Ok, for the upteenth time, it was Mac OS X Desktop on a Mac Mini that was compromised. (You're about user #1,843,072 to automatically AssUMe that we're talking about Server.) Server NEVER entered into the equation.
So, are we agreed that the guy was a moron and that this was a stupid test?
This is how most Mac OS X machines will appear to outside entities on the internet.
Let me just say, thank you. All these trolls seem to think it's perfectly natural that you'd let hundreds of anonymous users into your system, who's only purpose in life is to compromise one of the hundreds of software packages installed in an attempt to gain higher priviledges. That's just ridiculous. Mac OS X is a desktop system. It is configured as such, and is bound to have problems that could be exploited by a sharp human. (Trojans, worms, and viruses tend to need an exploit that's guaranteed across a large number of systems. This may not be the case.)
If the guy had wanted to test Mac OS X server, he should have run Mac OS X server. Yet even then, there's absolutely no admin worth his salt that would allow shell access to a Unix machine before first performing a full lockdown of the machine. The defaults are never good enough, because the system is still evolving for its intended use. When you're configuring all the services you need, it's always important to set the security to match the level of trust you give the users. In some cases that may mean that you've exposed yourself to potential compromises, but you trust the user (or users) with that responsibility. In other cases, you don't trust the users at all, so you revoke just about every right you can think of.
Or in other words, security is based on trust. Thinking that a system that's intended to trust its users (a Desktop) is going to stand up against untrustworthy users is silly. So again, thank you for trying to set the record straight here. When you're done, we can get the Onion to sydicate the ZDNet article.;-)
I don't see any quotes from Von Braun. In fact, Von Braun thought the Saturn V was his baby for launches. Using accelerators to get up to speed in thick atmosphere is a very different idea that AFAIK, he never got behind.
About the closest thing they have is on this page where they take Von Braun's consultation for a movie as serious evidence that he backed such a scheme. That's not exactly evidence.
BTW, any site that uses Java Applets for each rollover button (something possible without Java) needs to be shot.
I'm not forgetting. I'm merely pointing out that those are the exception rather than the rule. The rule is that software can be installed on Macs without root priviledges. The exception is that something needs to modify root-accessable files. On most Unixes it's the other way around.
Just an FYI for those of you who just joined us. Steve Wilson was the co-author of Java Platform Performance, along with Jeff Kesselman (the Java gaming dude, who still works at Sun). So he's pretty well versed in how Java technology works.
Now on to my own question.:-)
Steve, the one thing I'm not getting from the article, nor from the website (at least, I haven't seen it yet) is as follows: Is this just another DRMAA implementation, or is it more than that? If it is, could you give us a good overview of why it's better than N1? If not, can you explain what exactly this software does for a company? It somewhat sounds like it makes a single JVM run across multiple machines as if they were one, but if that's the case, how does it work? Is it a customized JVM based on Sun source code?
In other words, if I happen to have a SUN machine on my network of primarily Windows boxes, could it move it to that, or any other platform?
In theory, it would work across OS platforms. Considering that the guy hired a bunch of N1 engineers to do this, I don't see why they'd change the design.
Of course, practically it depends on how this software works. It's possible to write software that's tied to a given OS, even in Java.
So did the Saturn V. Neither one flies at the moment.
The Energia was a brief blip in history whereby a single contempoary rocket carried more mass than the Shuttle. However, that history is now almost two decades behind us.
The Ruskies launched the really big parts of the Space Station.
This is true, but I expect that it has more to do with either the shuttle-bay confines or politics rather than the lift capacity of the shuttle. The maximum payload for the shuttle is several tonnes larger than the Proton.
My point was that installing software on OS X is intended to be easy for the average user. You drag the app out, and you're done. Installing software on more secure Unix boxes is always more difficult because of the lockdowns in place. There are very few applications you can get as a single file, installers will usually fail without root privleges, and even software you install in your home directory will lack desktop icons. Sure, you can manually install such icons, but that's not exactly easy for the average user.
Thus:
OS X == lower local security == easy Solaris == higher local security == hard
Both are good in there respective areas. In general, I'd far more trust a default Solaris box to stay secure when there are attackers with shell account than I would trust a default OS X box. Yet I prefer OS X on my laptop because it makes the everyday tasks easy for a desktop user without having to worry about all that extra multi-user security.
Um, you are talking about OSX vs OSX Server. Which *Does* ship with these services enabled by default.
Which was also not what was compromised. Kind of nice for the GP to switch topics like that.:-/
I want to know more details about this incident.
The machine was a Mac Mini "running a default install of OS X Tiger, plus fink and some decent versions of Apache, MySQL and PHP. Software Update recently updated it to Mac OS X 10.4.5 and fixed some security issues." It's colored orange for some odd reason, and sits on a bookshelf sideways. He, "set up an LDAP server and linked it to the Macs naming and authentication services, to let people add their own account to this machine."
Basically, the guy is a moron. He thinks he's proving something by making a Desktop configured machine do server-class work, and then expect it not to get rooted.
Was it a local privelage escalation flaw?
Yes. The exact hole has been withheld, but it probably doesn't matter anyway. In a contest of machine vs. hacker where the owner is doing nothing to stop the hacker (and in fact, inviting him by removing barriers!), my money is on the hacker.
Was it a remote flaw in SSH or Apache? Maybe an SSH password attack?
The guy gives out SSH accounts. There was no need to penetrate this layer of security, because he left the door wide open.
You go ahead and explain that procedure to Grandma. I'll wait here and offer good karma support. (Ouch! I never knew Grandma could whip something that hard!):-P
The only thing that's "bullshit" is your information. No, Windows doesn't have RDP or File Sharing open. Then again, I didn't say it did. I said it had remote exploits available. Non-essential services like the RPC service are exposed to the Internet. Do you disagree that this has been the case?
OS X comes with NOTHING enabled out of the box. It's all shut off. You can turn it on, but otherwise there's zero remote access to the machine. I know this because I'm a Mac user who's regularly used both OS X 10.2 and 10.4. Both versions shipped with all services disabled.
So you're saying that Chernobyl blew up a lid that weighed 23% less than the dry weight of a 757. Question? Can a structure be built to stop a 757? I should think the answer is "yes".
I am not sure what you design to "contain" a blast like that.
Lots of steel framed concrete. The purpose of which isn't so much to stop the blast cold, as to stop the blast from escaping. The stucture might sustain irrecoverable damage, but at least the materials won't be released. A truck can come by and cement the destroyed reactor in place as soon as the rescue operations are complete and/or the area is cool enough to approach.
They broke so many rules to get this failure that it boggles the mind.
Step 1: Drag the Application out of the DMG. Step 2: There is no Step 2.
OS X is NOT locked down from installing application packages. On Solaris, it works like this:
Step 1: Download package. Step 2: Ungzip package. Step 3: SU to root. Step 4: Run 'pkgadd -d [name of package]' Step 5: Run through a variety of screens asking "Are you sure?" Step 6: (Optionally) If you're changing anything system related, you again provide the root password.
The rest of your points, you've pretty much agreed with me. Whether or not there are other ways of getting around the security lockdowns in a user-friendly matter is mostly irrelevant. OS X chose the security model that worked for it, and it does work. It just isn't designed to completely secure against a local user abusing unknown security holes out of the box. Perhaps Server is, but that's a completely different issue. Either system should be configurable to a lockdown state, but the result might impede its desktop functionality.
I get the distinct impression you've never worked on Mac OS X system.
You've got the wrong distinct impression. You can have my iBook when you pry it from my cold, dead fingers.:-P
I can't say I've ever played with Slashboxes before. (They used to be just links to stuff I didn't care about anyway.) So I added it, and there I am. How neat!:-)
Here's the math. Plug in an Isp of about 400 for LHOx engines, a desired velocity of about 8.3 km/s, and a starting velocity of about 0.92 km/s.
Taking the final velocity minus the starting velocity, we get a required Delta V of 7.38 km/s. Converting from Isp to exhaust velocity, we get (9.81 m/s * 400) = 3.924 km/s.
Thus our equation looks like:
m1 = m0 * 2.718^(-7.38 / 3.924)
"m0" is the starting mass of your rocket, m1 is how much mass you'll have left after you achieve the required Delta V. So, if we take a 20 tonne starting craft (for example) and plug it into the equation, we get:
m1 = 20,000 kg * 2.718^(-7.38 / 3.924) m1 = 3,050 kg
To get the ratio of fuel to craft, we compute 1-(3,050/20,000) to come up with a craft that is about 85% fuel, leaving about 15% as craft mass. Considering that the Space Shuttle only gets about 6.75% of its mass to orbit, 15% is pretty darn good.
To compute the other way (how much fuel mass is needed for a given final mass), you can compute the following:
m0 = m1 * 2.718^(7.38 / 3.924)
If we assume a larger number than before (say, 20,000 kg of ship+cargo to orbit), we come up with the following figures:
m0 = 20,000 kg * 2.718^(7.38 / 3.924) m0 = 131,140 kg
Again, we see the same ratio (1 - (20,000 / 131,140) = ~85%), but the sizes have increased. The question is, could the Valkyrie (XB-70) carry 131,140 kg of spacecraft?
Well, according to the specs I have, it had an empty weight of 93,000 kg, and a maximum takeoff weight of 250,000 kg. Maximum loaded capacity was 242,500 kg, so you can assume that the 8,000 kg difference is probably fuel expended to get off the ground. Doing some simple math (242,500 kg - 93,000 kg) we come to a final cargo capacity of 149,500 kg. Taking away the weight of our craft (149,500 kg - 131,140 kg) we find that the Valkyrie would have 18,360 kgs left over for fuel and other weight. That shaves it pretty close, but it's doable.
If you assume that the Air Force has increased her Thrust to Weight ratio with some of the more powerful jet engines that have been designed since the 1960's, the margins actually look pretty darn good.
Funny. Sourceforge gives out SSH accounts to anyone and their dog.
Indeed. And every once in a while, Sourceforge gets hacked. And they have a trained staff of admins who attempt to very carefully lock down the systems and separate the user logins from the systems that run web services and code repositories. (Which is why you can't blow away your own code tree. You have to ask SF to do it.)
The only thing that's funny here (which isn't even funny) is that an inexperienced admin made his box 100% public without taking the standard precautions that every admin worth his salt would take. He blindly trusted that his Mac would be configured to do something it wasn't designed for, and he got burned. Well, DUH. I had a friend who's RedHat Linux box was remotely rooted several times without the attacker being given a shell account. Does that mean that Linux sucks at security?
Are you telling me that they're no better than Windows when it comes to privilege separation and preventing a low-privilege user account from taking control over the system?
Yes and no. If your admin locks the machines down tight, then it's quite possible that the Mac servers are more secure than the Windows servers. Left with default settings, they're both highly vulnerable to anyone who already has access to the machine and is determined to find a hole. (Whether it be a buffer overflow in a priviledged service, or a soft link that gave elevated permissions.)
Systems are extremely hard to secure once untrustworthy individuals have access to them. That's why there's a market for products like Trusted Solaris and Trusted Linux. If you need high security against local users, you can't trust anyone. Not even root.
The U.S. also has a problem with radioactive Cesium. However, it mostly comes from bomb testing rather than a nuclear power plant. We were all living with elevated levels of radioisotopes prior to Chernobyl. The event didn't change that, it just made it a lot more apparent to the public.
That excuse was bullshit when it was used to defend Windows boxes
That excuse would work for Windows if Windows didn't ship with remote vulnerabilities built-in. Unfortunately, it does. Regularly. Without fail.
When someone can prove that OS X has the same problems (which is pretty difficult with zero open ports, and 2 degrees of separation between attachments and executable code) then I'll jump on the "OS X isn't secure" bandwagon. But for now, it remains far more secure than Windows which can be so easily exploited thanks to the number of services it exposes to the Internet by default, and the ease with which executable files can be disguised as legitimate documents.
scaling it down to the point where it could fit under by a YB-type carrier AND carry a decent payload just doesn't seem feasible
Read the article. "Decent Equipment" in this case means "camera equipment" -OR- a microsat. In other words, it has poor cargo carrying capacity. Probably on the order of a tonne or less. The Space Shuttle has a maximum cargo capcity of ~27 tonnes plus a crew of five and various other equipment. (Depending on orbit and revision of vehicle.) The vehicle itself weighs about 109 tonnes. That's quite a difference.
unless the Air Force has already mastered hypersonic flight with scramjets.
What's wrong with traditional LHOx engines? Once you're supersonic, they can provide more than enough thrust to clear the atmosphere and reach orbital velocity. Plus, at that altitude they are already operating more efficiently than ground launch engines would. It all comes down to proper vehicle design. If you want more payload, you need a bigger vehicle. If you want less payload, you can use a smaller vehicle. Simple!
Like all systems, tradeoffs have to be made. I'm sitting next to a Sun Solaris system with JDS on it right now. To get the system running like I want it, I constantly have to resort to the root account to install the simplest of software. (Replace root access with sudo as you prefer.) I have to do this because it is a locked down machine intended to run software packages approved by management. Under this configuration, it's pretty hard to gain root access even with a local account.
This configuration absolutely sucks for a home user.
A home user can't install new software without providing a root (or sudo) password everytime they want to try a software package, they can't update the system configuration from the GUI, they can't start and stop their personal webserver, they can't look at the drive space remaining without having to decode a complex partitioning scheme, they can't do a lot of things that Mac OS X lets them do without interfereing. If Mac OS X *did* restrict these activities, users would balk at the user-unfriendliness and go back to Windows.
So it comes back to a matter of design. It's easy to say, "that should have been secure!", but the costs of making that secure would have been too high for the average home user. Mac OS X's security has been proven to date to be sufficient for what it was designed to do, and has been shown to be at least as secure (perhaps moreso) than your average FreeBSD or Linux desktop. Show me the beef of the problem (i.e. everyday machines being compromised on a scale similar to Windows) and I'll agree with you that Mac OS X is insecure for its intended purpose. Until then, however, I'm going to go with the fact that this guy wasn't thinking straight.
Plenty of people use them for servers as well
Which is why Apple produces OS X Sever Edition.
and apparently OS X isn't secure by default for them.
You show me a server situation that involves hundreds of anonymous, remote logins to a system without any lockdown of the services to move it from a home server to a full-blown webserver, and I'll agree with you. I, personally, can't think of such a situation. Some webhosts provide SSH access, but they certainly don't run a default Linux or FreeBSD installation unless that distribution has been preconfigured for the security they need.
remember though, this is (supposed to be) a *nix we're talking about. local user accounts should not be able to inflict such damage due to better seperation of priviliedges that exist in this world.
But you need to remember that OS X is not designed for remote, multi-user usage. The features are there, but mostly for adminstrative purposes. The machine is first and foremost a Desktop machine that is intended to keep good guys in and bad guys out.
Also keep in mind that it is incredibly difficult to properly configure a Unix system to be completely secure against users with shell accounts. Such security requires a complete system lockdown, complex partitioning, reassignment of services to non-root accounts, jailing of priviledged services (or equivalent), and several other procedures that I sincerely doubt that this guy performed. (In fact, the article confirmed that he could have locked the system down further, but didn't.)
By handing out shell accounts, he might as well have been handing out the root password to his system.
BTW, in case I wasn't clear enough above, his automated webpage to create SSH accounts is here. That will allow you to remotely login to his machine within minutes of entering your information. (Assuming he hasn't disabled it by now.)
The guy should feel thankful that the hacker (gwerdna) was nice enough to only deface his site rather than actually "rm -rf/" his box. (Which was what this guy was asking people to do, "if they can".):-/
The problem wasn't even that he had SSH running. It was that he was giving out accounts! I don't know what this guy was trying to prove, but his blind faith in Apple got him burned.
Somewhere inside of Apple, engineers are shaking their heads at this guy and the damage he's done to the Mac's reputation.
Ok, for the upteenth time, it was Mac OS X Desktop on a Mac Mini that was compromised. (You're about user #1,843,072 to automatically AssUMe that we're talking about Server.) Server NEVER entered into the equation.
So, are we agreed that the guy was a moron and that this was a stupid test?
This is how most Mac OS X machines will appear to outside entities on the internet.
;-)
Let me just say, thank you. All these trolls seem to think it's perfectly natural that you'd let hundreds of anonymous users into your system, who's only purpose in life is to compromise one of the hundreds of software packages installed in an attempt to gain higher priviledges. That's just ridiculous. Mac OS X is a desktop system. It is configured as such, and is bound to have problems that could be exploited by a sharp human. (Trojans, worms, and viruses tend to need an exploit that's guaranteed across a large number of systems. This may not be the case.)
If the guy had wanted to test Mac OS X server, he should have run Mac OS X server. Yet even then, there's absolutely no admin worth his salt that would allow shell access to a Unix machine before first performing a full lockdown of the machine. The defaults are never good enough, because the system is still evolving for its intended use. When you're configuring all the services you need, it's always important to set the security to match the level of trust you give the users. In some cases that may mean that you've exposed yourself to potential compromises, but you trust the user (or users) with that responsibility. In other cases, you don't trust the users at all, so you revoke just about every right you can think of.
Or in other words, security is based on trust. Thinking that a system that's intended to trust its users (a Desktop) is going to stand up against untrustworthy users is silly. So again, thank you for trying to set the record straight here. When you're done, we can get the Onion to sydicate the ZDNet article.
I don't see any quotes from Von Braun. In fact, Von Braun thought the Saturn V was his baby for launches. Using accelerators to get up to speed in thick atmosphere is a very different idea that AFAIK, he never got behind.
About the closest thing they have is on this page where they take Von Braun's consultation for a movie as serious evidence that he backed such a scheme. That's not exactly evidence.
BTW, any site that uses Java Applets for each rollover button (something possible without Java) needs to be shot.
I'm not forgetting. I'm merely pointing out that those are the exception rather than the rule. The rule is that software can be installed on Macs without root priviledges. The exception is that something needs to modify root-accessable files. On most Unixes it's the other way around.
Just an FYI for those of you who just joined us. Steve Wilson was the co-author of Java Platform Performance, along with Jeff Kesselman (the Java gaming dude, who still works at Sun). So he's pretty well versed in how Java technology works.
:-)
Now on to my own question.
Steve, the one thing I'm not getting from the article, nor from the website (at least, I haven't seen it yet) is as follows: Is this just another DRMAA implementation, or is it more than that? If it is, could you give us a good overview of why it's better than N1? If not, can you explain what exactly this software does for a company? It somewhat sounds like it makes a single JVM run across multiple machines as if they were one, but if that's the case, how does it work? Is it a customized JVM based on Sun source code?
Thanks in advance!
In other words, if I happen to have a SUN machine on my network of primarily Windows boxes, could it move it to that, or any other platform?
In theory, it would work across OS platforms. Considering that the guy hired a bunch of N1 engineers to do this, I don't see why they'd change the design.
Of course, practically it depends on how this software works. It's possible to write software that's tied to a given OS, even in Java.
Energea lifts much more the SS.
So did the Saturn V. Neither one flies at the moment.
The Energia was a brief blip in history whereby a single contempoary rocket carried more mass than the Shuttle. However, that history is now almost two decades behind us.
The Ruskies launched the really big parts of the Space Station.
This is true, but I expect that it has more to do with either the shuttle-bay confines or politics rather than the lift capacity of the shuttle. The maximum payload for the shuttle is several tonnes larger than the Proton.
My point was that installing software on OS X is intended to be easy for the average user. You drag the app out, and you're done. Installing software on more secure Unix boxes is always more difficult because of the lockdowns in place. There are very few applications you can get as a single file, installers will usually fail without root privleges, and even software you install in your home directory will lack desktop icons. Sure, you can manually install such icons, but that's not exactly easy for the average user.
:-)
Thus:
OS X == lower local security == easy
Solaris == higher local security == hard
Both are good in there respective areas. In general, I'd far more trust a default Solaris box to stay secure when there are attackers with shell account than I would trust a default OS X box. Yet I prefer OS X on my laptop because it makes the everyday tasks easy for a desktop user without having to worry about all that extra multi-user security.
So sorry to send you off on a tangent.
Um, you are talking about OSX vs OSX Server. Which *Does* ship with these services enabled by default.
:-/
Which was also not what was compromised. Kind of nice for the GP to switch topics like that.
I want to know more details about this incident.
The machine was a Mac Mini "running a default install of OS X Tiger, plus fink and some decent versions of Apache, MySQL and PHP. Software Update recently updated it to Mac OS X 10.4.5 and fixed some security issues." It's colored orange for some odd reason, and sits on a bookshelf sideways. He, "set up an LDAP server and linked it to the Macs naming and authentication services, to let people add their own account to this machine."
This is all available on his webpage.
Basically, the guy is a moron. He thinks he's proving something by making a Desktop configured machine do server-class work, and then expect it not to get rooted.
Was it a local privelage escalation flaw?
Yes. The exact hole has been withheld, but it probably doesn't matter anyway. In a contest of machine vs. hacker where the owner is doing nothing to stop the hacker (and in fact, inviting him by removing barriers!), my money is on the hacker.
Was it a remote flaw in SSH or Apache? Maybe an SSH password attack?
The guy gives out SSH accounts. There was no need to penetrate this layer of security, because he left the door wide open.
You go ahead and explain that procedure to Grandma. I'll wait here and offer good karma support. (Ouch! I never knew Grandma could whip something that hard!) :-P
The only thing that's "bullshit" is your information. No, Windows doesn't have RDP or File Sharing open. Then again, I didn't say it did. I said it had remote exploits available. Non-essential services like the RPC service are exposed to the Internet. Do you disagree that this has been the case?
OS X comes with NOTHING enabled out of the box. It's all shut off. You can turn it on, but otherwise there's zero remote access to the machine. I know this because I'm a Mac user who's regularly used both OS X 10.2 and 10.4. Both versions shipped with all services disabled.
Chernobyl blew the 100TON lid off the reactor.
:-)
So you're saying that Chernobyl blew up a lid that weighed 23% less than the dry weight of a 757. Question? Can a structure be built to stop a 757? I should think the answer is "yes".
I am not sure what you design to "contain" a blast like that.
Lots of steel framed concrete. The purpose of which isn't so much to stop the blast cold, as to stop the blast from escaping. The stucture might sustain irrecoverable damage, but at least the materials won't be released. A truck can come by and cement the destroyed reactor in place as soon as the rescue operations are complete and/or the area is cool enough to approach.
They broke so many rules to get this failure that it boggles the mind.
No arguing that.
You mean just like OS X's default configuration.
:-P
Step 1: Drag the Application out of the DMG.
Step 2: There is no Step 2.
OS X is NOT locked down from installing application packages. On Solaris, it works like this:
Step 1: Download package.
Step 2: Ungzip package.
Step 3: SU to root.
Step 4: Run 'pkgadd -d [name of package]'
Step 5: Run through a variety of screens asking "Are you sure?"
Step 6: (Optionally) If you're changing anything system related, you again provide the root password.
The rest of your points, you've pretty much agreed with me. Whether or not there are other ways of getting around the security lockdowns in a user-friendly matter is mostly irrelevant. OS X chose the security model that worked for it, and it does work. It just isn't designed to completely secure against a local user abusing unknown security holes out of the box. Perhaps Server is, but that's a completely different issue. Either system should be configurable to a lockdown state, but the result might impede its desktop functionality.
I get the distinct impression you've never worked on Mac OS X system.
You've got the wrong distinct impression. You can have my iBook when you pry it from my cold, dead fingers.
I can't say I've ever played with Slashboxes before. (They used to be just links to stuff I didn't care about anyway.) So I added it, and there I am. How neat! :-)
??? Ok, I'm confused. Front page of which site? Do you have a link?
Here's the math. Plug in an Isp of about 400 for LHOx engines, a desired velocity of about 8.3 km/s, and a starting velocity of about 0.92 km/s.
Taking the final velocity minus the starting velocity, we get a required Delta V of 7.38 km/s.
Converting from Isp to exhaust velocity, we get (9.81 m/s * 400) = 3.924 km/s.
Thus our equation looks like:
m1 = m0 * 2.718^(-7.38 / 3.924)
"m0" is the starting mass of your rocket, m1 is how much mass you'll have left after you achieve the required Delta V. So, if we take a 20 tonne starting craft (for example) and plug it into the equation, we get:
m1 = 20,000 kg * 2.718^(-7.38 / 3.924)
m1 = 3,050 kg
To get the ratio of fuel to craft, we compute 1-(3,050/20,000) to come up with a craft that is about 85% fuel, leaving about 15% as craft mass. Considering that the Space Shuttle only gets about 6.75% of its mass to orbit, 15% is pretty darn good.
To compute the other way (how much fuel mass is needed for a given final mass), you can compute the following:
m0 = m1 * 2.718^(7.38 / 3.924)
If we assume a larger number than before (say, 20,000 kg of ship+cargo to orbit), we come up with the following figures:
m0 = 20,000 kg * 2.718^(7.38 / 3.924)
m0 = 131,140 kg
Again, we see the same ratio (1 - (20,000 / 131,140) = ~85%), but the sizes have increased. The question is, could the Valkyrie (XB-70) carry 131,140 kg of spacecraft?
Well, according to the specs I have, it had an empty weight of 93,000 kg, and a maximum takeoff weight of 250,000 kg. Maximum loaded capacity was 242,500 kg, so you can assume that the 8,000 kg difference is probably fuel expended to get off the ground. Doing some simple math (242,500 kg - 93,000 kg) we come to a final cargo capacity of 149,500 kg. Taking away the weight of our craft (149,500 kg - 131,140 kg) we find that the Valkyrie would have 18,360 kgs left over for fuel and other weight. That shaves it pretty close, but it's doable.
If you assume that the Air Force has increased her Thrust to Weight ratio with some of the more powerful jet engines that have been designed since the 1960's, the margins actually look pretty darn good.
Does that answer your question?
Funny. Sourceforge gives out SSH accounts to anyone and their dog.
Indeed. And every once in a while, Sourceforge gets hacked. And they have a trained staff of admins who attempt to very carefully lock down the systems and separate the user logins from the systems that run web services and code repositories. (Which is why you can't blow away your own code tree. You have to ask SF to do it.)
The only thing that's funny here (which isn't even funny) is that an inexperienced admin made his box 100% public without taking the standard precautions that every admin worth his salt would take. He blindly trusted that his Mac would be configured to do something it wasn't designed for, and he got burned. Well, DUH. I had a friend who's RedHat Linux box was remotely rooted several times without the attacker being given a shell account. Does that mean that Linux sucks at security?
Are you telling me that they're no better than Windows when it comes to privilege separation and preventing a low-privilege user account from taking control over the system?
Yes and no. If your admin locks the machines down tight, then it's quite possible that the Mac servers are more secure than the Windows servers. Left with default settings, they're both highly vulnerable to anyone who already has access to the machine and is determined to find a hole. (Whether it be a buffer overflow in a priviledged service, or a soft link that gave elevated permissions.)
Systems are extremely hard to secure once untrustworthy individuals have access to them. That's why there's a market for products like Trusted Solaris and Trusted Linux. If you need high security against local users, you can't trust anyone. Not even root.
The U.S. also has a problem with radioactive Cesium. However, it mostly comes from bomb testing rather than a nuclear power plant. We were all living with elevated levels of radioisotopes prior to Chernobyl. The event didn't change that, it just made it a lot more apparent to the public.
That excuse was bullshit when it was used to defend Windows boxes
That excuse would work for Windows if Windows didn't ship with remote vulnerabilities built-in. Unfortunately, it does. Regularly. Without fail.
When someone can prove that OS X has the same problems (which is pretty difficult with zero open ports, and 2 degrees of separation between attachments and executable code) then I'll jump on the "OS X isn't secure" bandwagon. But for now, it remains far more secure than Windows which can be so easily exploited thanks to the number of services it exposes to the Internet by default, and the ease with which executable files can be disguised as legitimate documents.
scaling it down to the point where it could fit under by a YB-type carrier AND carry a decent payload just doesn't seem feasible
Read the article. "Decent Equipment" in this case means "camera equipment" -OR- a microsat. In other words, it has poor cargo carrying capacity. Probably on the order of a tonne or less. The Space Shuttle has a maximum cargo capcity of ~27 tonnes plus a crew of five and various other equipment. (Depending on orbit and revision of vehicle.) The vehicle itself weighs about 109 tonnes. That's quite a difference.
unless the Air Force has already mastered hypersonic flight with scramjets.
What's wrong with traditional LHOx engines? Once you're supersonic, they can provide more than enough thrust to clear the atmosphere and reach orbital velocity. Plus, at that altitude they are already operating more efficiently than ground launch engines would. It all comes down to proper vehicle design. If you want more payload, you need a bigger vehicle. If you want less payload, you can use a smaller vehicle. Simple!
Like all systems, tradeoffs have to be made. I'm sitting next to a Sun Solaris system with JDS on it right now. To get the system running like I want it, I constantly have to resort to the root account to install the simplest of software. (Replace root access with sudo as you prefer.) I have to do this because it is a locked down machine intended to run software packages approved by management. Under this configuration, it's pretty hard to gain root access even with a local account.
This configuration absolutely sucks for a home user.
A home user can't install new software without providing a root (or sudo) password everytime they want to try a software package, they can't update the system configuration from the GUI, they can't start and stop their personal webserver, they can't look at the drive space remaining without having to decode a complex partitioning scheme, they can't do a lot of things that Mac OS X lets them do without interfereing. If Mac OS X *did* restrict these activities, users would balk at the user-unfriendliness and go back to Windows.
So it comes back to a matter of design. It's easy to say, "that should have been secure!", but the costs of making that secure would have been too high for the average home user. Mac OS X's security has been proven to date to be sufficient for what it was designed to do, and has been shown to be at least as secure (perhaps moreso) than your average FreeBSD or Linux desktop. Show me the beef of the problem (i.e. everyday machines being compromised on a scale similar to Windows) and I'll agree with you that Mac OS X is insecure for its intended purpose. Until then, however, I'm going to go with the fact that this guy wasn't thinking straight.
Plenty of people use them for servers as well
Which is why Apple produces OS X Sever Edition.
and apparently OS X isn't secure by default for them.
You show me a server situation that involves hundreds of anonymous, remote logins to a system without any lockdown of the services to move it from a home server to a full-blown webserver, and I'll agree with you. I, personally, can't think of such a situation. Some webhosts provide SSH access, but they certainly don't run a default Linux or FreeBSD installation unless that distribution has been preconfigured for the security they need.
remember though, this is (supposed to be) a *nix we're talking about. local user accounts should not be able to inflict such damage due to better seperation of priviliedges that exist in this world.
But you need to remember that OS X is not designed for remote, multi-user usage. The features are there, but mostly for adminstrative purposes. The machine is first and foremost a Desktop machine that is intended to keep good guys in and bad guys out.
Also keep in mind that it is incredibly difficult to properly configure a Unix system to be completely secure against users with shell accounts. Such security requires a complete system lockdown, complex partitioning, reassignment of services to non-root accounts, jailing of priviledged services (or equivalent), and several other procedures that I sincerely doubt that this guy performed. (In fact, the article confirmed that he could have locked the system down further, but didn't.)
By handing out shell accounts, he might as well have been handing out the root password to his system.
BTW, in case I wasn't clear enough above, his automated webpage to create SSH accounts is here. That will allow you to remotely login to his machine within minutes of entering your information. (Assuming he hasn't disabled it by now.)
/" his box. (Which was what this guy was asking people to do, "if they can".) :-/
The guy should feel thankful that the hacker (gwerdna) was nice enough to only deface his site rather than actually "rm -rf
The problem wasn't even that he had SSH running. It was that he was giving out accounts! I don't know what this guy was trying to prove, but his blind faith in Apple got him burned.
Somewhere inside of Apple, engineers are shaking their heads at this guy and the damage he's done to the Mac's reputation.