I'm fairly certain that any DRM requires you to have either specific software or specific hardware on your machine. Of the two, software is less intrusive.
I'm not sure what you mean by "takes over system functions".
Certainly I'm not sure what software iTunes forces you to download, unless you're referring to QuickTime (a dependency) or Safari (which it doesn't force you to download).
Why would he be in a position to know the truth? He hasn't claimed he's seen them himself, only that he's been briefed on them. If there is an enormous government conspiracy to hide it, then the briefing was highly classified and by so obviously leaking it, he's taking an enormous risk. Unless the government had reason to believe they'd encounter aliens on their trip, then he probably has no need-to-know, so it's unlikely he'd have even been briefed. If the need-to-know is so broad as to include astronauts, then an enormous number of people (in, apparently, many governments) have been briefed on it, which is not conducive to good information security, yet there have been no definitive government leaks.
Appropriately, the article doesn't specify. The paper, on the other hand, does. (Of course, if Information Week has almost exclusively US readership, it's not really necessary for them to specify. Slashdot should, but really, what do you expect from a summary?)
Is your statement about banks in the UK giving out card readers insinuating that the rest of the world's banks don't give out card readers, or are you so parochial that you have forgotten that 99% of humanity is not in the UK?
So, first part. An attacker is trying to poison a DNS cache. Generally, he'd be interested in poisoning a DNS server that's a caching server for a group of people, like one run by a regional ISP. An efficient way of getting a poisoned record into its cache is to issue a request to that server, and then immediately send a forged response to the server. So, for example, I issue my local nameserver a request for abcd.google.com. It doesn't have this cached (you don't say!), so it starts trying to resolve it. I quickly send it a forge response for abcd.google.com, and it believes me. Transaction IDs make this a slim chance that it'll believe me, but it's still a chance, and I can issue a ton of requests to different fake addresses.
The answer to the second part is tricky. Basically, say I want to resolve mail.google.com. I have nothing about google.com in my cache. So I contact the nameserver for.com. It isn't authoritative for the google.com domain, but it knows who is, and it tells me so. (Say that it's ns.google.com.) Knowing ns.google.com is the nameserver for that domain is useless without its IP address, so it tacks on a glue record that gives me the address of ns.google.com. Now I can contact ns.google.com to ask it the IP of mail.google.com.
Originally, these records were just accepted. This is a huge security hole: I could request bob.domainiown.com, send a legitimate response (I control domainiown.com), and tack on a record telling them where ns.google.com is, even though I'm not authoritative for that. Now, such a record can only be attached to a request that is in the same domain, so I need to ask for bob.google.com to attach an ns.google.com record, which requires me to forge a response.
There are a number of situations where these auxiliary records are necessary, so they can't just be ignored. However, they shouldn't be cached -- they should be used only for the one request that generates them.
It only works because the DNS server caches the result of the glue record, against the recommendation of the above writer.
The glue record is necessary if, say, you need to provide the address of a nameserver when you provide the name of the authoritative nameserver for a query. You should use that glue record for that query only.
What happens is that an attacker queries lbixds.google.com (or some other nonexistent domain) and then sends the server he issued that request to a response to that query that also has a glue record giving a false address for ns.google.com. If the DNS server only used that false address for resolving lbixds.google.com, cached lbixds.google.com, and left it at that, then lbixds.google.com would be the only entry the attacker could poison -- basically useless. However, the DNS server caches the glue record giving the address for ns.google.com, too.
I'm sure you realize that's not true in a more overall sense. In any fission reaction, you permanently lose a part of the reaction materials that is unrecoverable. (Part of that is what you take out as usable work, for nuclear power plants.) It is still nonrenewable.
Breeder-reactors create a different sort of fissile material using byproducts of a fission reaction. I don't recall the reactions off the top of my head, but you could then react this new material in a breeder-reaction to produce more fissile material. Eventually, however, you'll end up with non-fissile material. There's a finite amount of energy extractable from, say, uranium, even including all breeder-reactor byproducts.
It's just that by comparison, current reactors are terribly wasteful.
It's assuredly complete coincidence that after Firefox 3 is released, Apple releases a Safari update that is, in large part, adding features introduced in Firefox 3.
If you hadn't stopped reading "scientific" literature in February of 2007, you might know that claim has since been retracted. No, "big science" didn't get to him -- it's just that warming due to Solar forcing (which accounts for Martian heating) is already accounted for in terrestrial models.
Not that I'm claiming Car and Driver has a "stance" on global warming they heavily prefer, but that statement is simply untrue. Volcano CO2 output is dwarfed by human CO2 output.
On the other hand, odds of 1:10^80 are pretty palatable.
A paper recently posted on Slashdot uses other stars in the Universe as detectors for the possibility of this kind of destructive behavior, starting from first principles, and finds that destruction will not occur.
The likelihood of something destructive happening are so small that colloquially they should be called "impossible".
I had actually forgotten about that. It's certainly possible the two are related. Time Warner could be telling the truth about their reasons. They could also be using the "suggestion" to stop hosting some Usenet as an excuse / opportunity to stop hosting all of it. I don't know, but I'll freely admit it's a possibility.
I guess I should have been more clear -- it doesn't appear that the "request" was to stop hosting Usenet altogether, but to stop hosting some particular newsgroups.
Unless they want to try to effectively kill off Usenet altogether, I don't see encouraging ISPs to stop hosting it as a smart move, as it could boost the popularity of non-ISP Usenet hosts.
It appears all they're doing is not hosting in their local NNTP cache the listed newsgroups. They're not blocking ports, blocking all Usenet access, or ceasing hosting of Usenet.
Of course this doesn't make it impossible to get CP. But it does reduce the avenues for accessing it. Claiming that is pointless because there's "another way to get it" is like saying there's no sense in locking your door. A sufficiently motivated thief will gain entry.
And according to the FCC, they're not allowed to throttle P2P traffic.
They're only blocking enumerated newsgroups that are primarily used for trading CP, not blocking all access to newsgroups. Further, the only blocking of newsgroups they're doing is restricting what newsgroups they are hosting locally.
Likewise, the only action they're taking against websites is removing sites with CP (illegal content that is against their terms of service, which they're well within their rights to remove) that are hosted on their network -- not blocking access to some list of sites.
It doesn't seem that the author of TFA read the freakin' (original) article.
Going after the predators is something the police already do. It's difficult and it's expensive. They also get pretty good cooperation from ISPs (to find out, for example, who was associated with a given IP address at a particular time).
This may primarily be to restrict consumption of illicit material produced outside of US jurisdiction. Despite what the article says, I haven't seen any actual evidence that the "agreement" is to stop carrying Usenet newsgroups.
This didn't work very well with the dinosaurs. Having discovered the dangers of global warming, they hid their precious oil and coal reserves deep below the surface of the earth. We managed to dig them up long before discovering their dangers!
Yes; some of the tools it has perform live evidence acquisition to powered-on systems. It's not safe to assume a powered-on system where the encrypted drive has been disconnected is safe, as keys may remain in memory. But if the PC is off (and especially if free disk blocks, virtual memory and sleep files, etc. are scrubbed), this doesn't do anything.
I agree. If everyone were to switch to a single standardized, cross-platform DRM system, then a lot less reverse engineering would need to be done.
I'm fairly certain that any DRM requires you to have either specific software or specific hardware on your machine. Of the two, software is less intrusive.
I'm not sure what you mean by "takes over system functions".
Certainly I'm not sure what software iTunes forces you to download, unless you're referring to QuickTime (a dependency) or Safari (which it doesn't force you to download).
On the other hand, 2.4 GHz does seem to be an absorption band for water, which is sort of surprising. (Maybe it's not -- not my area of expertise.)
Not really "ending in your ear", but yes. It's a conductor that runs from the phone to your head, so it can act as an antenna.
You expect people to believe you when you claim that water is an atom?
Hint: it's a molecule.
Also, IIRC, the concern is cancer caused by ionizing radiation, not thermal damage cause by exciting harmonics in water.
Why would he be in a position to know the truth? He hasn't claimed he's seen them himself, only that he's been briefed on them. If there is an enormous government conspiracy to hide it, then the briefing was highly classified and by so obviously leaking it, he's taking an enormous risk. Unless the government had reason to believe they'd encounter aliens on their trip, then he probably has no need-to-know, so it's unlikely he'd have even been briefed. If the need-to-know is so broad as to include astronauts, then an enormous number of people (in, apparently, many governments) have been briefed on it, which is not conducive to good information security, yet there have been no definitive government leaks.
100 years ago was 1908. Marconi had successfully demonstrated transatlantic wireless communication seven years previous.
Appropriately, the article doesn't specify. The paper, on the other hand, does. (Of course, if Information Week has almost exclusively US readership, it's not really necessary for them to specify. Slashdot should, but really, what do you expect from a summary?)
Is your statement about banks in the UK giving out card readers insinuating that the rest of the world's banks don't give out card readers, or are you so parochial that you have forgotten that 99% of humanity is not in the UK?
Most of these routers don't run caching, recursive resolvers -- they just forward the request to your ISP's DNS server. As such, they are immune.
So, first part. An attacker is trying to poison a DNS cache. Generally, he'd be interested in poisoning a DNS server that's a caching server for a group of people, like one run by a regional ISP. An efficient way of getting a poisoned record into its cache is to issue a request to that server, and then immediately send a forged response to the server. So, for example, I issue my local nameserver a request for abcd.google.com. It doesn't have this cached (you don't say!), so it starts trying to resolve it. I quickly send it a forge response for abcd.google.com, and it believes me. Transaction IDs make this a slim chance that it'll believe me, but it's still a chance, and I can issue a ton of requests to different fake addresses.
The answer to the second part is tricky. Basically, say I want to resolve mail.google.com. I have nothing about google.com in my cache. So I contact the nameserver for .com. It isn't authoritative for the google.com domain, but it knows who is, and it tells me so. (Say that it's ns.google.com.) Knowing ns.google.com is the nameserver for that domain is useless without its IP address, so it tacks on a glue record that gives me the address of ns.google.com. Now I can contact ns.google.com to ask it the IP of mail.google.com.
Originally, these records were just accepted. This is a huge security hole: I could request bob.domainiown.com, send a legitimate response (I control domainiown.com), and tack on a record telling them where ns.google.com is, even though I'm not authoritative for that. Now, such a record can only be attached to a request that is in the same domain, so I need to ask for bob.google.com to attach an ns.google.com record, which requires me to forge a response.
There are a number of situations where these auxiliary records are necessary, so they can't just be ignored. However, they shouldn't be cached -- they should be used only for the one request that generates them.
It only works because the DNS server caches the result of the glue record, against the recommendation of the above writer.
The glue record is necessary if, say, you need to provide the address of a nameserver when you provide the name of the authoritative nameserver for a query. You should use that glue record for that query only.
What happens is that an attacker queries lbixds.google.com (or some other nonexistent domain) and then sends the server he issued that request to a response to that query that also has a glue record giving a false address for ns.google.com. If the DNS server only used that false address for resolving lbixds.google.com, cached lbixds.google.com, and left it at that, then lbixds.google.com would be the only entry the attacker could poison -- basically useless. However, the DNS server caches the glue record giving the address for ns.google.com, too.
I'm sure you realize that's not true in a more overall sense. In any fission reaction, you permanently lose a part of the reaction materials that is unrecoverable. (Part of that is what you take out as usable work, for nuclear power plants.) It is still nonrenewable.
Breeder-reactors create a different sort of fissile material using byproducts of a fission reaction. I don't recall the reactions off the top of my head, but you could then react this new material in a breeder-reaction to produce more fissile material. Eventually, however, you'll end up with non-fissile material. There's a finite amount of energy extractable from, say, uranium, even including all breeder-reactor byproducts.
It's just that by comparison, current reactors are terribly wasteful.
It's assuredly complete coincidence that after Firefox 3 is released, Apple releases a Safari update that is, in large part, adding features introduced in Firefox 3.
You'll notice he said Safari 3.1, not Safari in general.
If you hadn't stopped reading "scientific" literature in February of 2007, you might know that claim has since been retracted. No, "big science" didn't get to him -- it's just that warming due to Solar forcing (which accounts for Martian heating) is already accounted for in terrestrial models.
Not that I'm claiming Car and Driver has a "stance" on global warming they heavily prefer, but that statement is simply untrue. Volcano CO2 output is dwarfed by human CO2 output.
On the other hand, odds of 1:10^80 are pretty palatable.
A paper recently posted on Slashdot uses other stars in the Universe as detectors for the possibility of this kind of destructive behavior, starting from first principles, and finds that destruction will not occur.
The likelihood of something destructive happening are so small that colloquially they should be called "impossible".
I had actually forgotten about that. It's certainly possible the two are related. Time Warner could be telling the truth about their reasons. They could also be using the "suggestion" to stop hosting some Usenet as an excuse / opportunity to stop hosting all of it. I don't know, but I'll freely admit it's a possibility.
I guess I should have been more clear -- it doesn't appear that the "request" was to stop hosting Usenet altogether, but to stop hosting some particular newsgroups.
Unless they want to try to effectively kill off Usenet altogether, I don't see encouraging ISPs to stop hosting it as a smart move, as it could boost the popularity of non-ISP Usenet hosts.
It appears all they're doing is not hosting in their local NNTP cache the listed newsgroups. They're not blocking ports, blocking all Usenet access, or ceasing hosting of Usenet.
Of course this doesn't make it impossible to get CP. But it does reduce the avenues for accessing it. Claiming that is pointless because there's "another way to get it" is like saying there's no sense in locking your door. A sufficiently motivated thief will gain entry.
And according to the FCC, they're not allowed to throttle P2P traffic.
They're only blocking enumerated newsgroups that are primarily used for trading CP, not blocking all access to newsgroups. Further, the only blocking of newsgroups they're doing is restricting what newsgroups they are hosting locally.
Likewise, the only action they're taking against websites is removing sites with CP (illegal content that is against their terms of service, which they're well within their rights to remove) that are hosted on their network -- not blocking access to some list of sites.
It doesn't seem that the author of TFA read the freakin' (original) article.
Going after the predators is something the police already do. It's difficult and it's expensive. They also get pretty good cooperation from ISPs (to find out, for example, who was associated with a given IP address at a particular time).
This may primarily be to restrict consumption of illicit material produced outside of US jurisdiction. Despite what the article says, I haven't seen any actual evidence that the "agreement" is to stop carrying Usenet newsgroups.
This didn't work very well with the dinosaurs. Having discovered the dangers of global warming, they hid their precious oil and coal reserves deep below the surface of the earth. We managed to dig them up long before discovering their dangers!
I kid, I kid.
Buried radioactive toxic waste is pretty tame compared to the various hazards of space and exploring unknown planets.
Yes; some of the tools it has perform live evidence acquisition to powered-on systems. It's not safe to assume a powered-on system where the encrypted drive has been disconnected is safe, as keys may remain in memory. But if the PC is off (and especially if free disk blocks, virtual memory and sleep files, etc. are scrubbed), this doesn't do anything.