Engineering systems so that it's difficult or impossible to do "stupid things" is mandatory. It's not sufficient in and of itself for perfect security (and, it's true, there's rarely such thing as perfect security), but if you leave things up to the users, you're going to have touble 'til the cows come home. (And that's one reason why "compromised computers are going for five cents each".)
If a highly-trained airplane pilot cannot be trusted not to raise the landing gear while the plane is on the ground, how can an average user be trusted to faithfully determine, every time, which executable attachments are safe to open and which are not? Executable attachments have been disasters waiting to happen since the day they were conceived. They should never have been deployed, and as long as they're prevalent (and continue to be built into new protocols like IM -- madness!), security will continue to be a nightmare.
And to the other point above, the way to make executable sttachments safe is not to protect them with an "are you sure?" prompt. That, of course, puts responsibility back in the hands of the -- fallible -- user. No, the way to make executable attachments safe is to not have them at all. When executable content comes in via an utterly untrustworthy source, such as an email, non-SSL web page, or IM session, there just shouldn't be a way to automatically execute it. Period. This might preclude some cool hacks people like to do, but that's the price to be paid for proper security.
...for those of us that live in the real world, you've just got to grit your teeth and work with what you've got. Oh, and make sure that Microsoft feel your pain, of course...:-)
But Microsoft does not feel your pain (at least, not as you do), and that is a fundamental part of the problem.
And an even more fundamental part of the problem is people who say, "you've just got to grit your teeth and work with what you've got". Those are the enablers in this situation, the ones (and there are an awful lot of them, as witness Microsoft's market share) who give Microsoft the absolutely unignorable, loud-and-clear message that "good enough" is good enough, that security doesn't matter that much, that it's okay to keep tinkering with it and reacting to problems after the fact, that we just want to keep the problems down to a dull background throb (just none of the acutely painful stuff), rather than actually, like, curing them or anything.
That's nice, but there's a huge flaw in this analogy as well, which is that Windows doesn't really have an "immune system" at all.
Windows is like one of those poor kids with Severe Combined Immunodeficiency Disorder, who has to live in a plastic bubble. Except in this case (a) there is no bubble after all, (b) the kid has a voracious appetite and eats anything in front of him that looks remotely edible, and (c) there are hordes of people parading through the room every day waving enticing pieces of food. His parents have hired a guy named Mac Afee to inspect all the food brought in, and given him a big hammer so he can bonk paraders on the head if they're carrying food that might disagree with the kid. Up until now, Mac has done a pretty good job, but on Friday he want nuts and started bonking the kid on the head...
Most of us can walk around outside without a plastic bubble, and can get by without food testers.
A real operating system, with an actual "immune system", wouldn't need to be so severely protected, either.
To me, the fact that there are "a huge variety of attacks, both immidiate and obsolete" is what results in an error-likely situation. Let's face it, connected, up-to-date computing is dangerous.
But it doesn't have to be that way. Connected computing is not inherently dangerous. It's only inherently dangerous if you (or the author of your operating system) have gone out of your way to open doors to attackers.
The root cause of that "huge variety of attacks" is not that there's some huge army of sophisticated miscreants creating them. The root cause is that Microsoft Windows has always had such a crashingly mediocre security architecture.
What the network security companies need to work on is an innovative way to effectively protect corporate and home networks without having to use dangerous bloatware.
Here's an innovative idea: how about... not running untrustworthy code off the network!
Not block it, not scan it, not check its digital signature to see if it's "trusted"; just: don't have any way of running it at all.
If there's an executable attachment in an email message and you click on it: nothing happens.
If there's an executable file in a zip archive in an email message and you click on it: nothing happens.
If a web page contains code instead of data: nothing happens.
If Microsoft had done this years ago, the virus problem wouldn't exist today.
If Microsoft could see its way clear to do this today, the virus problem would start diminishing tomorrow.
But no, we have to give the virus writers carte blanche to have their code executed at the drop of a hat, while we run around trying to block it or cleaning up after it. (It reminds me of the way Wikipedia gives anonymous users carte blanche to vandalize articles, while an army of volunteers runs around reverting.)
...a system that is subject to viruses and security vulnerabilities on the scale of Windows is inherently untenable.
Yup. Been that way for quite some time now.
Can we stop using them now?
Some of us can, but alas, most are still utterly addicted, and will put up with nonsense like this for quite a bit longer. "Thank you sir, may I have another!"
Looks to me like he's a smug user of computing platforms that are actually, inherently, mostly secure.
...those paying for an anti-virus subscription being somehow incompetent.
It seems there are yet a few little boys who dare to say "The Emperor has no clothes" when confronted with the, yes, staggering incompetence with respect to security which is rampant within the mainstream PC world.
adopt a platform with no inherent security
become utterly dependent on it such that you can neither abandon it nor correct its inherent flaws
spend extra time and money on extra, after-the-fact "security" applications which, at best, give you a slight headstart in what's still a footrace between the white hats and the black hats (a race in which the black hats still seem to be holding their own)
put up with lost files and more lost time when the "security" software runs amok
to make yourself feel better while you're waiting for your backup tapes to read, belittle someone who has the audicity to wash his hands of your chosen platform's sorry problems.
...the security of computer depends as much on the network security around it, as the machine itself. Firewalls can help filter out much of the bad traffic...
Firewalls can help, yes, but you don't want to depend on them for security. Individual machines really need to be able to withstand attacks on their own. If they can't, they're vulnerable to attacks originating from within your firewall-protected LAN, and such attacks are not merely a theoretical possibility -- they happen.
I was prepared for it to, because google's sucks; as near as I can tell they haven't updated their index in months.
But this "Windows Live" thing doesn't work at all; I can't seem to search for anything.
Totally broken.
You are sitting comfortably in your easy chair. To your right is a glass of 80% water and 20% vinegar. The vinegar is all at the bottom, although there's a 5% chance that when you pick up the glass you'll jostle it and mix the contents. In the kitchen, 30 feet away, there are clean glasses and fresh water. You are suddenly seized with thirst -- what do you do?
[Yes, the "5% chance that when you pick up" part is meaningless, and doesn't correspond with anything.]
There's a little bit of truth in everything you've said, but Wikipedia also contains a lot -- an awful lot -- of good, solid information.
You're seeing the glass as 20% empty, but I think it's more like 80% full.
Fair enough. Do you know if they're bitching about Firefox under Linux, or under Windows, or what? In my experience, with a proper VM implementation, programs that are memory hogs don't destabilize the entire machine, and if they do, I think the OS bears at least part of the blame.
Because programs rarely return memory to the OS when they free it internally. See here. Try changing the pref (as described elsewhere in this thread), restarting Firefox, and watching its memory usage then.
Why is everyone bitching about this? I hate waiting for any refetch or rerendering when I use the Back button; I want it to be instantaneous. That page was fetched and rendered aslready, so having the browser keep it around for when I go back to it is exactly what I'd want it to do.
Do seat belts and air bags stop ignorant drivers from killing themselves in car accidents?
Do firewalls and sprinkler systems stop innocent people from dying in fires?
Malware doesn't *need* root/admin permissions to carry our their primary tasks.
No, and biological disease doesn't need poor hygiene, sharing of used needles by intravenous drug users, or unprotected sex with multiple partners in order to propagate, either.
The reason default-admin access under Windows is the norm is not that it's irrelevant to security.
The reason that other OS'es -- which don't provide admin access by default -- are more secure is not coincidence.
If Microsoft took steps to minimize routine use of admin access, it would take away a hugely useful tool for malware authors. Sure, they'd try to pursue other avenues, but their task would be considerably more difficult. Microsoft has not made this change not because it wouldn't be effective, but because it's hamstrung by all the widely-assumed precedents dating back to times when the company took security even less seriously than it does today.
The fees
are the latest attempts by the companies to weed out unsolicited
ads, commonly called spam
Of course what they really mean is that the fees are an attempt by these
companies to make money from spam.
The new scheme doesn't do anything to weed out spam, since the
existing spam filters remain in place. All the new scheme does
(as the/. headline "AOL and Yahoo to Offer Filter Circumvention"
accurately reflects, unlike the AOL and Yahoo marketing
doublespeak) is to give senders with money a leg up and a
"privileged" level of access to the end users' mailboxes.
So, please explain to me how you can have a sane system of laws that restrict things like sharing over P2p and don't restrict things like letting a friend read a book. In a digital world, I do not believe this is possible.
There has to be a middle ground between the rabid filesharers' "we can do anything we want with any digital copy we can get our hands on and nobody has any right to say otherwise", and the (equally rabid) RIAA position of "if you do anything with our media other than consume it in the ways we condone you are a thief and a pirate and a lawbreaker".
There are all sorts of restrictions other than laws, and there are all sorts of ranges of acceptable behavior which can simultaneously and unhypocritically embrace both the sharing of library books and the legitimate wishes of the holders of copyrights on various forms of media, including digital ones.
If it's true (as RMS says in the interview) that the various
Creative Commons licenses are "more different than similar", and
if they differ on issues you care about, then yes, I would have
to agree with Stallman that they need to be discussed separately,
that you can't make a blanket statement saying either "I support
CC licenses" or "I reject CC licenses". If some Creative Commons
licenses are worth using and others aren't, it would be best to
stop talking about them collectively as "Creative Commons
licenses" and instead discuss them under their own names.
Slashdot Mirror
If a highly-trained airplane pilot cannot be trusted not to raise the landing gear while the plane is on the ground, how can an average user be trusted to faithfully determine, every time, which executable attachments are safe to open and which are not? Executable attachments have been disasters waiting to happen since the day they were conceived. They should never have been deployed, and as long as they're prevalent (and continue to be built into new protocols like IM -- madness!), security will continue to be a nightmare.
And to the other point above, the way to make executable sttachments safe is not to protect them with an "are you sure?" prompt. That, of course, puts responsibility back in the hands of the -- fallible -- user. No, the way to make executable attachments safe is to not have them at all. When executable content comes in via an utterly untrustworthy source, such as an email, non-SSL web page, or IM session, there just shouldn't be a way to automatically execute it. Period. This might preclude some cool hacks people like to do, but that's the price to be paid for proper security.
But Microsoft does not feel your pain (at least, not as you do), and that is a fundamental part of the problem.
And an even more fundamental part of the problem is people who say, "you've just got to grit your teeth and work with what you've got". Those are the enablers in this situation, the ones (and there are an awful lot of them, as witness Microsoft's market share) who give Microsoft the absolutely unignorable, loud-and-clear message that "good enough" is good enough, that security doesn't matter that much, that it's okay to keep tinkering with it and reacting to problems after the fact, that we just want to keep the problems down to a dull background throb (just none of the acutely painful stuff), rather than actually, like, curing them or anything.
Most of us can walk around outside without a plastic bubble, and can get by without food testers. A real operating system, with an actual "immune system", wouldn't need to be so severely protected, either.
But it doesn't have to be that way. Connected computing is not inherently dangerous. It's only inherently dangerous if you (or the author of your operating system) have gone out of your way to open doors to attackers.
The root cause of that "huge variety of attacks" is not that there's some huge army of sophisticated miscreants creating them. The root cause is that Microsoft Windows has always had such a crashingly mediocre security architecture.
Here's an innovative idea: how about... not running untrustworthy code off the network! Not block it, not scan it, not check its digital signature to see if it's "trusted"; just: don't have any way of running it at all. If there's an executable attachment in an email message and you click on it: nothing happens. If there's an executable file in a zip archive in an email message and you click on it: nothing happens. If a web page contains code instead of data: nothing happens.
If Microsoft had done this years ago, the virus problem wouldn't exist today. If Microsoft could see its way clear to do this today, the virus problem would start diminishing tomorrow. But no, we have to give the virus writers carte blanche to have their code executed at the drop of a hat, while we run around trying to block it or cleaning up after it. (It reminds me of the way Wikipedia gives anonymous users carte blanche to vandalize articles, while an army of volunteers runs around reverting.)
Yup. Been that way for quite some time now.
Can we stop using them now?
Some of us can, but alas, most are still utterly addicted, and will put up with nonsense like this for quite a bit longer. "Thank you sir, may I have another!"
Looks to me like he's a smug user of computing platforms that are actually, inherently, mostly secure.
It seems there are yet a few little boys who dare to say "The Emperor has no clothes" when confronted with the, yes, staggering incompetence with respect to security which is rampant within the mainstream PC world.
No, no, that's their problem. They need fewer "improvements"! It's the gratuitious "improvements" that are causing all the problems...
Firewalls can help, yes, but you don't want to depend on them for security. Individual machines really need to be able to withstand attacks on their own. If they can't, they're vulnerable to attacks originating from within your firewall-protected LAN, and such attacks are not merely a theoretical possibility -- they happen.
Based on this offering? Yes, it really does look like MS doesn't have what it takes to create a great search engine.
I was prepared for it to, because google's sucks; as near as I can tell they haven't updated their index in months. But this "Windows Live" thing doesn't work at all; I can't seem to search for anything. Totally broken.
[Yes, the "5% chance that when you pick up" part is meaningless, and doesn't correspond with anything.]
There's a little bit of truth in everything you've said, but Wikipedia also contains a lot -- an awful lot -- of good, solid information. You're seeing the glass as 20% empty, but I think it's more like 80% full.
Actually, I do that a lot. I usually learn something new, and I usually find a couple articles I can improve. :-)
...I left the "Open 'safe' files after downloading" option turned off.
Fair enough. Do you know if they're bitching about Firefox under Linux, or under Windows, or what? In my experience, with a proper VM implementation, programs that are memory hogs don't destabilize the entire machine, and if they do, I think the OS bears at least part of the blame.
> Beat it.
Spoken like a true AC. :-)
Because programs rarely return memory to the OS when they free it internally. See here. Try changing the pref (as described elsewhere in this thread), restarting Firefox, and watching its memory usage then.
Why is everyone bitching about this? I hate waiting for any refetch or rerendering when I use the Back button; I want it to be instantaneous. That page was fetched and rendered aslready, so having the browser keep it around for when I go back to it is exactly what I'd want it to do.
Do seat belts and air bags stop ignorant drivers from killing themselves in car accidents?
Do firewalls and sprinkler systems stop innocent people from dying in fires?
You're living in a dream world.
No, and biological disease doesn't need poor hygiene, sharing of used needles by intravenous drug users, or unprotected sex with multiple partners in order to propagate, either.
The reason default-admin access under Windows is the norm is not that it's irrelevant to security. The reason that other OS'es -- which don't provide admin access by default -- are more secure is not coincidence.
If Microsoft took steps to minimize routine use of admin access, it would take away a hugely useful tool for malware authors. Sure, they'd try to pursue other avenues, but their task would be considerably more difficult. Microsoft has not made this change not because it wouldn't be effective, but because it's hamstrung by all the widely-assumed precedents dating back to times when the company took security even less seriously than it does today.
Of course what they really mean is that the fees are an attempt by these companies to make money from spam.
The new scheme doesn't do anything to weed out spam, since the existing spam filters remain in place. All the new scheme does (as the /. headline "AOL and Yahoo to Offer Filter Circumvention"
accurately reflects, unlike the AOL and Yahoo marketing
doublespeak) is to give senders with money a leg up and a
"privileged" level of access to the end users' mailboxes.
There has to be a middle ground between the rabid filesharers' "we can do anything we want with any digital copy we can get our hands on and nobody has any right to say otherwise", and the (equally rabid) RIAA position of "if you do anything with our media other than consume it in the ways we condone you are a thief and a pirate and a lawbreaker".
There are all sorts of restrictions other than laws, and there are all sorts of ranges of acceptable behavior which can simultaneously and unhypocritically embrace both the sharing of library books and the legitimate wishes of the holders of copyrights on various forms of media, including digital ones.
If it's true (as RMS says in the interview) that the various Creative Commons licenses are "more different than similar", and if they differ on issues you care about, then yes, I would have to agree with Stallman that they need to be discussed separately, that you can't make a blanket statement saying either "I support CC licenses" or "I reject CC licenses". If some Creative Commons licenses are worth using and others aren't, it would be best to stop talking about them collectively as "Creative Commons licenses" and instead discuss them under their own names.