of the files it uses during boot. These tricks provide an illusion of performance but don't actually do anything to make the system run any better while you're actually using it.

    BeOS has a big advantage over Windows NT and UNIX-based systems like Linux and Mac OS X. It doesn't actually have a lot to do during the boot process... there's no multi-user support and very little background processing, most of what it's doing is loading drivers and starting the desktop. And it's a relatively lightweight desktop, more like Windowmaker than Gnome or KDE.

    This is laudable, for a dedicated desktop OS, but it does mean that "boot time" isn't really a useful measurement of overall performance. It's more akin to "login time" on Windows or UNIX/OSX.

  4. What's your source of information? on yellowTAB's Zeta 1.0 Reviewed · · Score: 1

    They bought the BeOS code when Be went under.

    I don't think I've ever seen an authoritative statement from anyone one way or the other on this. I would really appreciate it if you could provide some online references.

  5. Much as I hate to say it... on yellowTAB's Zeta 1.0 Reviewed · · Score: 2, Informative

    Much as I hate to say something nice about Linux, I think you're relying too much on rumor and faulty memory.

    BeOS was usable on the desktop when Linux was just a little toy [...]

    Word Perfect for Linux, one of the early commercial desktop applications for Linux, came out in 1996.

    In 1996 BeOS was still demoware.

  6. Re:It's the OS, stupid! on Will You Stick with Apple, After the Switch? · · Score: 1

    Yeh, real UNIX compatibility and Office.

    I wonder if that's not the real reason Microsoft made Interix free-as-in-beer. Unfortunately, while Interix is the closest thing to a real UNIX environment on Windows that I've seen yet, they're still missing the boat.

  7. Palm has already eaten their seed corn... on Will You Stick with Apple, After the Switch? · · Score: 2, Insightful

    And just as soon as Apple subsumes Palm they'll have my whole personal-computing niche sewn up.

    I'm not sure that Palm has anything left to save at this point. The Lifedrive is a lunatic device, and now they're talking about Linux? What's left of Palm that would be worth subsuming?

  8. Jobs has done too god a job of being a maverick. on Will You Stick with Apple, After the Switch? · · Score: 1

    Please, provide us with some evidence that Apple will fully implement TC.

    I don't expect them to, but Jobs stated reason for the switch are ludicrous so I do expect that there's going to be another "one more thing" shoe to drop. I don't know what that's going to be, and I can't rule out the possibility that there's some truth to one of the various DRM fantasies that have been trotted out.

    It would contradict things Jobs has said in the past, but after him backing down on "No ugly monitors on nice Macs" and the Intel switch itself a 180 on DRM isn't inconceivable any more.

  9. Strong DRM will be a nightmare. on Will You Stick with Apple, After the Switch? · · Score: 1

    Unless "DRM nightmare" means "any DRM" to you.

    Any DRM that's more than a token is a nightmare. Weak DRM, something that's just strong enough to remind you it's there, that's acceptable. Strong DRM, something that's capable of keeping a dedicated attacker from unlocking the content, can not be implemented without crippling ordinary use of the computer... because there's just too many ordinary activities that depend on the capabilities that would be used to bypass the DRM. Windows users have already run into this... even people at Microsoft have blogged about how IRM (Intellectual Rights Management, another term for DRM) has forced them to give up software they'd been using to mod the look and feel of Windows.

    If it involves a hardware component that can't be bypassed when you need it, that's a problem, because the only reason for requiring that kind of step is to introduce strong DRM.

    My guess: some iTunes-level DRM that most users will be able to live with.

    iTunes DRM is only something "most users can live with" because it's hardly more than a hint. It's not just easily bypassed, Apple practically tells you to bypass it by burning unprotected Audio CDs as backups. DRM that goes down to the hardware level will not be something "most users can live with".

    I don't want to be forced into making a choice between an OS that doesn't suck and strong DRM, and I hope you're right that Apple won't take that step... but I'm by no means as confident as you.

  10. Re:Can't wait! on Will You Stick with Apple, After the Switch? · · Score: 1

    Man, I can't wait to get my hands on a 17" PB with an intel processor that will go twice or thrice as fast as my current PB.

    If that's what you're expecting you're just setting yourself up for a disappointment. The switch is actually going to mean you'll be waiting longer for a significantly faster Powerbook, since it's unlikely Apple's going to use the new dual-CPU dual-high-speed-bus Freescale e600 now.

  11. Re:They're removing the only reason I'd buy one on Will You Stick with Apple, After the Switch? · · Score: 1

    I had been considering buying one and slapping Linux on it because I'm interested in the PPC architecture.

    So, what's stopping you? You can get a real good deal on one now people are irrationally dumping them. It's not like any of your Linux/PPC software is going to end up dependent on the PPC itself.

  12. Re:A better list on Five PC Innovations the Industry Should Get To · · Score: 1

    The problem with using software abstractions to eliminate the distinction between disk and RAM is that it doesn't eliminate the performance differences: disk access will still be thousands of times slower than RAM access. For some programs, performance may be unimportant, but many programs (games, audio, video, real-time apps, etc) it's critical that the software know when it will be hitting the disk, and when it won't be.

    Real-time applications (and all the applications you listed are real-time) are already compromised by virtual memory. Remember the old sayings: "Memory is like sex, it's better when it's real" and "Virtual Memory means Virtual Performance".

    And yet they seem to work... even when my poor little computer is swapping its heart out.

    You see, techniques that are used to mitigate the already existing problems of virtual memory can be applied here: so long as your working set is in memory, it doesn't matter how your memory is implemented. Simply declare the objects that you will need for the duration of the real-time task as "important", and it will be as good as reading them in.

  13. Re:I'll be switching to Apple on Will You Stick with Apple, After the Switch? · · Score: 1

    PPC is like Matrox video cards, every few years they release a new version that is the best thing on the planet, then two months later it's slow compared to everything else.

    The G5 increased in speed by 34% between the time Apple announced the Powermac G5 and the time they announced they were switching.

    The Pentium 4 increased in speed by 26% over the same period.

    Moore's Law is dead. The G5 had the bad luck to show up just in time for the wake.

  14. Re:A hit from the crackpipe? on Will You Stick with Apple, After the Switch? · · Score: 1

    I'm skipping out on a lifetime of mac loyalty and I'm going to run *NIX even though it's UI is terrible.

    So you're still using OS 9, eh?

  15. DJ on the iPod? on Video iPod May Arrive in September · · Score: 1

    I had this sudden vision of someone scratching with the click-wheel.

  16. Re:This confirms that "As Seen on TV" was just BS on Video iPod May Arrive in September · · Score: 1

    I don't know who else was following along with the claims of "As Seen on TV" of being a big shot at apple but here he pretty much states there will never be a video ipod from apple.

    I guess that means Steve Jobs isn't "a big shot at Apple", either.

  17. Re:A better list on Five PC Innovations the Industry Should Get To · · Score: 1

    What would be good for him would be low-cost battery-backed disks.

    I was responding to "this will allow the OS to get rid of the (largely unnecessary and unintuitive) distinction between "disk" and "RAM" -- everything just becomes "storage".". The thing about this is that virtual memory already lets you treat everything as "just storage", you don't have to actually have physical silicon RAM to have an API based on mapping storage into your address space. In fact Multics, the system that inspired UNIX, worked that way.

    Multics was ahead of its time: 256 kwords wasn't a large enough address space to pull it off, so they still had to have a file system and they had to develop an overlay mechanism to map large files. But even though Multics ultimately failed, the approach of having the fundamental object the OS looks at being "storage" rather than "files" is very old and entirely orthogonal to how the storage is actually implemented.

  18. Re:Why is everybody saying Apple has a monopoly? on Bill Gates Swears Vow Against 'Son of iPod' · · Score: 2, Funny

    What is the problem?

    The problem is that Microsoft isn't getting a free pass from the market for a change, so their hired legislators are casting aspertions and viewing in alarm and so on.

    Microsoft actually has a plausible business case for not supporting the Mac, by the way. Apple doesn't have a strong DRM framework! iTunes doesn't have components that run in the kernel to keep people from hooking in to the audio stream after it's decrypted and before it's converted to analog! My god, can you imagine what would happen if people could do that! Chaos! Anarchy! Dogs and cats living together! Someone might even burn a track to an audio CD and then rip it back to... wait... don't they allow that anyway? Oh, hush, don't tell anyone...

  19. Re:Why is everybody saying Apple has a monopoly? on Bill Gates Swears Vow Against 'Son of iPod' · · Score: 1

    I think it's the iTunes/iPod thing, they're complaining that you can't buy an iPod and play music from Real or get a Rio and play music from the iTMS.

    The problem is that the solution the people who complain the most about it pose... forcing everyone to use the same DRM scheme... creates an even stronger monopoly than anything the market itself could lead to.

  20. Microsoft is missing the "culpa" part... on Bill Gates Swears Vow Against 'Son of iPod' · · Score: 1

    Not only has Microsoft not admitted responsibility for the biggest mistake they made, they haven't recognised it as a mistake, and they fought the Department of Justice to a standstill over their right to keep making it. Now they're trying to push a supposedly-fixed but more elaborate and pervasive version of the same mistake.

    I'm talking, of course, about what started as Active Desktop and has now spawned "dot NET". The fundamentally broken design that grants rights to displayed or embedded objects based on an ad-hoc "security zone" model can never work. It doesn't matter what certificates, security applets, or warning dialogs you apply, it should never be possible to launch potentially untrusted code outside a sandbox without an explicit request from an actual human being.

    The rot is spreading, too. Thanks to Microsoft's Big Lie becoming Conventional Wisdom, both Safari and Firefox have in very small ways picked up similar bad habits... though at least they haven't made them part of an API that important applications depend on, they're not built into the HTML display component itself, and they can be disabled.

  21. Speaking of Wikipedia, the AACS entry... on Bill Gates Swears Vow Against 'Son of iPod' · · Score: 1

    Wikipedia seems pretty dismissive of AACS,
    though of course Wikipedia is by definition not authoritative.

  22. Re:Here's what I wanna see... on Five PC Innovations the Industry Should Get To · · Score: 1

    We are still using a variation of the commodore architecture.

    Would that be the one where the file system is in the disk drive, or the one where the OS actually provides a real-time GUI on a CPU that's slower than any five year old PDA?

    Or is "Commodore" the only 8-bit computer maker you can think of?

  23. Here's what I wanna see... on Five PC Innovations the Industry Should Get To · · Score: 1

    1. A real GUI shell. One where you can build your shell pipelines graphically, give the punters an idea of why the whole idea of pipes and filters is really cool.

    2. Windows system based on passing OpenGL scripts around. Postscript with enhancements or Javascript, I don't care, so long as I can run inherently safe applets in the GPU, over a network.

    3. A 3d GUI that pays attention to the fact that easy games don't throw you into a "free-flight" mode. I don't want to cruise around a first-person-shooter, that's too bloody hard... figure out something the 3rd dimension can MEAN (I like the idea of making it 'attention'... Windows you're not using automatically drift off into the distance and turn into 3d icons when they get far enough away).

    4. You shouldn't need to use a different API to run applications locally, on a server, or anywhere else. X11 kind of hides that by making everything remote, but Plan 9 and 8½ did it better. Ideally, you should be able to use the same API even from user or kernel mode.

    5. A common programming language that doesn't suck fossilized maggots from a jurassic midden.

  24. Re:A better list on Five PC Innovations the Industry Should Get To · · Score: 1

    If the OS is going to do away with the distinction between "disk" and "RAM", then it can do that without getting rid of physical "disk" and "RAM", thanks to the miracle of virtual memory. That's what Multics was heading for, back in the '60s. You've heard of Multics, right? No? How about Unics?

  25. Re:WEP support? on $99 Linux Handheld with WiFi for Instant Messaging · · Score: 1

    WEP-128 is not more secure than conventional WEP-64 (WEP-40).

    It's no harder to do, so there's no point doing less except for political reasons, and I would assume that anything that can do either can do both. The description in TFA didn't indicate it could do that much.

    Please do note that I said "minimally secured".