although I am not sure whether you can store a full byte value within a position or not...
You can. Either in column binary or in EBCDIC I have once keypunched IBM/360 machine language into two cards which made a primitive hexloader which loaded the rest of the bootstrap. Once was enough.
Probably still holds. Mainframes are big and expensive, for stuff you have to do. PCs are small and cheap, for stuff you like to do.
They live in very different worlds. Mainframes live where problems are big and the computer is small. PCs live where problems are small and the computer is big.
You can safely expect the user interface on PCs to be more pleasant than on mainframes. Getting a lot of actual work done through the system may be a different matter.
The approach of Unix is fundamentally different. Given a computer, and not a lot of resources, how far can you push it, and in a practical sense not just a theoretical sense.
Some of the sublties come from anything that (taken out of context, of course) could be construed as related to price fixing, market segmentation or some such. Mostly it doesn't matter, but basic security is along the lines of "Loose lips sink ships".
Yes, it can. Doing so requires the SA to find every object you need to touch to do whatever you need to do and change it's ACL to allow you to do what you need to do.
That is user friendly? That sounds more like the mathematician's theoretically possible, not something that people would actually take the trouble to do.
People are willing to take a little effort to secure something. Anything that takes a lot of effort to identify and unsecure all the little pieces that are required, has to be extremely error-prone and a lot of effort for something that can never be expected to really be secure.
Intelligent customers are a godsend, but few and far between. True. Then why try to drive them away?
Would you pay an extra $10 per month to have an express line to a level two engineer and bypass all the stupid questions? Translation: Would you pay an extra $10 per month to be a godsend?
Methinks the problem is that the script becomes an end in itself rather than a means to the end.
Makes sense if Microsoft intends to undercut the growing "anti-virus" etc market. It does not make sense if you view Microsoft as fundamentally and irrevocably broken, which I strongly suspect it is.
Hmmmm, I don't think it's really a reversal. He's not likely to give an opinion unless he's actually formed an opinion. Same actually applies to Linus and to Alex Tannenbaum. Once formed, the opinions are not shaken lightly. Of course there are egos involved. If you aren't good, damned good, you do not even consider doing this stuff.
From the standpoint of Linux, I would consider it as a wake-up call, from someone who does understand security (from bitter experience). Previous silence is very understandable in that the priorities and mechanisms are very different and the different effects are largely due to valid differences in approach.
Some of it is because OpenBSD has a degree of clout much greater than the number of its users would suggest. This may be rather recent. I subscribe to misc@ primarily because it seems to be the best source for stuff that will matter. To avoid future trouble, OpenBSD support makes a good litmus test even for Windows hardware. If the hardware give OpenBSD troubles, there's good odds it will eventually give a lot of other people troubles.
"It's terrible," De Raadt says. "Everyone is using it, and they don't realize how bad it is. And the Linux people will just stick with it and add to it rather than stepping back and saying, 'This is garbage and we should fix it.'"
There is a question of scope. If you limit yourself to only what you can do extremely well, a lot of stuff will remain forever undone. Linux is a triumph of anarchy. The big companies have come to realize that control in the PHB sense) is not really all that desirable. Anything unixy is fundamentally "out of control" at least to some (very) old timer PHB types. I suspect that much of Windows success is due to not threatening embedded IT management with competence. Just watch their ads and see the psychological triggers.
Assuming it runs and runs fast enough, OpenBSD is ideal for small special-purpose servers that you can set up facing the cloul or in some dark corner and then mostly ignore. Stuff that is a royal pain if it ever messes up. Actually it is the "correctness" that matters. All the bugs matter. Security bugs are just those where someone else can make your computer do their bidding, often spectacularly but with little real damage. It's the non-security bugs that do the damage quietly. "Security" is also an easy way to "keep score".
High volume production servers aren't really something that you set up and then forget. You tend to keep an eye on them.
Then it's a hidden cost that needs to be honestly and accurately stated up-front.
You mean like the costs of adware and viruses on Windows desktops? You mean like the costs of Code Red and friends on Windows servers? You mean like the costs of accurate documentation on Windows development?
"and you've only confirmed my suspicions - that you're an elitist, arrogant, socially ignorant individual."
2 out of 3, methinks. Only the socially incomepent would use a phrase like "socially ignorant" to attempt to make a point or attempt to influence someone. It might work on wannabes, but it never works on competents.
Seems to me that OpenBSD is much like a private club, an "exclusive" private club at that, where the developers develop the system for their own purposes, to their own agenda, with their own priorities, and under their own control. They are nice enough to let anybody use it, but only a fool would even consider telling them what they should do or how they should do it. They seem to have a low tolerance for fools. Other than that, actually seems rather friendly.
If correctness and security matter, at least some of the time in some of the places, it is important that some of the people at least attempt to do what is necessary. OpenBSD seems to fit that niche. If it's a bit brutal, seems like a small price to pay.
But that is the price of free software. Do not confuse free with cheap. Different things altogether.
If you have a problem that is interesting to the developers, the free support is better than anything you can buy. However, there is no guarantee that your problems have any interest to anyone else.
Real engineers fix problems, they don't get emotional.
I suspect that in many cases, real engineers get emotional and use that drive to actually fix problems.
Very telling, yes. After the time past since security was top priority, the realities come as a surprise? It's one thing to convince your boss that your code is secure. It's quite another thing to convince competent hackers.
If that five cents per compromised machine was anywhere near right, it speaks volumes on the effectiveness of Microsoft's security.
You've clearly never had to write a driver for hardware that's produced down the hall:-).
Oh very true. But as a consumer of the hardware, the mere fact that OpenBSD has the documentation is a strong indicator that the supplier has their act together and that the hardware is not only "supported" but supportable. While not exactly an indicator of hardware quality, the supplier cannot help but feel that their reputation is somewhat on the line. OpenBSD compatability makes an effective litmus test for Linux and even Windows hardware. If there are problems with OpenBSD support it is highly unlikely the problems are just with OpenBSD, reguardless of any salesmen's assurances.
It might be theoretical, but such attacks would be *trivial* to write. If more people used strike-back technologies, then there would be a real chance that more people would use them.
First, all the actual attacks start out as "theoretical" if I'm not mistaken. Any kind of automated strike-back system has to has to have all sorts of ways that it can be spoofed or exploited.
That said, I have nothing against striking back in the heat of the moment, so long as there is reasonable belief that you're actually striking back at the right place. Human intelligence, including the sense to pick up on something "feeling" wrong and the sense of when to just stop, is a better safeguard than anything that can be automated.
its a question that doesn't make any sense, any way you slice it
Unless you disavow the myth that Linux is harder or requires more skill and knowledge than Microsoft Windows.
A semi-production server running FC1. Guessing, the configuration etc is something that he stumbled into by trial and error and is currently very unsure exactly how it is configured and a lot of the why. Semi-production means that it is useful, but not a disaster if something crashes, at least not if he can fix it quickly. You're running experimental, development code on a sever? Looks risky. Nothing but "I told you so" if something breaks, but short of doing rather exotic stuff, the bugs should most all be in stuff you aren't using or that you don't care about.
If, a ridiculously big if, I have a good handle on my configuration, the optimum choice is to do a clean install and then reapply my configuration. If I have a poor handle on my configuration, I can hope that the upgrade does a reasonably good job of preserving/upgrading my configuration. This is particularly important on all those little things I've long lost memory of. There is a difference between "supported" and "works". There is a lot of stuff that works, or at least works well enough, that noone would claim is supported.
Again guessing, it's not that he's unwilling to back stuff up, he's not really sure what to back up or how. If he's got just the one computer and everything is on one big root partition backing up isn't exactly trivial. If it were me, I think I'd start by buying a new hard drive, clone the old system, and try my luck with the "upgrade", or for what should be a better system but taking more time, install clean and attempt to get everything back from the old system.
Sorry, but I've seen that once too often. Patching insecurities is a process, patching with bandaids is a neverending process. If something actually is secure, it is secure and there is no process about it. OpenBSD is uber secure. However, note that they do not make the claim without some sort of qualifier. ("Out of the box" is a qualifier. Sorry.) Secure is the ability to run an upatched vulnerable server being attacked by competents and watching the process with a total lack of concern. Doubt that they are there yet, but that is the direction that OpenBSD seems to be headed.
That said, being secure enough, given the costs and circumstances, is a process, because the costs and circumstances keep changing. Seems like the security vendors are selling steel security doors to secure a tar paper shack. If you look at things like a bank vault, where security does matter, that big massive vault door is the weakest part of the vault's security. Security is a perimeter type thingee. You measure security by the weakness of the weakest part, not by the strength of the strongest part.
If security is a concern at all, why so many old computers junked with the hard drives intact? I use what I would call lousy security (weak passwords and written on keyboards even), logged on as root and I do not log off when I go home, but I am not so stupid as to leave the contents of disk drive where somebody can examine the contents at their leisure and with no risk of exposure. No this is not about how many passes are required to render everything on a disk unreadable under lab conditions. I don't care about somebody spending $50,000 (wild guess) to get a few bits. I do care about somebody spending $5 and examining the whole thing at leisure.
BUT... your best security is useless if the people behind it are lacking in common sense. RIGHT! Even the idea of hiding what is going on from the "lusers" makes for bad security. That's really why exploits on Linux and BSD seem to mostly fizzle and those on Microsoft Windows get plenty of traction. With compromised computers going for a nickle each, something is fundamentally wrong with Microsoft's approach to security. Hint. It started with @ECHO OFF on DOS.
I'm at a loss as to how you manage to keep your users running with non-admin rights on NT4, but can't do it on XP.
I'm at a loss. -- correct. as to how you manage -- It's not a case of "managing". I don't do anything special or different. I don't need to.
but can't do it on XP. -- I probably could do it on XP, but I have better things to do with my time than chase down the latest peculiarities of XP. There is a difference between inability and unwillingness.
Since Google's forte is indexing/cross-referencing/etc. publicly accessible information, I would assume that Google is the wrong place to put anything that should remain private.
It's probably more like doing for ordinary mortals what has been done to the "private" papers of Washington, Lincoln, and the likes. There is also a big effective difference between something that stores ALL available information and something which is highly "selective". If I know EVERYTHING about you, there are suredly some small details that you would rather not be publicized, however they do not carry the same meaning as if they were from a much smaller highly-selected set. One of Google's prime assets is its reputation for integrity. Somehow I think they are savvy enough not to sell out cheaply.
Sell out cheaply. Compromised Microsoft computers at five cents each. That's cheap. It's also predictable when Microsoft and company are willing to sell out (customer data, etc) to "partners" cheaply (to make a few more bucks). Seriously, if Google sells my private info for $5 I worry, for $50,000 I do not worry.
Slashdot Mirror
although I am not sure whether you can store a full byte value within a position or not...
You can.
Either in column binary or in EBCDIC
I have once keypunched IBM/360 machine language into two cards which made a primitive hexloader which loaded the rest of the bootstrap. Once was enough.
mainframes don't seem like fun at all
Probably still holds.
Mainframes are big and expensive, for stuff you have to do.
PCs are small and cheap, for stuff you like to do.
They live in very different worlds.
Mainframes live where problems are big and the computer is small.
PCs live where problems are small and the computer is big.
You can safely expect the user interface on PCs to be more pleasant than on mainframes.
Getting a lot of actual work done through the system may be a different matter.
The approach of Unix is fundamentally different.
Given a computer, and not a lot of resources, how far can you push it, and in a practical sense not just a theoretical sense.
Some of the sublties come from anything that (taken out of context, of course) could be construed as related to price fixing, market segmentation or some such. Mostly it doesn't matter, but basic security is along the lines of "Loose lips sink ships".
Truly. The whole thing is OUT OF CONTROL.
And the going rate for compromised computers is something like five cents!
Something is very wrong with the approach to security.
Yes, it can. Doing so requires the SA to find every object you need to touch to do whatever you need to do and change it's ACL to allow you to do what you need to do.
That is user friendly?
That sounds more like the mathematician's theoretically possible, not something that people would actually take the trouble to do.
People are willing to take a little effort to secure something.
Anything that takes a lot of effort to identify and unsecure all the little pieces that are required, has to be extremely error-prone and a lot of effort for something that can never be expected to really be secure.
Longhorn admin accounts should make that paper clip a permanent part of the administrator's desktop.
Then natural selection makes the Windows administrators the ones who like the <expletive deleted%gt; paper clip.
Which is a developer, rather than a user, problem.
Only if there are only developers, no users.
The problem may be caused by the developers but that does not keep the users from being affected.
Intelligent customers are a godsend, but few and far between.
True. Then why try to drive them away?
Would you pay an extra $10 per month to have an express line to a level two engineer and bypass all the stupid questions?
Translation: Would you pay an extra $10 per month to be a godsend?
Methinks the problem is that the script becomes an end in itself rather than a means to the end.
What book do you go to to learn those things?
You can laugh or you can cry.
Laughing's better.
Makes sense if Microsoft intends to undercut the growing "anti-virus" etc market. It does not make sense if you view Microsoft as fundamentally and irrevocably broken, which I strongly suspect it is.
Oh god what is really scary is that I can imagine a slick salesman selling someone Antivirus-Antivirus software. It makes sense if you are a laymen.
In a sense (pun intended) it's already happening. Not only is the virus called "anti" sold, it often even comes pre-installed.
Have you ever heard of a patched roof being sounder than the original?
Hmmmm, I don't think it's really a reversal.
He's not likely to give an opinion unless he's actually formed an opinion. Same actually applies to Linus and to Alex Tannenbaum. Once formed, the opinions are not shaken lightly. Of course there are egos involved. If you aren't good, damned good, you do not even consider doing this stuff.
From the standpoint of Linux, I would consider it as a wake-up call, from someone who does understand security (from bitter experience). Previous silence is very understandable in that the priorities and mechanisms are very different and the different effects are largely due to valid differences in approach.
Some of it is because OpenBSD has a degree of clout much greater than the number of its users would suggest. This may be rather recent. I subscribe to misc@ primarily because it seems to be the best source for stuff that will matter. To avoid future trouble, OpenBSD support makes a good litmus test even for Windows hardware. If the hardware give OpenBSD troubles, there's good odds it will eventually give a lot of other people troubles.
"It's terrible," De Raadt says. "Everyone is using it, and they don't realize how bad it is. And the Linux people will just stick with it and add to it rather than stepping back and saying, 'This is garbage and we should fix it.'"
There is a question of scope. If you limit yourself to only what you can do extremely well, a lot of stuff will remain forever undone. Linux is a triumph of anarchy. The big companies have come to realize that control in the PHB sense) is not really all that desirable. Anything unixy is fundamentally "out of control" at least to some (very) old timer PHB types. I suspect that much of Windows success is due to not threatening embedded IT management with competence. Just watch their ads and see the psychological triggers.
Assuming it runs and runs fast enough, OpenBSD is ideal for small special-purpose servers that you can set up facing the cloul or in some dark corner and then mostly ignore. Stuff that is a royal pain if it ever messes up. Actually it is the "correctness" that matters. All the bugs matter. Security bugs are just those where someone else can make your computer do their bidding, often spectacularly but with little real damage. It's the non-security bugs that do the damage quietly. "Security" is also an easy way to "keep score".
High volume production servers aren't really something that you set up and then forget. You tend to keep an eye on them.
Then it's a hidden cost that needs to be honestly and accurately stated up-front.
You mean like the costs of adware and viruses on Windows desktops?
You mean like the costs of Code Red and friends on Windows servers?
You mean like the costs of accurate documentation on Windows development?
"and you've only confirmed my suspicions - that you're an elitist, arrogant, socially ignorant individual."
2 out of 3, methinks.
Only the socially incomepent would use a phrase like "socially ignorant" to attempt to make a point or attempt to influence someone. It might work on wannabes, but it never works on competents.
Seems to me that OpenBSD is much like a private club, an "exclusive" private club at that, where the developers develop the system for their own purposes, to their own agenda, with their own priorities, and under their own control. They are nice enough to let anybody use it, but only a fool would even consider telling them what they should do or how they should do it. They seem to have a low tolerance for fools. Other than that, actually seems rather friendly.
If correctness and security matter, at least some of the time in some of the places, it is important that some of the people at least attempt to do what is necessary. OpenBSD seems to fit that niche. If it's a bit brutal, seems like a small price to pay.
Non-geeks don't WANT to learn or to be educated
But that is the price of free software.
Do not confuse free with cheap. Different things altogether.
If you have a problem that is interesting to the developers, the free support is better than anything you can buy. However, there is no guarantee that your problems have any interest to anyone else.
Imagine you wrote 10,000 lines of code, 99.9% of which is completely bug-free, and then somebody comes along and ...
You're dreaming.
Donald Knuth, possibly.
Anybody else, even if they could, wouldn't take the required effort.
Real engineers fix problems, they don't get emotional.
I suspect that in many cases, real engineers get emotional and use that drive to actually fix problems.
Very telling, yes. After the time past since security was top priority, the realities come as a surprise? It's one thing to convince your boss that your code is secure. It's quite another thing to convince competent hackers.
If that five cents per compromised machine was anywhere near right, it speaks volumes on the effectiveness of Microsoft's security.
You've clearly never had to write a driver for hardware that's produced down the hall :-).
Oh very true. But as a consumer of the hardware, the mere fact that OpenBSD has the documentation is a strong indicator that the supplier has their act together and that the hardware is not only "supported" but supportable. While not exactly an indicator of hardware quality, the supplier cannot help but feel that their reputation is somewhat on the line. OpenBSD compatability makes an effective litmus test for Linux and even Windows hardware. If there are problems with OpenBSD support it is highly unlikely the problems are just with OpenBSD, reguardless of any salesmen's assurances.
It might be theoretical, but such attacks would be *trivial* to write. If more people used strike-back technologies, then there would be a real chance that more people would use them.
First, all the actual attacks start out as "theoretical" if I'm not mistaken.
Any kind of automated strike-back system has to has to have all sorts of ways that it can be spoofed or exploited.
That said, I have nothing against striking back in the heat of the moment, so long as there is reasonable belief that you're actually striking back at the right place. Human intelligence, including the sense to pick up on something "feeling" wrong and the sense of when to just stop, is a better safeguard than anything that can be automated.
its a question that doesn't make any sense, any way you slice it
Unless you disavow the myth that Linux is harder or requires more skill and knowledge than Microsoft Windows.
A semi-production server running FC1.
Guessing, the configuration etc is something that he stumbled into by trial and error and is currently very unsure exactly how it is configured and a lot of the why. Semi-production means that it is useful, but not a disaster if something crashes, at least not if he can fix it quickly.
You're running experimental, development code on a sever?
Looks risky. Nothing but "I told you so" if something breaks, but short of doing rather exotic stuff, the bugs should most all be in stuff you aren't using or that you don't care about.
If, a ridiculously big if, I have a good handle on my configuration, the optimum choice is to do a clean install and then reapply my configuration. If I have a poor handle on my configuration, I can hope that the upgrade does a reasonably good job of preserving/upgrading my configuration. This is particularly important on all those little things I've long lost memory of. There is a difference between "supported" and "works". There is a lot of stuff that works, or at least works well enough, that noone would claim is supported.
Again guessing, it's not that he's unwilling to back stuff up, he's not really sure what to back up or how. If he's got just the one computer and everything is on one big root partition backing up isn't exactly trivial. If it were me, I think I'd start by buying a new hard drive, clone the old system, and try my luck with the "upgrade", or for what should be a better system but taking more time, install clean and attempt to get everything back from the old system.
That's hardly a fair comparison.
True. And next year the comparison will be even more unfair.
SECURITY IS A PROCESS, NOT A PRODUCT
Sorry, but I've seen that once too often.
Patching insecurities is a process, patching with bandaids is a neverending process. If something actually is secure, it is secure and there is no process about it. OpenBSD is uber secure. However, note that they do not make the claim without some sort of qualifier. ("Out of the box" is a qualifier. Sorry.) Secure is the ability to run an upatched vulnerable server being attacked by competents and watching the process with a total lack of concern. Doubt that they are there yet, but that is the direction that OpenBSD seems to be headed.
That said, being secure enough, given the costs and circumstances, is a process, because the costs and circumstances keep changing. Seems like the security vendors are selling steel security doors to secure a tar paper shack. If you look at things like a bank vault, where security does matter, that big massive vault door is the weakest part of the vault's security. Security is a perimeter type thingee. You measure security by the weakness of the weakest part, not by the strength of the strongest part.
If security is a concern at all, why so many old computers junked with the hard drives intact? I use what I would call lousy security (weak passwords and written on keyboards even), logged on as root and I do not log off when I go home, but I am not so stupid as to leave the contents of disk drive where somebody can examine the contents at their leisure and with no risk of exposure. No this is not about how many passes are required to render everything on a disk unreadable under lab conditions. I don't care about somebody spending $50,000 (wild guess) to get a few bits. I do care about somebody spending $5 and examining the whole thing at leisure.
BUT... your best security is useless if the people behind it are lacking in common sense.
RIGHT! Even the idea of hiding what is going on from the "lusers" makes for bad security. That's really why exploits on Linux and BSD seem to mostly fizzle and those on Microsoft Windows get plenty of traction. With compromised computers going for a nickle each, something is fundamentally wrong with Microsoft's approach to security. Hint. It started with @ECHO OFF on DOS.
Hmmmm, that $1 is twenty times the reputed value of compromised Windows machines, hardware, power, and internet connections included.
I'm at a loss as to how you manage to keep your users running with non-admin rights on NT4, but can't do it on XP.
I'm at a loss. -- correct.
as to how you manage -- It's not a case of "managing". I don't do anything special or different. I don't need to.
but can't do it on XP. -- I probably could do it on XP, but I have better things to do with my time than chase down the latest peculiarities of XP. There is a difference between inability and unwillingness.
The only way my data is private at all at Google,
Since Google's forte is indexing/cross-referencing/etc. publicly accessible information, I would assume that Google is the wrong place to put anything that should remain private.
It's probably more like doing for ordinary mortals what has been done to the "private" papers of Washington, Lincoln, and the likes. There is also a big effective difference between something that stores ALL available information and something which is highly "selective". If I know EVERYTHING about you, there are suredly some small details that you would rather not be publicized, however they do not carry the same meaning as if they were from a much smaller highly-selected set. One of Google's prime assets is its reputation for integrity. Somehow I think they are savvy enough not to sell out cheaply.
Sell out cheaply. Compromised Microsoft computers at five cents each. That's cheap. It's also predictable when Microsoft and company are willing to sell out (customer data, etc) to "partners" cheaply (to make a few more bucks).
Seriously, if Google sells my private info for $5 I worry, for $50,000 I do not worry.