Seems to me that a system for implementing one-click ordering should be patentable--much in the way a design for a cash register might be I don't think so. It's just too broad. The way I "bought" office supplies in Japan was exactly the same. You entered the supply store, showed your badge to get a basket and an optical scanner, then as you put stuff into the basket, you scanned it with the scanner and then on the way out, a clerk would check the list on his screen against what you had in the basket, turn in scanner, take out your supplies.
Conceptually, that process isn't any different than one-click ordering and neither should be patentable.
It makes sense for Microsoft, or some other major vendor to do an initative like this. Duh! How do you think H. Ross Perot became a billionaire? He did it with lock-in computer equipment and software to support state governments administering the (brand new) Social Security program. EDS was nothing before that. http://www.eds.com/about/history/timeline.aspx
This is more corporate welfare to the tune of many billions of dollars of revenue to whomever they bless with the contract.
Couldn't a virus or other program running enable this "feature" without the user knowing? Basically you could set up the virus to enable the feature on shutdown, and then steal their laptop afterwards. Then when the thief boots it up, no password required. That's described in the third part of TFA, conveniently omitted by the editor. http://securology.blogspot.com/2007/10/response-to-jon-callas-pgp-encryption.html
What also surprises me about the customers that would require PGP WDE to have such a feature is the way they would have to use the feature. Since this is command line driven, this is obviously designed for use in scripting. I have a hard time fathoming an enterprise organization that would, on one hand, require the use of full disk encryption of computers and then, on the other hand, distribute a script with a hardcoded passphrase in it, presumably using a software distribution tool like Microsoft's Systems Management Server (SMS), or similar. The risk of this feature of PGP WDE notwithstanding, we are talking about admins using shared/generic/static passphrases for all or many computers stored in plaintext scripts, set to execute in mass. If the complexity doesn't accidentally disclose the default administrative passphrase, then the fact that fallible humans keeping human readable scripts in N locations used every time Microsoft releases a patch certainly will. An average security conscious IT shop running Windows products (because PGP WDE is a product for Windows) will have at least 12 opportunities per year for devices to get stolen when they are in this vulnerable "bypass" state. Does the use of this PGP WDE (or any full disk encryption vendor as Jon claims competitors have similar functionality) feature increase the risk that laptops will be stolen on the eve of the second Tuesday of every month? Except that the "virus" is an update script from IT on the eve of "patch Tuesday" (this is basically a Microsoft Windows only product) and the machine gets stolen then.
Note also that even though this password bypass feature must be enabled, there is no way to completely disable it.
I have yet to hear a serious argument for why the world will be injured by behaving as if there is an ozone or climate problem (if there is not), and so I just don't understand why anyone ever makes this argument. The problem is that there is no evidence that the kind of climate change the Global Warmers warn against is manmade.
It is a fact that the Earth has undergone periodic ice ages, followed by global warming to melt most of the ice. There's no evidence to suggest that the global warming periods of the past were caused by industrial pollution in as-yet undiscovered previous civilizations. There's considerable recent evidence to suggest that the sun can be fairly variable - the mini ice age of a few hundred years ago was accompanied by an extreme reduction in sunspots.
let's hear an argument about why it's safe to bet the future of the human raceon that theory rather than this one. The law of unintended consequences. A major side-effect of Rachel Carson's work was a resurgence in mosquito borne diseases in the tropics. Link for Dengue here http://www.dhpe.org/infect/dengue.html
In tropical countries around the world, dengue is one of the most common viral diseases spread to humans by mosquitoes. Tens of millions of cases of dengue fever and up to hundreds of thousands of cases of dengue hemorrhagic fever occur each year.
Several factors are contributing to the resurgence of dengue fever:
* No effective mosquito control efforts are underway in most countries with dengue. The solar system can be considered to be the Sun surrounded by a few rocks scattered here and there. I think it would be more scientific to start looking for the answers there, rather than somewhere else. But, that wouldn't generate the kind of funding and politics that Global Warming does.
I think we're betting the future of the human race by not getting off earth and colonizing off-planet. Unfortunately, that argument was never very popular.
Going backwards from Global Cooling, there was Rachel Carson's "Silent Spring" and DDT. Before that there was Nuclear Winter. Before that, I don't think anyone cared.
Anyone here ever met CmdrTaco? *raises hand* Yeah and Hemos too, I think. It was 1999ish at a Tokyo Linux Users Group nomikai and that evening is kind of a blur. I think we did group karaoke afterwards.
Bruce Perens was at the same table and I was the guy bitching about how hard it was to follow Slashdot in the Japanese timezone.:)
It used to be considered good etiquette to lurk for 2 to 4 weeks before joining a discussion group. I do recall that when I finally signed up was around the time moderation was being introduced.
It's fair that I have a high user id, I don't remember Chips & Dips at all.
If you click on a mute button and drag across multiple tracks, it mutes all of them just like it would if you drug your finger across the mute buttons on a console. That differs somewhat from this patent. In this patent if you click a checkbox to mute, then drag it across a checkbox that is already in mute state, it would have to unmute it. The key word appears to be "toggle".
I think I implemented exactly this kind of interface in the mid '80s, though I would have to check the code (which I no longer have) to be sure. I know I had multiple checkbox selection and deselection by click and drag, it just seems likely that I would have done toggle too.
Personally, I would consider this kind of interface obvious. But thank you kdawson for yet another article with a totally clueless title. This certainly is not about patenting "checking a box".
His job is to say "no" to ill-advised "features". Naturally, some people aren't going to like that. If you want ill-advised "features" stay with Microsoft Windows XP or whatever.
Saying "no" is the toughest job in the world, but in this case it's a bit different. If you read further down in the thread this article was quoted from, you'd see that the purpose of LSM was so that Linux could keep going forward rather than being engaged in endless security flame wars.
Security is hard and in my own experience MLS guys can be real assholes. I cannot fault Linus for the decisions he made. Based on my own reading of the Smack code, I would think it merits inclusion - it looks very clean.
are you really going to go into people's houses and see if they have a pirated version of Photoshop? Speaking of Photoshop and this topic, perhaps the worst boss I've ever had with respect to keeping code proprietary thought nothing of the matter of having his son use pirated Photoshop (or stealing other programs). I wrote some great code for that man, I (almost[1]) wish it was still alive.
[1] Not really. It was hosted on SCO Unix and I'm glad SCO Unix is DEAD, DEAD, DEAD.
I'm curious if they've factored in the value of consumer good will... I will argue the same point I argued when we were discussing Microsoft's targeted advertising in the basic O/S patent. Isn't it a good thing to make outsourcing more expensive for US companies?
I hope they make the patent licensing prohibitively expensive, but even if they make licensing cheap, it will still raise the cost of outsourcing and I view that as generally a good thing.
Al Viro posted the source code to the Version 7 Unix implementation of chroot on the cited lkml thread, by the way.
Networking has everything to do with it. Chroot restricts a process' view of the file system. Only. While an original Unix design goal was "everything is a(n untyped) file", this was never achieved. Device nodes, while they are files, are special kinds of files. BSD-style networking while accessed through file descriptors are in a different namespace, actually multiple namespaces because TCP and UDP have different namespaces. These both represent corner cases that must be dealt with specially if they are to be restricted in a chroot environment. Lastly, root has traditionally been all powerful and allowed to do anything, however much it may not make sense. You put all this together and you end up with an interface with dozens of holes in it that must all be coded for specially. This is a fruitless and error prone task and much like attempting to kill off an infestation of cockroaches by killing a handful at a time while the queen is busy laying 10s of thousands of new eggs somewhere hidden.
It is better to forget about chroot and all its "problems" and leave it for what it's best at, more or less restricting the filename namespace. I posted two examples of my own usage of this earlier. If you want a secure jail, design for it and code for it in a different interface. The BSDs have a jail (which I don't know anything about other than it's not chroot). On the Linux side, there are several ongoing projects that handle the universe of restricted namespaces as part of their original design. Either of those two, can be made secure. Virtualization via hypervisor is another more promising with respect to security approach.
So what's wrong with chroot? Nothing is wrong with chroot. What's wrong are people's misconceptions of it. It is not a security function.
Are they really a major public health risk in some areas? Indeed, think third world. One of the first lessons I got in Manila was to always assume any liquid on the ground was urine.
Last week the articles were about the head of ZTE being golfing buddies with the 1st gentleman. That's always a good way to sell a network...
Wireless coverage is very important there. The average home does not have a landline telephone, but does have at least one cellphone. Dialup and cable are simply not options.
I was in an unfortunate marriage to a Soka Gakkai and I read all their literature (including IKEDA's autobiography), made trips to their temple in Shinano machi and got all the lectures. Been there, done that, and still have the scars from the experience.
Have you by any chance read their printed newspaper? I have. They appear to worship that guy and that seems more like a cult than a religion to me.
It doesn't make sense. Using chroot(2) for security is like trying to fit a round peg into a square hole that it was never intended to go into.
It also doesn't make sense that certain inbound TCP ports are restricted to being bound only by root, but that's the reality we have to live with.
<Thought-experiment> Wrap your mind around the fact that it is Microsoft Windows userland now that causes most of its insecurity. If you could cleanly separate Microsoft Windows userland and run it under an Open BSD kernel, it would still be insecure. Conversely, if you could run an Open BSD userland under a Microsoft Windows kernel, it most likely would be more secure (sans Microsoft programming and design errors). </Thought-experiment>
Chroot will not and cannot defend against the ill-advised practice of running binaries ("trusted" or not) received off host. Yes, I'm also looking at you Mac OS X, which is otherwise a lovely system.
That sounds about right. My first serious use of chroot(2) was dealing with b0rken systems when my emergency root floppy had different versions of critical shared libraries (HJ Lu's forked libc5 was always much more space efficient than the GNU version). It is also useful building userland from scratch bootstrapped off a system with much older or different shared libraries, not much different than Joy's original usage it seems.
Useful, oh yes. Something to secure your system with, hell no.
I don't think you can consider the domestic Japanese market as a "test market". The rules are very different.
Everyone in Japan has a cellphone, including children. That means the market is saturated except that it isn't. The Japanese are masters at kaizen engineering - making a series of small steady improvements on something until it is far superior to anything else. As for cellphones, there is constant pressure to upgrade your phone every ten months or so. This is encouraged by practically giving the phones away in return for a fixed contract (mine was ten months).
Cellphone usage is futher promoted by idiotic NTT policy - ~US$1000 to purchase the right to purchase a landline when I was there. There were rumors that they were going to change that, but there are always rumors in Japan.
The domestic Japanese market is a perfect breeding ground for developing killer cellphone technology and indeed, the "3g" phones that are finally available in the US approach the functionality I had in my cellphone in Japan in 2002. (I don't know why T9 dictionary support is so terrible when it is much harder to support inputing Japanese text and the Japanese phones I had all had decent input methods).
The Bud(weiser) Screen of Death http://www.bbspot.com/News/2002/10/bsod_ads.html is pretty funny.
"Picture this, you're working late at night on a crucial project. Your computer crashes. You've lost all your important work. It's definitely time for a beer, and we'll be there to remind you that the beer should be a beechwood-aged Budweiser."
It doesn't. There isn't difference between "fuck", "f**k" or even "fsck" if used as an expletive. Alternative spellings are just pathetic (much the same as writing "M$", "Micro$oft", Shrub, Hitlery, etc.) and only shows that the author is mentally challenged.
Does anyone remember the Wally George "Hot Seat" show on local LA television in the early 80's? He had an extremely effective flaming style. He'd quote back things the guest had said or written, have his studio audience howl in laughter or boo, then when the guest starts to protest, have him forcibly removed from the stage by armed guards.
Sadly, Wally appears to have gone on to coach the President of the United States and certain presidential candidates.
Let Mr. Lyons alone. He admitted fault. That works for me.
Maybe not you in particular, but a single exception does not disprove a general rule.
About the time I was moving to Tokyo from another part of Japan, there was a(n in) famous poll posted that indicated that salarymen and their wives who lived in metro Tokyo spent less than 5 minutes on average per day talking to each other. I spent enough time talking to people that I took the poll seriously.
I suspect this survey isn't that much different.
You're also making a big mistake if you think they are referring to something occurring only in the US.
More interesting than sex? Definitely. I was going to ask you what on the internet would qualify that statement, but on second thought, never mind. Let's not go there.
Slashdot Mirror
20 quatloos on the newcomers.
Conceptually, that process isn't any different than one-click ordering and neither should be patentable.
This is more corporate welfare to the tune of many billions of dollars of revenue to whomever they bless with the contract.
http://securology.blogspot.com/2007/10/response-to-jon-callas-pgp-encryption.html What also surprises me about the customers that would require PGP WDE to have such a feature is the way they would have to use the feature. Since this is command line driven, this is obviously designed for use in scripting. I have a hard time fathoming an enterprise organization that would, on one hand, require the use of full disk encryption of computers and then, on the other hand, distribute a script with a hardcoded passphrase in it, presumably using a software distribution tool like Microsoft's Systems Management Server (SMS), or similar. The risk of this feature of PGP WDE notwithstanding, we are talking about admins using shared/generic/static passphrases for all or many computers stored in plaintext scripts, set to execute in mass. If the complexity doesn't accidentally disclose the default administrative passphrase, then the fact that fallible humans keeping human readable scripts in N locations used every time Microsoft releases a patch certainly will. An average security conscious IT shop running Windows products (because PGP WDE is a product for Windows) will have at least 12 opportunities per year for devices to get stolen when they are in this vulnerable "bypass" state. Does the use of this PGP WDE (or any full disk encryption vendor as Jon claims competitors have similar functionality) feature increase the risk that laptops will be stolen on the eve of the second Tuesday of every month? Except that the "virus" is an update script from IT on the eve of "patch Tuesday" (this is basically a Microsoft Windows only product) and the machine gets stolen then.
Note also that even though this password bypass feature must be enabled, there is no way to completely disable it.
It is a fact that the Earth has undergone periodic ice ages, followed by global warming to melt most of the ice. There's no evidence to suggest that the global warming periods of the past were caused by industrial pollution in as-yet undiscovered previous civilizations. There's considerable recent evidence to suggest that the sun can be fairly variable - the mini ice age of a few hundred years ago was accompanied by an extreme reduction in sunspots. let's hear an argument about why it's safe to bet the future of the human raceon that theory rather than this one. The law of unintended consequences. A major side-effect of Rachel Carson's work was a resurgence in mosquito borne diseases in the tropics. Link for Dengue here http://www.dhpe.org/infect/dengue.html In tropical countries around the world, dengue is one of the most common viral diseases spread to humans by mosquitoes. Tens of millions of cases of dengue fever and up to hundreds of thousands of cases of dengue hemorrhagic fever occur each year. Several factors are contributing to the resurgence of dengue fever:
* No effective mosquito control efforts are underway in most countries with dengue. The solar system can be considered to be the Sun surrounded by a few rocks scattered here and there. I think it would be more scientific to start looking for the answers there, rather than somewhere else. But, that wouldn't generate the kind of funding and politics that Global Warming does.
I think we're betting the future of the human race by not getting off earth and colonizing off-planet. Unfortunately, that argument was never very popular.
Going backwards from Global Cooling, there was Rachel Carson's "Silent Spring" and DDT. Before that there was Nuclear Winter. Before that, I don't think anyone cared.
Bruce Perens was at the same table and I was the guy bitching about how hard it was to follow Slashdot in the Japanese timezone.
It used to be considered good etiquette to lurk for 2 to 4 weeks before joining a discussion group. I do recall that when I finally signed up was around the time moderation was being introduced.
It's fair that I have a high user id, I don't remember Chips & Dips at all.
I think I implemented exactly this kind of interface in the mid '80s, though I would have to check the code (which I no longer have) to be sure. I know I had multiple checkbox selection and deselection by click and drag, it just seems likely that I would have done toggle too.
Personally, I would consider this kind of interface obvious. But thank you kdawson for yet another article with a totally clueless title. This certainly is not about patenting "checking a box".
His job is to say "no" to ill-advised "features". Naturally, some people aren't going to like that. If you want ill-advised "features" stay with Microsoft Windows XP or whatever.
Saying "no" is the toughest job in the world, but in this case it's a bit different. If you read further down in the thread this article was quoted from, you'd see that the purpose of LSM was so that Linux could keep going forward rather than being engaged in endless security flame wars.
Security is hard and in my own experience MLS guys can be real assholes. I cannot fault Linus for the decisions he made. Based on my own reading of the Smack code, I would think it merits inclusion - it looks very clean.
They can't patent this. I claim prior art.
http://packetstormsecurity.org/unix-humor/awesome.unix.chdir.program.html
[1] Not really. It was hosted on SCO Unix and I'm glad SCO Unix is DEAD, DEAD, DEAD.
I hope they make the patent licensing prohibitively expensive, but even if they make licensing cheap, it will still raise the cost of outsourcing and I view that as generally a good thing.
Networking has everything to do with it. Chroot restricts a process' view of the file system. Only. While an original Unix design goal was "everything is a(n untyped) file", this was never achieved. Device nodes, while they are files, are special kinds of files. BSD-style networking while accessed through file descriptors are in a different namespace, actually multiple namespaces because TCP and UDP have different namespaces. These both represent corner cases that must be dealt with specially if they are to be restricted in a chroot environment. Lastly, root has traditionally been all powerful and allowed to do anything, however much it may not make sense. You put all this together and you end up with an interface with dozens of holes in it that must all be coded for specially. This is a fruitless and error prone task and much like attempting to kill off an infestation of cockroaches by killing a handful at a time while the queen is busy laying 10s of thousands of new eggs somewhere hidden.
It is better to forget about chroot and all its "problems" and leave it for what it's best at, more or less restricting the filename namespace. I posted two examples of my own usage of this earlier. If you want a secure jail, design for it and code for it in a different interface. The BSDs have a jail (which I don't know anything about other than it's not chroot). On the Linux side, there are several ongoing projects that handle the universe of restricted namespaces as part of their original design. Either of those two, can be made secure. Virtualization via hypervisor is another more promising with respect to security approach. So what's wrong with chroot? Nothing is wrong with chroot. What's wrong are people's misconceptions of it. It is not a security function.
Last week the articles were about the head of ZTE being golfing buddies with the 1st gentleman. That's always a good way to sell a network
Wireless coverage is very important there. The average home does not have a landline telephone, but does have at least one cellphone. Dialup and cable are simply not options.
I was in an unfortunate marriage to a Soka Gakkai and I read all their literature (including IKEDA's autobiography), made trips to their temple in Shinano machi and got all the lectures. Been there, done that, and still have the scars from the experience.
Have you by any chance read their printed newspaper? I have. They appear to worship that guy and that seems more like a cult than a religion to me.
Am I uncharitable, maybe. Shallow, no.
It doesn't make sense. Using chroot(2) for security is like trying to fit a round peg into a square hole that it was never intended to go into.
It also doesn't make sense that certain inbound TCP ports are restricted to being bound only by root, but that's the reality we have to live with.
<Thought-experiment>
Wrap your mind around the fact that it is Microsoft Windows userland now that causes most of its insecurity. If you could cleanly separate Microsoft Windows userland and run it under an Open BSD kernel, it would still be insecure. Conversely, if you could run an Open BSD userland under a Microsoft Windows kernel, it most likely would be more secure (sans Microsoft programming and design errors).
</Thought-experiment>
Chroot will not and cannot defend against the ill-advised practice of running binaries ("trusted" or not) received off host. Yes, I'm also looking at you Mac OS X, which is otherwise a lovely system.
That sounds about right. My first serious use of chroot(2) was dealing with b0rken systems when my emergency root floppy had different versions of critical shared libraries (HJ Lu's forked libc5 was always much more space efficient than the GNU version). It is also useful building userland from scratch bootstrapped off a system with much older or different shared libraries, not much different than Joy's original usage it seems.
Useful, oh yes. Something to secure your system with, hell no.
RIP Turbolinux 7 for the DEC/Alpha.
I don't think you can consider the domestic Japanese market as a "test market". The rules are very different.
Everyone in Japan has a cellphone, including children. That means the market is saturated except that it isn't. The Japanese are masters at kaizen engineering - making a series of small steady improvements on something until it is far superior to anything else. As for cellphones, there is constant pressure to upgrade your phone every ten months or so. This is encouraged by practically giving the phones away in return for a fixed contract (mine was ten months).
Cellphone usage is futher promoted by idiotic NTT policy - ~US$1000 to purchase the right to purchase a landline when I was there. There were rumors that they were going to change that, but there are always rumors in Japan.
The domestic Japanese market is a perfect breeding ground for developing killer cellphone technology and indeed, the "3g" phones that are finally available in the US approach the functionality I had in my cellphone in Japan in 2002. (I don't know why T9 dictionary support is so terrible when it is much harder to support inputing Japanese text and the Japanese phones I had all had decent input methods).
Radical people who call themselves Buddhist exist too. A particular sect I had unfortunate experiences in the past with is the Soka Gakkai.
To add to your list, a Soka Gakkai Buddhist is willing to blow everyone else up, so long as IKEDA Daisaku gets good press from it.
It doesn't. There isn't difference between "fuck", "f**k" or even "fsck" if used as an expletive. Alternative spellings are just pathetic (much the same as writing "M$", "Micro$oft", Shrub, Hitlery, etc.) and only shows that the author is mentally challenged.
Does anyone remember the Wally George "Hot Seat" show on local LA television in the early 80's? He had an extremely effective flaming style. He'd quote back things the guest had said or written, have his studio audience howl in laughter or boo, then when the guest starts to protest, have him forcibly removed from the stage by armed guards.
Sadly, Wally appears to have gone on to coach the President of the United States and certain presidential candidates.
Let Mr. Lyons alone. He admitted fault. That works for me.
Maybe not you in particular, but a single exception does not disprove a general rule.
About the time I was moving to Tokyo from another part of Japan, there was a(n in) famous poll posted that indicated that salarymen and their wives who lived in metro Tokyo spent less than 5 minutes on average per day talking to each other. I spent enough time talking to people that I took the poll seriously.
I suspect this survey isn't that much different.
You're also making a big mistake if you think they are referring to something occurring only in the US.