I am a Network Administrator at a bank. No harddrives leave my hands. We'll give away equipment, but you are responsible for furnishing your own harddrive. I don't care if in 15 years I have a mountain of harddrives, none are leaving my hands. SOP is to take a HDD out of a PC before decommissioning it. This should happen everywhere there might be sensitive data. [Emphasis added]
Good. Somebody gets it. I'll add that if somebody wants to dismantle a hard drive and leave with the pieces, that's fine. (Of course I don't have anything remotely as sensitive as what a bank would have.)
No it seems to be plain old piss poor proceedures to me, it's not that hard to fix either.
Exactly. I log on as root (on Windows yet). I leave my machines up and running and logged in (as root). I have systems with the user name & password (same) writ large on the keyboard. Piss poor security, yes, but at that level I'd never let a system out to scrap with a hard drive that might contain anything slightly sensitive. Since it might contain some cached profiles, this means every hard drive.
The problem with hard drives (or waste baskets) is that whoever get them can peruse them at leisure with no threat of discovery and no requirement to put things back the way they were.
pops in a linux cd Aha. a linux cd. Which Linux cd? (wise-ass answer: bootable is better). You can run badblocks destructive surface analysis if you've got the patience and want to ensure that the disks are good. If you're real lazy, dd if=/dev/zero of=/dev/sda, let it run for a few seconds, and odds are pretty high that noone would take the trouble to rescue all the data that's still there on most of the drive. If you've got anything sensitive, however, fragments of the data itself are useable, so you need to at least finish one complete overwrite.
This isn't complete security, but the methods of recovering further are extremely expensive and are not used on random disks. Even zeroing the front end ensures that it will take a fair amount of trouble "just to see what was on the disk". The point of security isn't that the lock is unbreakable. The point is that the lock is strong enough that it isn't worth taking the trouble to break it. That shouldn't have happened even with a total crap level of security.
How could this have happened? Is Microsoft Windows really that brain deadening?
It's a million dollar aircraft. It's not a million dollar pc. It's a rather cheap mult-spectrum jamming device. It's real easy, intentionally or otherwise, to jam high-dollar communications gear if you can get close enough to the receiving antenna.
Executing is what computers do with their instructions, at least as far back as I can remember. (Of course you can't put that many instructions on a 2000 word drum;)
When an executive says from the beginning that execution is the key, it means the business plan is shaky. If he actually had a good business plan, he would have said something that sounds like "we can't lose." "we can't lose." plus bad execution means you lose. A bit of heads-up, good execution, and a bad business plan can succeed very well.
But the problem with that is that there are only so many ways to implement some things. Further, if the problem domain and computational costs are well known, there is one or a very few (near-) optimal solutions. If there are also good standards for variable naming and commenting, it should be feasible for two completely independent implementations to be identical.
they are a victim of all the stupid, short sighted decisons favoring marketing glitz over technology that they have made over the years. That installed base is a millstone around their neck. Bingo! It's all those little things that affect the user's expectations and decisions about what to do. Everything tells the user (s)he is supposed to click or they might miss out on something. It's stuff like hiding file extensions. I have yet to see any signs of Microsoft changing its tune. Regardless of what Microsoft patches, there will always be one more.
Methinks Microsoft will have enormous problems changing what it has to to get on top of the worms. Imagine. You install OpenBSD and are greeted with something like: Welcome to OpenBSD 3.4, the most secure OpenBSD ever. Sit back and relax in your new-found security.
I have run OpenBSD on a few boxes where Linux didn't like a particular SCSI controller or network card or some such, but I'd say I'm about strictly noobie level on it. If I saw anything like the above rather than the stock email and man afterboot, I'd get very paranoid very fast. Nothing's completely secure, but there's a vast range of insecurity. Linux has holes. They're being fixed. If anything starts to do any real damage it will get fixed in a hurry.
Where I work we've begun to have problems with all kinds of proprietary file formats (for making ASICs for example) where the company has gone out of business. I don't have confidence in code escrow schemes as a proprietary alternative.
The only way to avoid that mess is real live competition. Code escrow is essentially dead competition with a bunch of buts and maybes thrown in.
Note that PDF is not just Adobe. There's also ghostscript and maybe others. This makes PDF a safe format to store stuff in so that you can recover it at some much later point in time. It will be better and easier to recover if Adobe is still around, but regardless of Adobe's survival and anything that Adobe does or does not do, those documents will still be readable 10, 20, 50 years from now.
AutoDesk is much the same in that ALL of any.dwg (very proprietary format) can be exported to.dxf (very open format). (The.dxf format has been open longer than most/.ers have been alive;) Some CAD programs used to use.dxf for a file format. Those drawings would be readable by any current AutoCAD.
Well, I'm not as optimistic about that as you seem to be.
That's coming from a casual observer of Code Red, Slammer, MSBlaster, the reactions and responses, and speculating on what is actually required to contain them. Microsoft's responses seem to be predicated on always having finally eliminated all bugs and security holes. Microsoft itself is targeted, they send out letters to all known addresses. Took three days before a search for Code Red would turn up anything on microsoft.com. From Melissa on, there has been rapid response from/. by Unix/Linux/BSD people on how to stop/curtail/trip-up/etc the Microsoft problems. I had an IIS server up, unpatched, no firewalling. It did not get Code Red. No Gateway. It was not going to be talking to anything not on the LAN. Except for the newer laptops, we do not run anti-virus software, and its the newer laptops with the anti-virus software that get the viruses. The critical difference is that Linux and friends pervasively consider that the more the users are aware of, the better. Anything attempting to hide something is immediately suspect. So if there is anything funny going on, the odds are much higher that somebody will notice something. This occurs with many more people and a much lower required skill level. (And it's a complete myth that Linux requires greater skills. It tends to promote them, but the required skills to actually do anything with Linux are much less that those required to do anything with Microsoft Windows. Microsoft Windows is however easier to set up with something that looks like a system if you have no skills.)
FUD and truth are not necessarily disjoint. Can Microsoft control its worms? Look at the progression starting with Melissa. Do you really think that even closing all the holes they know about and getting everybody to patch everything will stop it?
Repeat: Disclaimer: These opinions are my own. In particular, they do not represent the opinions of anyone in the Open Source Community.
My own concers with security have more to do with such as a shipping clerk entering the magic incantation and hosing the databases than anything the "black hats" might do. Ever wonder how the black hats found and exploited the holes? Source is pretty well necessary to fix the problems. Source is not much of an asset and can be a liability in terms of finding the problems. The source tends to show the programmers intent. The machine language shows what the program does, exactly. Just having seen the source can be enough that you cannot see what the program is actually doing. The mind sees what you expect to see.
So judging by their responses, I'd say Microsoft "gets it" completely. Methinks you're right. Microsoft is trying to keep milking a dead cow as long as possible. I'd more than halfway expect Microsoft to turn rather nasty as the cow starts decomposing.
Munich took Microsoft's "cheaper than Linux" offer and told them to keep it. Methinks they studied it enough to know that Linux was the better deal, regardless of whatever price Microsoft could come up with. Why do you think they set up that fund? The only surprise maybe is the switch now rather than wait a couple of years.
analysis of why a government entity might consider OSS to be superior to proprietary
Disclaimer: These opinions are my own. In particular, they do not represent the opinions of anyone in the Open Source Community.
Massive peer review makes OSS more secure than comparable closed source products Quite possibly true but irrelevant. Things like Code Red, Slammer, MSBlaster will not spread extensively and will be extinguished because there's a diverse horde of people with the ability to work out what it takes to stop and extinguish it. If you remove the top two-thirds of the talent, what's left will still manage to somehow extinguish it.
Proprietary document formats raise issues when government information is stored using them For FUD value, add DRM and EOL issues.
completely dependent on Even if you could get the answers, you still need to know the questions. IMNSHO, FUD originated not from IBM itself, but from IBM's customers, specifically IT managers promoted from keypunch supervisor, secretly deathly afraid of technology, and deathly afraid of IBM turning against them and they are so without resources that they would be incapable of even being aware of it. There are far too many ways to fulfill the letter of any contract and still totally sabatoge the other party.
Yep, especially considering that any potential short-terms gains in security are more than offset by the assurance of long-term insecurity. It's much easier to keep sensitive information away from the good guys than it is to keep it away from the bad guys. Since any metric will be measuring what information is kept away as opposed to who it is kept away from, the "increased security" will work to the relative advantage of the bad guys.
I wouldn't bet against you, but the forth possibility is that something will be produced that actually helps establish some base level of security.
If they do succeed, I should be able to run an unpatched OS, run unpatched and vulnerable applications and click on anything I please with impunity. That's not to say that everything's fine. It's just that I shouldn't be able to get consequences all out of proportion to their causes. I click on a bad website and maybe kill the browser, but that browser is extremely limited in the scope of what else it can mess with. I think the BSDs are aiming in that direction.
Better put: Security is in the details. All of the details.
Security is a perimeter type thingee. Putting a steel security door on a tarpaper shack isn't going to improve security. The weak point of a bank vault is that enormous security door.
If I'm going to crash a system then its going to be its specific weakness/flaw and not some standard hole in every product.
Exactly. Furthermore you get to make your choices after the product has committed to its choices. Further, the more complicated the security apparatus, the more likely that somebody managed to overlook something somewhere.
(Other than back-seat drivers;) the likelihood of any of those activities interacting and/or interfering with someone else doing the same thing are extremely low.
That's the key point. It should be essentially impossible for someone just surfing or reading email to have any major impact on the internet, particularly without any indication that they are having a major impact.
Labeling Microsoft software as inherently dangerous and requiring a license for its use might not be a bad idea, but I wouldn't push it any further than that. You have to wonder why the businesses that stand to lose hundreds of thousands or millions of dollars an hour keep making Bill Gates richer.
The philosophy of linux and unix-like OSs is to have small programs that do single tasks well, and link them together to do complex tasks.... The filesystem, however is a fundamental part of the operating system.
The point is well made. However. Try solving simultaneous equations one at at time. Not all programs can be small.
Methinks that accessing/bin/ls and accessing the latest budget have nothing in common other than in some sense being files on some computer. Having the latest budget in a database that can present itself as as filesystem seems advantageous. Having/bin/ls dependent on anything more than the bare essentials seems like an invitation to disaster.
The trick is that the control system can only react so fast - suddenly disconnect an entire town, and the load drops, causing the power in to spin the generator too fast. If the control system overcorrects, then you'll get too low of a frequency. If a far-away generator drops out and you've got to supply more current to your local region, then the demand has gone up, slowing the frequency.
Huh? The only control system has to do with needing to be pretty much in phase when you connect to the grid with big generators. After connection, anything that wants to go a bit faster has to supply power to all of the grid. Anything that wants to go slower isn't applying any power to the grid. In normal operation all the generators are in locked phase with each other. Short of something massive which gets something out of phase the system is completely self-regulating. I'm not sure what happens if something bit slips, but I suspect that the voltage doubles and the generators try to melt the transmission lines and facilities. I would assume they have stuff in place to disconnect fast in such a case.
I don't mind the single prompt dialog. What drives me bonkers is the chatising second message that pops up when I say "no." Hehehehehe. Making the world safe for worms and viruses.
That (and its friends and relations) is what makes the worms so prevalent and damaging. Oh look at the pretty worm. Clickety-click. Don't want the pretty worm, why shame on you! Repeat often enough and in enough places and they will click.
"One possible scenario is that Eolas would have the power necessary to re-establish the browser-as-application-platform as a viable competitor to Windows. That would be an interesting outcome, wouldn't it? How much would that be worth? The Web-OS concept, where the browser is the interface to all interactive apps on the client side, was always a killer idea. It still is. It lost momentum not because it wasn't economically or technically feasible, but because MS made it unlikely for anybody but them to make money on the Web-client side. Therefore, nobody could justify the necessary investment to take a really-serious shot at it. It doesn't have to be that way, does it? Just think of how we could use this patent to re-invigorate and expand the competitive landscape in this recently-moribund industry. What if we could do what the DOJ couldn't, and in the process make Eolas and everybody else, possibly excluding MS, richer? Wouldn't Eolas stand to profit more in such a scenario than any kind of pre-trial settlement could provide? Wouldn't everybody else?" [Emphasis added]
That's exactly why Microsoft went after Netscape in the first place.
Slashdot Mirror
I am a Network Administrator at a bank. No harddrives leave my hands. We'll give away equipment, but you are responsible for furnishing your own harddrive. I don't care if in 15 years I have a mountain of harddrives, none are leaving my hands. SOP is to take a HDD out of a PC before decommissioning it. This should happen everywhere there might be sensitive data. [Emphasis added]
Good. Somebody gets it.
I'll add that if somebody wants to dismantle a hard drive and leave with the pieces, that's fine. (Of course I don't have anything remotely as sensitive as what a bank would have.)
No it seems to be plain old piss poor proceedures to me, it's not that hard to fix either.
Exactly.
I log on as root (on Windows yet). I leave my machines up and running and logged in (as root). I have systems with the user name & password (same) writ large on the keyboard. Piss poor security, yes, but at that level I'd never let a system out to scrap with a hard drive that might contain anything slightly sensitive. Since it might contain some cached profiles, this means every hard drive.
The problem with hard drives (or waste baskets) is that whoever get them can peruse them at leisure with no threat of discovery and no requirement to put things back the way they were.
pops in a linux cd
Aha. a linux cd. Which Linux cd? (wise-ass answer: bootable is better).
You can run badblocks destructive surface analysis if you've got the patience and want to ensure that the disks are good. If you're real lazy, dd if=/dev/zero of=/dev/sda, let it run for a few seconds, and odds are pretty high that noone would take the trouble to rescue all the data that's still there on most of the drive. If you've got anything sensitive, however, fragments of the data itself are useable, so you need to at least finish one complete overwrite.
This isn't complete security, but the methods of recovering further are extremely expensive and are not used on random disks. Even zeroing the front end ensures that it will take a fair amount of trouble "just to see what was on the disk". The point of security isn't that the lock is unbreakable. The point is that the lock is strong enough that it isn't worth taking the trouble to break it. That shouldn't have happened even with a total crap level of security.
How could this have happened? Is Microsoft Windows really that brain deadening?
If someone found out that DHS can't protect USA against a major terror attack DHS would not want the terrorist to know this.
No, the terrorist already has a pretty good idea. It is the citizen that the DHS would not want to know this.
"we have to upgrade the browser to make Application X work but Application Y breaks"
That makes two broken applications.
The web browser has set back application development 20 years.
If "fixing the browser" is part of the answer, make that 30 years.
Nothing wrong with graphics arts, but you want very little, very good instead of lots of bad.
It's a million dollar aircraft.
It's not a million dollar pc.
It's a rather cheap mult-spectrum jamming device.
It's real easy, intentionally or otherwise, to jam high-dollar communications gear if you can get close enough to the receiving antenna.
Executing is what computers do with their instructions, at least as far back as I can remember. (Of course you can't put that many instructions on a 2000 word drum;)
When an executive says from the beginning that execution is the key, it means the business plan is shaky. If he actually had a good business plan, he would have said something that sounds like "we can't lose."
"we can't lose." plus bad execution means you lose.
A bit of heads-up, good execution, and a bad business plan can succeed very well.
But the problem with that is that there are only so many ways to implement some things.
Further, if the problem domain and computational costs are well known, there is one or a very few (near-) optimal solutions. If there are also good standards for variable naming and commenting, it should be feasible for two completely independent implementations to be identical.
they are a victim of all the stupid, short sighted decisons favoring marketing glitz over technology that they have made over the years. That installed base is a millstone around their neck.
Bingo! It's all those little things that affect the user's expectations and decisions about what to do. Everything tells the user (s)he is supposed to click or they might miss out on something. It's stuff like hiding file extensions. I have yet to see any signs of Microsoft changing its tune. Regardless of what Microsoft patches, there will always be one more.
Methinks Microsoft will have enormous problems changing what it has to to get on top of the worms.
Imagine. You install OpenBSD and are greeted with something like:
Welcome to OpenBSD 3.4, the most secure OpenBSD ever.
Sit back and relax in your new-found security.
I have run OpenBSD on a few boxes where Linux didn't like a particular SCSI controller or network card or some such, but I'd say I'm about strictly noobie level on it. If I saw anything like the above rather than the stock email and man afterboot, I'd get very paranoid very fast. Nothing's completely secure, but there's a vast range of insecurity. Linux has holes. They're being fixed. If anything starts to do any real damage it will get fixed in a hurry.
Where I work we've begun to have problems with all kinds of proprietary file formats (for making ASICs for example) where the company has gone out of business. I don't have confidence in code escrow schemes as a proprietary alternative.
.dwg (very proprietary format) can be exported to .dxf (very open format). (The .dxf format has been open longer than most /.ers have been alive;) Some CAD programs used to use .dxf for a file format. Those drawings would be readable by any current AutoCAD.
The only way to avoid that mess is real live competition. Code escrow is essentially dead competition with a bunch of buts and maybes thrown in.
Note that PDF is not just Adobe. There's also ghostscript and maybe others. This makes PDF a safe format to store stuff in so that you can recover it at some much later point in time. It will be better and easier to recover if Adobe is still around, but regardless of Adobe's survival and anything that Adobe does or does not do, those documents will still be readable 10, 20, 50 years from now.
AutoDesk is much the same in that ALL of any
Well, I'm not as optimistic about that as you seem to be.
/. by Unix/Linux/BSD people on how to stop/curtail/trip-up/etc the Microsoft problems.
That's coming from a casual observer of Code Red, Slammer, MSBlaster, the reactions and responses, and speculating on what is actually required to contain them. Microsoft's responses seem to be predicated on always having finally eliminated all bugs and security holes. Microsoft itself is targeted, they send out letters to all known addresses. Took three days before a search for Code Red would turn up anything on microsoft.com. From Melissa on, there has been rapid response from
I had an IIS server up, unpatched, no firewalling. It did not get Code Red. No Gateway. It was not going to be talking to anything not on the LAN.
Except for the newer laptops, we do not run anti-virus software, and its the newer laptops with the anti-virus software that get the viruses.
The critical difference is that Linux and friends pervasively consider that the more the users are aware of, the better. Anything attempting to hide something is immediately suspect. So if there is anything funny going on, the odds are much higher that somebody will notice something. This occurs with many more people and a much lower required skill level. (And it's a complete myth that Linux requires greater skills. It tends to promote them, but the required skills to actually do anything with Linux are much less that those required to do anything with Microsoft Windows. Microsoft Windows is however easier to set up with something that looks like a system if you have no skills.)
FUD and truth are not necessarily disjoint.
Can Microsoft control its worms?
Look at the progression starting with Melissa. Do you really think that even closing all the holes they know about and getting everybody to patch everything will stop it?
Repeat:
Disclaimer: These opinions are my own. In particular, they do not represent the opinions of anyone in the Open Source Community.
My own concers with security have more to do with such as a shipping clerk entering the magic incantation and hosing the databases than anything the "black hats" might do. Ever wonder how the black hats found and exploited the holes? Source is pretty well necessary to fix the problems. Source is not much of an asset and can be a liability in terms of finding the problems. The source tends to show the programmers intent. The machine language shows what the program does, exactly. Just having seen the source can be enough that you cannot see what the program is actually doing. The mind sees what you expect to see.
So judging by their responses, I'd say Microsoft "gets it" completely.
Methinks you're right. Microsoft is trying to keep milking a dead cow as long as possible. I'd more than halfway expect Microsoft to turn rather nasty as the cow starts decomposing.
Munich took Microsoft's "cheaper than Linux" offer and told them to keep it.
Methinks they studied it enough to know that Linux was the better deal, regardless of whatever price Microsoft could come up with. Why do you think they set up that fund? The only surprise maybe is the switch now rather than wait a couple of years.
analysis of why a government entity might consider OSS to be superior to proprietary
Disclaimer: These opinions are my own. In particular, they do not represent the opinions of anyone in the Open Source Community.
Massive peer review makes OSS more secure than comparable closed source products
Quite possibly true but irrelevant. Things like Code Red, Slammer, MSBlaster will not spread extensively and will be extinguished because there's a diverse horde of people with the ability to work out what it takes to stop and extinguish it. If you remove the top two-thirds of the talent, what's left will still manage to somehow extinguish it.
Proprietary document formats raise issues when government information is stored using them
For FUD value, add DRM and EOL issues.
completely dependent on
Even if you could get the answers, you still need to know the questions.
IMNSHO, FUD originated not from IBM itself, but from IBM's customers, specifically IT managers promoted from keypunch supervisor, secretly deathly afraid of technology, and deathly afraid of IBM turning against them and they are so without resources that they would be incapable of even being aware of it. There are far too many ways to fulfill the letter of any contract and still totally sabatoge the other party.
Plus, bashing the current administration doesn't take any particular talent or skill. C'mon people, think.
..... you're right. Bashing the current administration doesn't take any particular talent or skill. It's that easy!
I think
Yep, especially considering that any potential short-terms gains in security are more than offset by the assurance of long-term insecurity.
It's much easier to keep sensitive information away from the good guys than it is to keep it away from the bad guys. Since any metric will be measuring what information is kept away as opposed to who it is kept away from, the "increased security" will work to the relative advantage of the bad guys.
"Correct" is like "optimized." The unwashed masses think it is an absolute, but we CS elite know otherwise.
or "secure".
OpenBSD is uber-secure. I'll buy that, moreso after the one hole. Security does matter, and it's not a given.
Note, they do not say OpenBSD is secure.
I wouldn't bet against you, but the forth possibility is that something will be produced that actually helps establish some base level of security.
If they do succeed, I should be able to run an unpatched OS, run unpatched and vulnerable applications and click on anything I please with impunity. That's not to say that everything's fine. It's just that I shouldn't be able to get consequences all out of proportion to their causes. I click on a bad website and maybe kill the browser, but that browser is extremely limited in the scope of what else it can mess with. I think the BSDs are aiming in that direction.
Better put: Security is in the details.
All of the details.
Security is a perimeter type thingee. Putting a steel security door on a tarpaper shack isn't going to improve security. The weak point of a bank vault is that enormous security door.
If I'm going to crash a system then its going to be its specific weakness/flaw and not some standard hole in every product.
Exactly. Furthermore you get to make your choices after the product has committed to its choices. Further, the more complicated the security apparatus, the more likely that somebody managed to overlook something somewhere.
(Other than back-seat drivers;)
the likelihood of any of those activities interacting and/or interfering with someone else doing the same thing are extremely low.
That's the key point. It should be essentially impossible for someone just surfing or reading email to have any major impact on the internet, particularly without any indication that they are having a major impact.
Labeling Microsoft software as inherently dangerous and requiring a license for its use might not be a bad idea, but I wouldn't push it any further than that. You have to wonder why the businesses that stand to lose hundreds of thousands or millions of dollars an hour keep making Bill Gates richer.
The philosophy of linux and unix-like OSs is to have small programs that do single tasks well, and link them together to do complex tasks. ... The filesystem, however is a fundamental part of the operating system.
/bin/ls and accessing the latest budget have nothing in common other than in some sense being files on some computer. Having the latest budget in a database that can present itself as as filesystem seems advantageous. Having /bin/ls dependent on anything more than the bare essentials seems like an invitation to disaster.
The point is well made. However.
Try solving simultaneous equations one at at time.
Not all programs can be small.
Methinks that accessing
A managed switch registers MAC-addresses.
A DHCP server knows MAC-addresses.
Almost anything behind the NAT has ready access to the MAC-addresses.
Anybody who actually knows anything about this stuff could expound further.
To ride in a car
to be a passenger in an airplane
to use a radio receiver
to drive farm machinery (bigger and heavier than a car)
The trick is that the control system can only react so fast - suddenly disconnect an entire town, and the load drops, causing the power in to spin the generator too fast. If the control system overcorrects, then you'll get too low of a frequency. If a far-away generator drops out and you've got to supply more current to your local region, then the demand has gone up, slowing the frequency.
Huh? The only control system has to do with needing to be pretty much in phase when you connect to the grid with big generators. After connection, anything that wants to go a bit faster has to supply power to all of the grid. Anything that wants to go slower isn't applying any power to the grid. In normal operation all the generators are in locked phase with each other. Short of something massive which gets something out of phase the system is completely self-regulating. I'm not sure what happens if something bit slips, but I suspect that the voltage doubles and the generators try to melt the transmission lines and facilities. I would assume they have stuff in place to disconnect fast in such a case.
I don't mind the single prompt dialog. What drives me bonkers is the chatising second message that pops up when I say "no."
Hehehehehe. Making the world safe for worms and viruses.
That (and its friends and relations) is what makes the worms so prevalent and damaging. Oh look at the pretty worm. Clickety-click. Don't want the pretty worm, why shame on you! Repeat often enough and in enough places and they will click.
And with the browser "being an integral and inextricable piece of the OS", ... hmmmmm, ....
"One possible scenario is that Eolas would have the power necessary to re-establish the browser-as-application-platform as a viable competitor to Windows. That would be an interesting outcome, wouldn't it? How much would that be worth? The Web-OS concept, where the browser is the interface to all interactive apps on the client side, was always a killer idea. It still is. It lost momentum not because it wasn't economically or technically feasible, but because MS made it unlikely for anybody but them to make money on the Web-client side. Therefore, nobody could justify the necessary investment to take a really-serious shot at it. It doesn't have to be that way, does it? Just think of how we could use this patent to re-invigorate and expand the competitive landscape in this recently-moribund industry. What if we could do what the DOJ couldn't, and in the process make Eolas and everybody else, possibly excluding MS, richer? Wouldn't Eolas stand to profit more in such a scenario than any kind of pre-trial settlement could provide? Wouldn't everybody else?" [Emphasis added]
That's exactly why Microsoft went after Netscape in the first place.