Because security mechanisms are fallible, you need a secured secondary channel notification mechanism. It only needs a small percentage of people to opt in to such schemes for the systems to act as an effective honeypot system, detecting possible fraudulent access.
Would you believe Longhorn has all the features promised? No, Ok, would you believe that most of the new proprietary features will not lock you further into Microsoft's vendor trap? No, Umm, well how about that Longhorn will run on your typical current Windows 2000 PC? Uhh, your going to be taking a closer look at Apple's Tiger OSX and the new Linux distributions as a replayment for Microsoft's lack of choice, aren't you, yes.
>further, don't count on that system being able to stop all code from
>executing - it won't stop bootsectors,
Solution - Trusted boot sequence
(This would, to be truly secure, require a jumber on motherboard to be
shorted for Flash-BIOS to be upgraded )
Flash-Bios checksums MBR bootsector, booting a rescue system on fail.
MBR bootsector ( lilo etc ) checksums selected OS's required boot files,
booting a rescue system on fail.
OS boot system checksums... well you get the drift.
A rescue system could be netbooting from a trusted server, signed rescue
partition/file or signed bootable cd-rom/DVD.
The next version of Windows NT, code-named Cairo and targeted for release sometime in 1995, will be built around the concepts of objects and component software. It will have a native OFS (Object File System) and distributed system support.
Cairo, Microsoft's object-oriented successor to Windows NT, will begin beta testing in early 1996 for release in 1997. Although Microsoft is not revealing the full details of Cairo yet, there are enough clues within current Microsoft OSes to yield a good idea of how it might work.
At the first NT developers conference in 1992, Bill Gates announced that Cairo would arrive in three years and would incorporate object-oriented technologies, especially an object file system. Since then, we've seen Windows NT 3.1, NT 3.5, NT 3.51, and most recently NT 4.0. None is object oriented, none has an object file system, none is Cairo. It seems that Cairo is Microsoft's sly way of promising the world. "Will we see Plug and Play in NT?" "Oh yes, of course, in Cairo." "Will NT ever produce world peace and cheap antigravity?" "You bet -- in Cairo."
In August 2000, just days after Caldera purchased the Old SCO server division, the then CEO of Caldera, Ransom Love, made a keynote speech at LinuxWorld 2000. A RealPlayer8 video stream of the event can be found at DrDobbs Journal's Technetcast.
In the question and answer session at the end of the keynote (44:30 minutes into the videostream), Love was asked about the possible confict over Monterey and Linux IA-64. (A mp3 capture of the transcribed portion)
"Q:
What happens about Project Monterey, because that conflicts with the IA-64 Linux, 64-bit Linux?
"Love: OK. I don't -- if we do our job right in making Linux scale over like UnixWare to the degree that everybody, that we know we can... May I ask, some people have said, "Well, people have tried this in the past, but they haven't been that successful," may I suggest: we don't have any ulterior motives for not making it successful. Technologically has not been the reason why it hasn't done it before. There's always some other motive, right? And so to talk about Monterey, clearly we want to make sure we have the same level of Linux integration on Monterey that we would have in our Unixware product. Now, we don't control, I mean, we have a great relationship... it's a joint development relationship with IBM which we intend to preserve... but they have similar interests and so this is really a very synergistic, uh, this transaction is great for all of the major partners as they have already wanted to embrace Linux moving forward.
"Now, let me address one other aspect of your question, which is that the Monterey Project is in conflict with the IA-64 Linux Project. I don't believe it's in conflict at all. Now, clearly, we have tremendous vested interest in the IA-64 Linux Project and with the acquisition of SCO, they've been doing a lot, so you combine those, and we've got one of the more comprehensive offerings, I believe, on the IA-64 Linux. So that's clearly an area that we're very committed to. But like Unixware, there's elements of the Monterey kernel that are more scalable, OK? Now, on the IA-64 platform, I don't know how long of window that is, but today, it's a little bit more robust and more scalable than the IA-64 Linux is today. Now, I'm not saying that over time that won't change.
"But, and let me address one other thing. Sorry, (laughs) you're getting all of it through one question. But clearly we are going to add components back to the Linux kernel on both IA-32 and IA-64 platforms. We'll work with Linus and everyone in order to make that available. That will take some time. And as I mentioned earlier, I don't know that over time you can have a single kernel -- in fact I know you can't -- that will scale, you know, the breadth of IT technology needs. So I think we're looking, in the Linux community, at having multiple kernels, so...
"Q: Multiple Linux kernels? Or multiple UNIX kernels?
On February 24, 2005 I tried to pose some questions to USPTO
On-Line chat for Independent Inventors today, however the digichat java
applet does not appear work with any combination of Linux
Galeon/Mozilla/Firefox jdk1.5.0/j2re1.4.2_07 or MacOSX Firefox/Safari.
Here is what I tried to ask:
I understand that the discovery of
prior art and the evaluation of the obviousness of an invention are
difficult tasks for the United States Patent and Trademark Office
(USPTO) patent application examiners to perform. The percentage of
patents being overturned under the scrutiny of the courts leads me to
believe that the process is not quite as accurate as could be desired.
In a few recent cases the existence of publicly accessible digital
content has played a part in disclosing prior art. The public,
technical and scientific communities use of Internet has to a large
extent replaced printed media such as journals for the public
disclosure of new ideas. To what extent does the current USPTO patent
application examination process take into account public accessible
website content? Do the patent examiners currently use Internet search
engines such as Google ( http://www.google.com ) to locate instances of
prior art? Is the changeable and unverifiable nature of some digital
content a barrier to its being cited as prior art in the patent
application examination process?
The USPTO patent application examiners task could be made more reliable
if the examiners could consult one or more public online registries
that document cases of prior art and public discoveries. The online
registries could provide a means for the public to retroactively point
to cases of preexisting prior art for pending patent applications and a
means to proactively document publicly known ideas and concepts.
Although websites and digitally stored content in general is
changeable, individual entries and changes in an online registry could
be legally authenticated by means of digital timestamping ( http://www.rsasecurity.com/rsalabs/node.asp?id=234 7 ). An online
registry could be hosted by the USPTO as an adjunct to the existing
online public patent and patent pending databases. The USPTO could also
publicly recognize other individual registries hosted by third parties
such as a commercial entity or a non-profit community similar to
Wikipedia ( http://www.wikipedia.org/ ). An individual adding an entry
to such a publicly online registry does not involve granting that
individual any form of monopoly, therefore the action need not have any
artificial barrier involving fees or payments. Would the existence of
digitally timestamped public content overcome any objections by the
USPTO to its citing as prior art? Has the USPTO any plans to add some
form of publicly accessible feedback mechanism to the patent
application process?
It has been nine years since the USPTO updated the Guidelines for
Computer-Related Inventions ( http://www.uspto.gov/web/offices/com/hearings/soft ware/analysis/computer.html
). Since that time has the USPTO undertaken, commissioned or evaluated
any studies on the effects that granting software related patents has
had on the progress of science, useful arts and the software industry
in general? If no such study has been performed or evaluated, why not?
Can the USPTO point to any instances where the granting of software
related patents has been an actual benefit to the progress of science,
useful arts and the software industry in general? In a similar vein,
can the USPTO point to any instances where the granting of business
method related patents has been an actual benefit to the progress of
science, useful arts and industry in general?
Serously, infect the moon with nano machines that assemble copies of themselves from the snipped off rough bits of anything it comes in contact with. You would have the surface of moon as smooth as billard ball within a decade!.
When the nano virus can not find any more rough surfaces, it disassembles itself into a graphite like lubricant.
Then all you have to do is post an article to slashdot complaining about the slippery
surface of the moon.
What I want is a bluetooth VNC protocol based display/touchpad/terminal. The VNC RFB protocol is lightweight enough to be deployed on the cheaper embedded processors and bluetooth chips are cheap enough. An open source PC side driver would act as a networking proxy between the PC side Xvnc virtual display and the PC bluetooth network device. Instead of an inbuilt just have two PS2 ports for a standard PC keyboard and mouse. For display sizes, 600x800 would be good, 768x1024 would be great.
In fact these devices would be cheap enough to set up a whole classroom with VNC based terminals.
Mount a solarpanel on the back to recharge the display batteries and you would help save the planet! Down with rooms full to 300-400Watt power sucking PCs!
If a PHB hands you a contract that appears to severely limit your ability to work for other customers then:
1) Ask if you can have the document examined by your lawyer. If the PHB quibbles, say that you are just following the advice you have had from your business adviser.
2) Actually consult a lawyer -- I mean it. Even if is only the lawyer from your local Citizens Advice Bureau (CAB) or local small business/enterprise bureau. If your strapped for cash either agency is usually able to point you to a local lawyer is quite willing to do a quick consult on the expectation of future business.
3) If the contract limits your ability to do work for other customers then ask your lawyer to add some form of time limit ( sunset clause ) to the contract, with a clause demanding a suitable retainer to cover the time your restricted. Have your lawyer add an opt out clause so that the PHB can decide to stop the retainer with the automatic effect of you no longer being obligated by the terms of the contract.
In most cases the business in question wont even bother with the retainer and will just cross out and initial the offending restrictive clauses in the contract. If they choose to keep paying the retainer, and yes it happens, you may just have to renegotiate or just wait until the sunset clause applies.
CorporatePC is dying,the chief architect killed IT
on
The PC Is Not Dead
·
· Score: 2, Interesting
Read the article that Bill Gates, chief software architect, is reponding to. Consider the number of MAJOR enterprise API overhauls that Microsoft has presented to in-house developers to interface with Microsoft Office, Access and client side Internet Explorer. Client side development on the Microsoft platform has become a decade long Vendor Dependent Death March.
As "chief software architect", Bill Gates is responsible for killing a lot of in-house client side development. And don't make the claim that.NET is going to improve that situation, because Microsoft is going to introduce yet another major paradigm shift with Avalon.
Firstly : Agile Methods in System Administration == Stepwise Deployment. Incremental adding of features, upgrading, transitions etc. One step at a time, evaluating the value of each step.
It is not as easy as it sounds, although recent advances in virtualization at the OS level and service level is going to make it a lot more interesting if not easier.
The solution is simple enough. Just approach one or more advertisers and generate PDF files on the fly with the first page as a full page advert. Think google adsense with full page advertising.
Marketers would gladly pay to for full page advertising to the target market that downloads these documents.
To quote Dr. Blaine Burnham, the former director of the Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA), "Security is a system wide property". That requires applications, middleware, libraries and the operating system itself to be secured before the whole system can be declared secure.( If you have a spare hour, listen to Dr. Blaine's USENIX 2000 keynote )
Microsoft's desktop security issues stem from its continued reliance on the Antivirus industries "Infect-Scan-Remove" approach. Even Garner analyst Neil MacDonald has finally realized "Microsoft's overriding goal should be to eliminate the need for (antivirus) and (anti-spyware) products, not simply to enter the market with look-alike products at lower prices,". In comparison, right from the outset, open source desktop platforms and applications have relied almost wholly on closing the infectable vectors, the exploited vulnerabilities used by malware, as quickly as possible. The result is that both the KDE and GNOME desktop environments are a lot more secure and even more secureABLE.
What we have is a great big melting pot Big enough enough enough to take every vendor and all IT's got And keep it stirring for a hundred years or more And turn out Application Service and Content Providers by the score.
Microsoft's desktop security issues stem from its reliance on the Antivirus industries "Infect-Scan-Remove" approach.
In comparison, right from the outset, open source desktop platforms and
applications have relied almost wholly on closing the infectable
vectors, the exploited vulnerabilities used by malware, as quickly as
possible.
Read the following Usenet thread from 2000 that covers the argument in detail
[google.com]. David Harley and Robert Moir are two Anitvirus industry
leaders. It also includes the prediction that Microsoft would
eventually get into the antivirus industry.
If you have a spare hour, listen to Dr Dobbs' technetcast [ddj.com]:
Dr. Blaine Burnham, Director, Georgia Tech Information Security
Center (GTISC) and previously with the National Security Agency (NSA),
gives an overview of current encryption and security technologies and
outlines possible strategies for future defense. 9th USENIX Security
Symposium, KeynoteMP3 [2000-10-09] (57min) [ddj.com]
Slashdot Mirror
And what CPU is the next X-Box using?
Name any business that "partnered" with Microsoft that has not been "screwed" by Microsoft three to six years later.
1) Our Data : an appeal - a "Plimsoll line" for computer security:
2) Twelve Step TrustABLE IT : VLSBs in VDNZs From TBAs: 3) Do you want the Good or Bad news first? .See Mail Bag: Practicing Law Without a License, in which Daniel Wallace's crackpot Anti-GPL arguments are utterly refuted.
The US Mainstream Media does not have a great reputation outside of the USA because of the lies they let pass during the last election.
Would you believe Longhorn has all the features promised? No, Ok, would you believe that most of the new proprietary features will not lock you further into Microsoft's vendor trap? No, Umm, well how about that Longhorn will run on your typical current Windows 2000 PC? Uhh, your going to be taking a closer look at Apple's Tiger OSX and the new Linux distributions as a replayment for Microsoft's lack of choice, aren't you, yes.
Many employees, such as Jun U Nakajima, were transfered from SCO to Caldera. So Caldera effectively did purchase the Old SCO server division.
In the question and answer session at the end of the keynote (44:30 minutes into the videostream), Love was asked about the possible confict over Monterey and Linux IA-64. (A mp3 capture of the transcribed portion)
Complaint to the SEC
On February 24, 2005 I tried to pose some questions to USPTO On-Line chat for Independent Inventors today, however the digichat java applet does not appear work with any combination of Linux Galeon/Mozilla/Firefox jdk1.5.0/j2re1.4.2_07 or MacOSX Firefox/Safari. Here is what I tried to ask:
I understand that the discovery of prior art and the evaluation of the obviousness of an invention are difficult tasks for the United States Patent and Trademark Office (USPTO) patent application examiners to perform. The percentage of patents being overturned under the scrutiny of the courts leads me to believe that the process is not quite as accurate as could be desired. In a few recent cases the existence of publicly accessible digital content has played a part in disclosing prior art. The public, technical and scientific communities use of Internet has to a large extent replaced printed media such as journals for the public disclosure of new ideas. To what extent does the current USPTO patent application examination process take into account public accessible website content? Do the patent examiners currently use Internet search engines such as Google ( http://www.google.com ) to locate instances of prior art? Is the changeable and unverifiable nature of some digital content a barrier to its being cited as prior art in the patent application examination process?
The USPTO patent application examiners task could be made more reliable if the examiners could consult one or more public online registries that document cases of prior art and public discoveries. The online registries could provide a means for the public to retroactively point to cases of preexisting prior art for pending patent applications and a means to proactively document publicly known ideas and concepts. Although websites and digitally stored content in general is changeable, individual entries and changes in an online registry could be legally authenticated by means of digital timestamping ( http://www.rsasecurity.com/rsalabs/node.asp?id=234 7 ). An online
registry could be hosted by the USPTO as an adjunct to the existing
online public patent and patent pending databases. The USPTO could also
publicly recognize other individual registries hosted by third parties
such as a commercial entity or a non-profit community similar to
Wikipedia ( http://www.wikipedia.org/ ). An individual adding an entry
to such a publicly online registry does not involve granting that
individual any form of monopoly, therefore the action need not have any
artificial barrier involving fees or payments. Would the existence of
digitally timestamped public content overcome any objections by the
USPTO to its citing as prior art? Has the USPTO any plans to add some
form of publicly accessible feedback mechanism to the patent
application process?
It has been nine years since the USPTO updated the Guidelines for Computer-Related Inventions ( http://www.uspto.gov/web/offices/com/hearings/soft ware/analysis/computer.html
). Since that time has the USPTO undertaken, commissioned or evaluated
any studies on the effects that granting software related patents has
had on the progress of science, useful arts and the software industry
in general? If no such study has been performed or evaluated, why not?
Can the USPTO point to any instances where the granting of software
related patents has been an actual benefit to the progress of science,
useful arts and the software industry in general? In a similar vein,
can the USPTO point to any instances where the granting of business
method related patents has been an actual benefit to the progress of
science, useful arts and industry in general?
Serously, infect the moon with nano machines that assemble copies of themselves from the snipped off rough bits of anything it comes in contact with. You would have the surface of moon as smooth as billard ball within a decade!.
When the nano virus can not find any more rough surfaces, it disassembles itself into a graphite like lubricant.
Then all you have to do is post an article to slashdot complaining about the slippery surface of the moon.
Instead of an inbuilt just have two PS2 ports for a standard PC keyboard and mouse. For display sizes, 600x800 would be good, 768x1024 would be great.
In fact these devices would be cheap enough to set up a whole classroom with VNC based terminals.
Mount a solarpanel on the back to recharge the display batteries and you would help save the planet! Down with rooms full to 300-400Watt power sucking PCs!
1) Ask if you can have the document examined by your lawyer. If the PHB quibbles, say that you are just following the advice you have had from your business adviser.
2) Actually consult a lawyer -- I mean it. Even if is only the lawyer from your local Citizens Advice Bureau (CAB) or local small business/enterprise bureau. If your strapped for cash either agency is usually able to point you to a local lawyer is quite willing to do a quick consult on the expectation of future business.
3) If the contract limits your ability to do work for other customers then ask your lawyer to add some form of time limit ( sunset clause ) to the contract, with a clause demanding a suitable retainer to cover the time your restricted. Have your lawyer add an opt out clause so that the PHB can decide to stop the retainer with the automatic effect of you no longer being obligated by the terms of the contract.
In most cases the business in question wont even bother with the retainer and will just cross out and initial the offending restrictive clauses in the contract. If they choose to keep paying the retainer, and yes it happens, you may just have to renegotiate or just wait until the sunset clause applies.
As "chief software architect", Bill Gates is responsible for killing a lot of in-house client side development. And don't make the claim that .NET is going to improve that situation, because Microsoft is going to introduce yet another major paradigm shift with Avalon.
Read Vendor Dependent Death Marches VS Open Kaizen
Incremental adding of features, upgrading, transitions etc. One step at a time, evaluating the value of each step.
It is not as easy as it sounds, although recent advances in virtualization at the OS level and service level is going to make it a lot more interesting if not easier.
This will only be good for Linux if the SEC get off their arse and lay criminal charges.
Marketers would gladly pay to for full page advertising to the target market that downloads these documents.
PeerCast.org is one solution. You can set it up on one PC letting only clients on the local network connect.
Microsoft's desktop security issues stem from its continued reliance on the Antivirus industries "Infect-Scan-Remove" approach. Even Garner analyst Neil MacDonald has finally realized "Microsoft's overriding goal should be to eliminate the need for (antivirus) and (anti-spyware) products, not simply to enter the market with look-alike products at lower prices,". In comparison, right from the outset, open source desktop platforms and applications have relied almost wholly on closing the infectable vectors, the exploited vulnerabilities used by malware, as quickly as possible. The result is that both the KDE and GNOME desktop environments are a lot more secure and even more secureABLE.
Take a pinch of Standard Linux
Wrap it up in Xen
Add a touch of SELinux
And a little bitty bit of Globus
Oh like a Sandboxed Platform
Oh Lordy, Lordy, mixed with Free and Open Source Code
You know you lump it all together
And you got a recipe for a Multi Vendor Development scene
It is coming though, you know, you know.
What we have is a great big melting pot
Big enough enough enough to take every vendor and all IT's got
And keep it stirring for a hundred years or more
And turn out Application Service and Content Providers by the score.
With apologies to Blue Mink .
In comparison, right from the outset, open source desktop platforms and applications have relied almost wholly on closing the infectable vectors, the exploited vulnerabilities used by malware, as quickly as possible.
Read the following Usenet thread from 2000 that covers the argument in detail [google.com]. David Harley and Robert Moir are two Anitvirus industry leaders. It also includes the prediction that Microsoft would eventually get into the antivirus industry.
If you have a spare hour, listen to Dr Dobbs' technetcast [ddj.com]: