There could very well be a finite number of multiverses, each trading energy back and forth throughout their various threads of causality. But there can't be an infinite, ever branching count. The problem with a finite count of multiverses is at what rate does the universe branch, how many independent states are maintained, etc. I suspect the reality of managing information transfer across a finite number of universes is even more complex than the infinite variant, to the point where the single shared universe concept is in fact far more likely to reflect the real world.
DMG's are interesting. Take all the vagaries of file systems -- and seriously, they're infamously fragile, like little else actually -- and hand attacker controlled bytes to parsers that live in the kernel.
The fundamental problem with Many-Worlds, as I see it, is that it's a source of infinite energy.
Suppose time is quantized, and the universe runs at Planck Time intervals. Each Planck moment has a certain number of interactions, the particular one that occurs determining the preconditions to the next, to the next, etc, for all eternity.
If all things that can occur do occur, then the amount of state -- information content -- energy in the multiverse is constantly increasing.
Sure, Quantum Dynamics is weird, but when did it get to violate the Laws of Thermodynamics?
Yes, because when I think "desktop application", I think "the file format parsers in this application are totally not vulnerable to complete and utter compromise, the effect of which would be the evasion of software restriction policies."
The question is not whether video games are or aren't art.
The question is why, oh why, are artists in other genres so utterly threatened by the concept that it might be.
I mean, just look at the constituent properties of games.
Games have music of all genres, and nobody denies that can be art.
Screen shots from many games could probably be snuck into your local modern art gallery. Nobody denies imagery can be art.
They went to a sci-fi author! Certainly a science fiction tale can be art.
If you combine all three of the above -- well, you end up with a movie, and nobody denies that cinema is an art form.
Even if you take away the controlled progression of experiences -- well, welcome to architecture. Was Frank Lloyd Wright not an artist?
I think the bottom line is that a lot of people who don't play games, but do pay attention to art, don't want to imagine that they're not trained to appreciate a particular art form. Better to deny its potential as being art at all.
So I release all my code under the BSD license, specifically because I don't expect or demand patches sent back to me. I don't release it, and then get pissy if people don't send stuff back. I just write it and hope it helps.
If I wanted a license where people couldn't "steal my code", I'd have chosen GPL. That your code may be "stolen" is not a bug, it's a feature of BSD. Theo et al shouldn't be annoyed that someone is actually taking the license at its word.
This is not good. It's my understanding that once you've been kicked out, it's much, much, much harder to get back in.
That leaves me rather scared. I've known Halvar for almost six years; we were in Singapore together at Black Hat Asia. He's a very intelligent engineer, doing very good research, and has done more than almost anyone to make people realize that obfuscation is not security. We, as an industry, need his voice. (A bit cynical, but seriously, we as an American industry want his talents put to work here, rather than overseas.)
Simple arguments like -- nobody could figure out how this works, they'd have to be able to read code -- have been destroyed because of Halvar's work. You may not realize it, but without concrete examples of attacks, software developers simply cannot comprehend attacks against their code that they can't do themselves. Halvar is a critical innoculation against technically inept but vaguely plausable excuses why something must be impossible.
Halvar does the impossible regularly. Seriously, he's an artist, and the American security industry is directly harmed by not being able to learn from him. What's the story going to be? That Halvar can only do training in India, and China, and in Europe? Yes, that sounds like a wonderful idea. Everyone else's code gets more secure while ours rots on the vine.
The only thing more embarrassing than this was when Xioyun Wang, the Chinese professor who cracked MD5, was denied entry to the US. Oh well, Halvar, I guess you're in good company...
There's been detente between the big guys for ages -- you nuke my product line, I'll nuke your product line, so lets do neither.
The problem is Intellectual Ventures. They have no products. They just have patents. They can nuke, but they cannot be nuked. This model is spreading...honestly, just like nukes themselves.
The detente is over. It's just a question of what now.
Imagine for a minute that Military Science was taught by the mathematicians.
After all, you need calculus to determine trajectories, statistics to calculate the odds of winning a battle, eigenvectors to locate a terrorist in a crowd, game theory to map out the politics...
These are all well and good, but Math is not War. The parts of math that are good for war, we need to know. But war is its own realm, and we need to accept that.
Put another way, biology is not just chemistry with carbon.
Computer science hasn't branched off the way its really needed to. Computer science is less similar to math than bio is to chem, but bio departments tend to be independent. I think CS needs to be as well. That we can contort math into CS does not mean that algorithms are the best way to view system administration, or even memory management and schedulers. Security can be seen through set theory, and graph theory, but so much of the work to be done is centered on tagging, tracing, and interpreting. These are things that, frankly, math sees as "should be automatic". Just take more samples!
It takes a process perspective to realize, of course the instrumentation is the hard part. It's a matter of getting an accurate view of the process, and all data anywhere that might affect it (and not getting a view of a bunch of other data that won't). You can use math to help compute this, but it's the tool, not the field of study.
I suspect you've fallen into the falacy that just because people can look at the source, people actually do. If you really want some stuff to fix, believe me, there's no end of stuff to throw your way.
Intel processors don't directly execute instructions anymore. They translate x86 into a series of other operations -- an internal code, if you will. Sometimes there are bugs in the code that's generated. Microcode patches address those bugs.
Every once in a while, I read about scientists getting really dismissive about a "major new discovery" coming out in some popular press outlet, rather than Science or Nature.
I finally understand why.
Foreign Policy is a fantastic magazine, when I'm looking for geopolitical data. It's not where security research happens. Publishing this concept in Foreign Policy is done to make an end run around fellow engineers, and try to go straight towards people who would happily pay $50K for this "phishing garbage" to go away.
I'm not even going to comment on the technology itself. Everyone else seems to have that covered just fine. (Props to the guy who recognized that Banks != S&L's != Credit Unions, though.)
What's sad is, there are actually major geopolitical issues with computer security that *would* be totally appropriate for Foreign Policy, and aren't quite the thinly masked grab for cash that this represents. Ouch. The worst part is that to the rest of FP's audience, he represents *us*.
You're stuck in traffic, behind an accident. They clear the accident. Slowly, every car speeds up now that the blockage is gone. If you're looking from above, you'll see a "wave" move through the line of cars, as each takes a few seconds to realize he can accelerate.
This wave is the group velocity, and very much has nothing to do with the speed of each individual car.
Suppose all the cars were wired electronically to know that they could all accelerate at once. That knowledge would move at nearly the speed of light.
No car would be moving at the speed of light. Everyone would just hit their gas pedal at almost the same time.
Almost every time we see these stories, this is the type of speed they're talking about.
Dear god, you guys are actually making me defend Apple. And Cingular.
Wow.
Guys, there are only two GSM carriers in the states -- Cingular and T-Mobile. You might have heard of T-Mobile, they have this rather popular device called the Sidekick that only works (really works, anyway) on their network.
Apple's gained quite a reputation in the security community of being rather non-responsive -- not just with researchers, but with the press. Some other businesses I know of that have needed to deal with Apple are reporting the same thing.
Cisco's choice of words here is really, really interesting.
Sounds like messaging is broken in Cupertino across the board. That's the sort of thing that should not be publicly visible...
I saw a great ad for an Antivirus product recently. "Finally, protect your users from the Melissa virus!"
Dude, it's 2003, they want their security holes back.
I'm not going to mince words: This story is BS. Lets take the money quote here:
However, at least once an hour, on average, the BBC honeypot was hit by an attack that could leave an unprotected machine unusable or turn it into a platform for attacking other PCs.
Really? Once an hour, something that'll remotely own XPSP2, just being leaked out over the Internet?
"Seven hours of attacks: 36 warnings that pop-up via Windows Messenger. 11 separate visits by Blaster worm. 3 separate attacks by Slammer worm. 1 attack aimed at Microsoft IIS Server. 2-3 "port scans" seeking weak spots in Windows software."
OK, Windows Messenger service is disabled in XPSP2...Blaster hasn't worked in years, Slammer never even hit XP Home by default (you had to install Visio), IIS isn't even available for XP Home, and port scans aren't too relevant when you have a firewall on by default.
What a completely worthless story. You know, we have enough actual security problems going on (the glacier of cross site scripting exploits, what's going on in the online banking realm) that whinging about long solved problems is not only irresponsible; it's dangerous.
I think the idea is that Microsoft stands by builds of Windows that are modified by Dell, but cannot stand by builds of Windows that are modified by random Chinese concerns. Put another way:
You have a choice between the Dell image and the Chinese image. Do you:
a) Not care which image you install b) Install the image that came from Dell
Now you can say the OEM's have played a few games with what they've shipped, but c'mon. You know there's a substantive difference between the two, and it favors the large scale corporate build.
It's the chain of accountability in case of malicious action that at least conceptually keeps the Dell build "Genuine". At least, that's the argument.
A couple years ago, we saw the first "pre-infected" Windows CDs show up on peer to peer networks...they had extra keys added to the cert store, so essentially attackers could come in remotely and securely authenticate against pirated builds of Windows. Apparently, this has become much more common, with many builds on P2P networks going so far as to be pre-infected with malware.
On the flip side, some of the pirated DVDs floating around out there are well known for just being very fast and easy to install on random hardware; especially for system builders, going from nothing to a completely installed Windows system with XPSP2 and Office in twenty minutes is a big deal even if the system is ultimately shipped with legitimate licenses.
Ultimately though we're talking about the use of the word Genuine. Sinec there's a tangible and measureable difference between the legitimate builds (less likely to be pre-0wned, more likely to be easy to install) vs. the pirated editions, I'd say there's a hat to hang the "genuine" phrase on, at least from a linguistic perspective.
First of all, the DRM code is most likely pretty self-contained, and is only interfaced with by a limited amount of code. (All the files run through some version of the Windows Media Encoder engine, remember?). So on that front, it's a hell of alot easier to patch an issue contained to DRM-land than it is to deal with something like IE, which has to interact with a much messier set of incoming files (the Web).
Even then, the reason you don't release a patch in three days is that you're probably going to screw it up and not actually fix the problem. Amazingly enough, that appears to be exactly what happened.
My opinion here has less to do with them hiring me for consulting (I've been saying this stuff since before they gave me a dime), and way more with me having to explain to customers back in 2003 why Nachi was taking out their VoIP networks. Dude, I remember doing trade shows back then; running around with Stinger, manually patching boxes left and right, and still there was always some jackass flooding the floor net.
OK, that got alot better. Universal firewalling and a worldwide patching infrastructure are not mere PR stunts.
What still sucks? IE6, no question. But nobody can say it's like it was a few years ago, when we had a public page containing dozens of unpatched remote code execution flaws in it. (I assume you know enough to recognize MOBB was nothing like that.) And the infrastructure is still complicated enough that it takes time to come up with a complete patch. Coming up with complete, non-Oracle style patches (talk to the Litchfields about that) requires a crap-ton of investigation and testing. You can't whine in one line that it takes more than a day to get a patch out, and then in another complain that MS06-042 wasn't 100% perfect.
Here's what I threw on my blog on this matter. Note, the fact that this got presented as even a debate annoyed me enough to start posting on my site again.
--
Paul Mockapetris says Vista is going to take down the Internet's DNS infrastructure. Paul is the inventor of DNS; I met him at Black Hat last year and was half starstruck, half relieved he didn't hate me for the things I'd done to his creation:) Paul knows DNS. It's his creation. But you'll note in this story that Joris Evers can't actually find anyone who agrees with Paul.
There's a reason.
First, while there are indeed a couple underprovisioned name servers, there's far more that have lots and lots of slack capacity. You need slack capacity to deal with shock load. The networks that would fail because of Vista's release, would fail because of a three day weekend.
Second, Vista's not getting deployed all at once. This is no service pack that's deployed to a hundred million desktops via Windows Update! Mockapetris is correct in that there will be a noticable increase in DNS traffic, but that increase will be spread out over the course of a couple years. Slow increases like this tend not to cause the sort of catastrophic failure that Mockapetris refers to.
Finally, and most importantly (in the sense that Mockapetris should know better): Most of the work done to service the IPv6 request, is cached and available to service the IPv4. To complete a DNS lookup, you have to locate a particular server, known as the authoritative server for a domain. The same authoritative server that hosts the IPv6 (AAAA) record also hosts the IPv4 (A) record. So even if Vista sends twice the traffic, the upstream nameserver is certainly not experiencing twice the load.
Full disclosure: Microsoft has had me looking at Vista for much of this year, as part of their "Blue Hat Hacker" external pen-testing squad. But then, Mockapetris has written a really impressive name server for his company, Nominum, that can handle about 4x the load of BIND. But this isn't about who we are; it's about what is or isn't going to collapse. There are things to worry about. This isn't one of them.
Window's an old friend of mine, so let me be the first to congratulate her here. W00t!
So the security world used to be pretty hostile to MS, before, you know, XPSP2, MSRC got taken seriously, etc. Window showed up before all of that, and pretty much took our abuse year in, year out. And then...things got better.
She'll deny any direct cause and effect there, but she was _the_ interface between Microsoft and the various security cons for quite some time, and I think at least some of the reason we got certain concessions (like 24 hour response time out of MSRC) is that she was there to hear people say things like "I dunno, why should I warn MS, they're just gonna sit on it anyway."
Firefox is not without problems (understatement). I'm looking forward to seeing what Window can accomplish w/ Mozilla.
Slashdot Mirror
There could very well be a finite number of multiverses, each trading energy back and forth throughout their various threads of causality. But there can't be an infinite, ever branching count. The problem with a finite count of multiverses is at what rate does the universe branch, how many independent states are maintained, etc. I suspect the reality of managing information transfer across a finite number of universes is even more complex than the infinite variant, to the point where the single shared universe concept is in fact far more likely to reflect the real world.
Says the guy running w/ Safari :)
DMG's are interesting. Take all the vagaries of file systems -- and seriously, they're infamously fragile, like little else actually -- and hand attacker controlled bytes to parsers that live in the kernel.
Boom. Seriously.
The fundamental problem with Many-Worlds, as I see it, is that it's a source of infinite energy.
Suppose time is quantized, and the universe runs at Planck Time intervals. Each Planck moment has a certain number of interactions, the particular one that occurs determining the preconditions to the next, to the next, etc, for all eternity.
If all things that can occur do occur, then the amount of state -- information content -- energy in the multiverse is constantly increasing.
Sure, Quantum Dynamics is weird, but when did it get to violate the Laws of Thermodynamics?
Yes, because when I think "desktop application", I think "the file format parsers in this application are totally not vulnerable to complete and utter compromise, the effect of which would be the evasion of software restriction policies."
Wait. Everything that makes up a game can be art, but the actual way it manipulates the viewer into behaving certain ways can never be?
That's probably the first time I've ever heard someone say art isn't allowed to touch its audience.
The question is not whether video games are or aren't art.
The question is why, oh why, are artists in other genres so utterly threatened by the concept that it might be.
I mean, just look at the constituent properties of games.
Games have music of all genres, and nobody denies that can be art.
Screen shots from many games could probably be snuck into your local modern art gallery. Nobody denies imagery can be art.
They went to a sci-fi author! Certainly a science fiction tale can be art.
If you combine all three of the above -- well, you end up with a movie, and nobody denies that cinema is an art form.
Even if you take away the controlled progression of experiences -- well, welcome to architecture. Was Frank Lloyd Wright not an artist?
I think the bottom line is that a lot of people who don't play games, but do pay attention to art, don't want to imagine that they're not trained to appreciate a particular art form. Better to deny its potential as being art at all.
The real question is -- why should gamers care?
So I release all my code under the BSD license, specifically because I don't expect or demand patches sent back to me. I don't release it, and then get pissy if people don't send stuff back. I just write it and hope it helps.
If I wanted a license where people couldn't "steal my code", I'd have chosen GPL. That your code may be "stolen" is not a bug, it's a feature of BSD. Theo et al shouldn't be annoyed that someone is actually taking the license at its word.
Halvar's been kicked out of the US?
This is not good. It's my understanding that once you've been kicked out, it's much, much, much harder to get back in.
That leaves me rather scared. I've known Halvar for almost six years; we were in Singapore together at Black Hat Asia. He's a very intelligent engineer, doing very good research, and has done more than almost anyone to make people realize that obfuscation is not security. We, as an industry, need his voice. (A bit cynical, but seriously, we as an American industry want his talents put to work here, rather than overseas.)
Simple arguments like -- nobody could figure out how this works, they'd have to be able to read code -- have been destroyed because of Halvar's work. You may not realize it, but without concrete examples of attacks, software developers simply cannot comprehend attacks against their code that they can't do themselves. Halvar is a critical innoculation against technically inept but vaguely plausable excuses why something must be impossible.
Halvar does the impossible regularly. Seriously, he's an artist, and the American security industry is directly harmed by not being able to learn from him. What's the story going to be? That Halvar can only do training in India, and China, and in Europe? Yes, that sounds like a wonderful idea. Everyone else's code gets more secure while ours rots on the vine.
The only thing more embarrassing than this was when Xioyun Wang, the Chinese professor who cracked MD5, was denied entry to the US. Oh well, Halvar, I guess you're in good company...
--Dan Kaminsky
A moment of silence for these lost explorers, and deepest hopes that the survivors of this accident recover to see space!
There's been detente between the big guys for ages -- you nuke my product line, I'll nuke your product line, so lets do neither.
The problem is Intellectual Ventures. They have no products. They just have patents. They can nuke, but they cannot be nuked. This model is spreading...honestly, just like nukes themselves.
The detente is over. It's just a question of what now.
Imagine for a minute that Military Science was taught by the mathematicians.
After all, you need calculus to determine trajectories, statistics to calculate the odds of winning a battle, eigenvectors to locate a terrorist in a crowd, game theory to map out the politics...
These are all well and good, but Math is not War. The parts of math that are good for war, we need to know. But war is its own realm, and we need to accept that.
Put another way, biology is not just chemistry with carbon.
Computer science hasn't branched off the way its really needed to. Computer science is less similar to math than bio is to chem, but bio departments tend to be independent. I think CS needs to be as well. That we can contort math into CS does not mean that algorithms are the best way to view system administration, or even memory management and schedulers. Security can be seen through set theory, and graph theory, but so much of the work to be done is centered on tagging, tracing, and interpreting. These are things that, frankly, math sees as "should be automatic". Just take more samples!
It takes a process perspective to realize, of course the instrumentation is the hard part. It's a matter of getting an accurate view of the process, and all data anywhere that might affect it (and not getting a view of a bunch of other data that won't). You can use math to help compute this, but it's the tool, not the field of study.
Really? I can file bugs against you?
I suspect you've fallen into the falacy that just because people can look at the source, people actually do. If you really want some stuff to fix, believe me, there's no end of stuff to throw your way.
So here's the deal.
Intel processors don't directly execute instructions anymore. They translate x86 into a series of other operations -- an internal code, if you will. Sometimes there are bugs in the code that's generated. Microcode patches address those bugs.
Every once in a while, I read about scientists getting really dismissive about a "major new discovery" coming out in some popular press outlet, rather than Science or Nature.
I finally understand why.
Foreign Policy is a fantastic magazine, when I'm looking for geopolitical data. It's not where security research happens. Publishing this concept in Foreign Policy is done to make an end run around fellow engineers, and try to go straight towards people who would happily pay $50K for this "phishing garbage" to go away.
I'm not even going to comment on the technology itself. Everyone else seems to have that covered just fine. (Props to the guy who recognized that Banks != S&L's != Credit Unions, though.)
What's sad is, there are actually major geopolitical issues with computer security that *would* be totally appropriate for Foreign Policy, and aren't quite the thinly masked grab for cash that this represents. Ouch. The worst part is that to the rest of FP's audience, he represents *us*.
99% chance it's this again:
You're stuck in traffic, behind an accident. They clear the accident. Slowly, every car speeds up now that the blockage is gone. If you're looking from above, you'll see a "wave" move through the line of cars, as each takes a few seconds to realize he can accelerate.
This wave is the group velocity, and very much has nothing to do with the speed of each individual car.
Suppose all the cars were wired electronically to know that they could all accelerate at once. That knowledge would move at nearly the speed of light.
No car would be moving at the speed of light. Everyone would just hit their gas pedal at almost the same time.
Almost every time we see these stories, this is the type of speed they're talking about.
Dear god, you guys are actually making me defend Apple. And Cingular.
Wow.
Guys, there are only two GSM carriers in the states -- Cingular and T-Mobile. You might have heard of T-Mobile, they have this rather popular device called the Sidekick that only works (really works, anyway) on their network.
Lame? You bet.
Hmm. Now that's interesting.
Apple's gained quite a reputation in the security community of being rather non-responsive -- not just with researchers, but with the press. Some other businesses I know of that have needed to deal with Apple are reporting the same thing.
Cisco's choice of words here is really, really interesting.
Sounds like messaging is broken in Cupertino across the board. That's the sort of thing that should not be publicly visible...
(I'm posting this publicly rather intentionally.)
Dude, it's 2003, they want their security holes back.
I'm not going to mince words: This story is BS. Lets take the money quote here:
Really? Once an hour, something that'll remotely own XPSP2, just being leaked out over the Internet?
OK, Windows Messenger service is disabled in XPSP2...Blaster hasn't worked in years, Slammer never even hit XP Home by default (you had to install Visio), IIS isn't even available for XP Home, and port scans aren't too relevant when you have a firewall on by default.
What a completely worthless story. You know, we have enough actual security problems going on (the glacier of cross site scripting exploits, what's going on in the online banking realm) that whinging about long solved problems is not only irresponsible; it's dangerous.
I think the idea is that Microsoft stands by builds of Windows that are modified by Dell, but cannot stand by builds of Windows that are modified by random Chinese concerns. Put another way:
You have a choice between the Dell image and the Chinese image. Do you:
a) Not care which image you install
b) Install the image that came from Dell
Now you can say the OEM's have played a few games with what they've shipped, but c'mon. You know there's a substantive difference between the two, and it favors the large scale corporate build.
It's the chain of accountability in case of malicious action that at least conceptually keeps the Dell build "Genuine". At least, that's the argument.
--Dan
A couple years ago, we saw the first "pre-infected" Windows CDs show up on peer to peer networks...they had extra keys added to the cert store, so essentially attackers could come in remotely and securely authenticate against pirated builds of Windows. Apparently, this has become much more common, with many builds on P2P networks going so far as to be pre-infected with malware.
On the flip side, some of the pirated DVDs floating around out there are well known for just being very fast and easy to install on random hardware; especially for system builders, going from nothing to a completely installed Windows system with XPSP2 and Office in twenty minutes is a big deal even if the system is ultimately shipped with legitimate licenses.
Ultimately though we're talking about the use of the word Genuine. Sinec there's a tangible and measureable difference between the legitimate builds (less likely to be pre-0wned, more likely to be easy to install) vs. the pirated editions, I'd say there's a hat to hang the "genuine" phrase on, at least from a linguistic perspective.
First of all, the DRM code is most likely pretty self-contained, and is only interfaced with by a limited amount of code. (All the files run through some version of the Windows Media Encoder engine, remember?). So on that front, it's a hell of alot easier to patch an issue contained to DRM-land than it is to deal with something like IE, which has to interact with a much messier set of incoming files (the Web).
Even then, the reason you don't release a patch in three days is that you're probably going to screw it up and not actually fix the problem. Amazingly enough, that appears to be exactly what happened.
fyodor--
My opinion here has less to do with them hiring me for consulting (I've been saying this stuff since before they gave me a dime), and way more with me having to explain to customers back in 2003 why Nachi was taking out their VoIP networks. Dude, I remember doing trade shows back then; running around with Stinger, manually patching boxes left and right, and still there was always some jackass flooding the floor net.
OK, that got alot better. Universal firewalling and a worldwide patching infrastructure are not mere PR stunts.
What still sucks? IE6, no question. But nobody can say it's like it was a few years ago, when we had a public page containing dozens of unpatched remote code execution flaws in it. (I assume you know enough to recognize MOBB was nothing like that.) And the infrastructure is still complicated enough that it takes time to come up with a complete patch. Coming up with complete, non-Oracle style patches (talk to the Litchfields about that) requires a crap-ton of investigation and testing. You can't whine in one line that it takes more than a day to get a patch out, and then in another complain that MS06-042 wasn't 100% perfect.
--Dan
P.S. Office exists outside the Windows org.
This is Dan Kaminsky, from the article.
:) Paul knows DNS. It's his creation. But you'll note in this story that Joris Evers can't actually find anyone who agrees with Paul.
Here's what I threw on my blog on this matter. Note, the fact that this got presented as even a debate annoyed me enough to start posting on my site again.
--
Paul Mockapetris says Vista is going to take down the Internet's DNS infrastructure. Paul is the inventor of DNS; I met him at Black Hat last year and was half starstruck, half relieved he didn't hate me for the things I'd done to his creation
There's a reason.
First, while there are indeed a couple underprovisioned name servers, there's far more that have lots and lots of slack capacity. You need slack capacity to deal with shock load. The networks that would fail because of Vista's release, would fail because of a three day weekend.
Second, Vista's not getting deployed all at once. This is no service pack that's deployed to a hundred million desktops via Windows Update! Mockapetris is correct in that there will be a noticable increase in DNS traffic, but that increase will be spread out over the course of a couple years. Slow increases like this tend not to cause the sort of catastrophic failure that Mockapetris refers to.
Finally, and most importantly (in the sense that Mockapetris should know better): Most of the work done to service the IPv6 request, is cached and available to service the IPv4. To complete a DNS lookup, you have to locate a particular server, known as the authoritative server for a domain. The same authoritative server that hosts the IPv6 (AAAA) record also hosts the IPv4 (A) record. So even if Vista sends twice the traffic, the upstream nameserver is certainly not experiencing twice the load.
Full disclosure: Microsoft has had me looking at Vista for much of this year, as part of their "Blue Hat Hacker" external pen-testing squad. But then, Mockapetris has written a really impressive name server for his company, Nominum, that can handle about 4x the load of BIND. But this isn't about who we are; it's about what is or isn't going to collapse. There are things to worry about. This isn't one of them.
Window's an old friend of mine, so let me be the first to congratulate her here. W00t!
So the security world used to be pretty hostile to MS, before, you know, XPSP2, MSRC got taken seriously, etc. Window showed up before all of that, and pretty much took our abuse year in, year out. And then...things got better.
She'll deny any direct cause and effect there, but she was _the_ interface between Microsoft and the various security cons for quite some time, and I think at least some of the reason we got certain concessions (like 24 hour response time out of MSRC) is that she was there to hear people say things like "I dunno, why should I warn MS, they're just gonna sit on it anyway."
Firefox is not without problems (understatement). I'm looking forward to seeing what Window can accomplish w/ Mozilla.