Here's an idea... How about not trying to end-run around their crap...and not buying the stuff that they're shoveling?
Let them waste their efforts in what is effectively locking excrement into a safe that is then locked within a larger safe and then another yet larger safe after that.
You might not be able to extract it with the hardware provided by the disk itself, but the platters CAN be read with other gear and like all other magnetic media, retain ghosts of the stuff you wrote out to it previously unless you use massive alternating magnetic fields to erase the whole media.
For example, if you reused some tape in a reel-to-reel or an audio cassette, you might notice ghosts of previous recordings on your silent parts of the current recording- unless you used a bulk tape eraser (which used AC and a VERY intense for the media magnetic field to wipe the tape...) as the heads had the power to put your current content on there as well as sort-of erase the old stuff. It's little different with hard disks, really, but it's quite a bit harder to "bulk erase" them. Seems there's some similar issues with the SSD's, though I wouldn't have categorized them as being a questionable place to put data as the article submitter presented- it's really much the same problem with spinning magnetic disks and the DoD would demil things by physical destruction if they needed it to stay classified.
The main reason they're going to be held accountable is not due to the premise you're making but due to things where he's either instructing or approving things like the government standard grope and perv shots to the tune of BILLIONS all the while they know they're doing them more for show to look like they're "doing something" about it- and then it proves out that it was as ineffective as many said it was.
They're claiming this...and they claimed it with Theora. Google's got much of that alleged pool to themselves right now since VP8 was patented itself, even though Google's granted an effective license to those implementing WebM or a FOSS project.
Any of those patents showing up will need to...
1) Pass muster against the ones already held by Google (i.e. not invalidated by their prior art) 2) Survive prior art scrutiny (i.e. They've taken on someone with deep pockets capable of making a go at that sort of thing) 3) Be actually relevant to VP8.
This is saber rattling from the MPEG-LA managers and the primary players in the pool (Apple, for example...).
Until you see it all play out, it IS royalty free and will always be so- just like any other tech. You've no assurances that MPEG-LA's license pool fully covers h.264- it could just as easily be that Google's got a critical patent NOT in the pool and you're all in violation with h.264. You just don't know with the current sad state of affairs with Patents, especially software ones.
Oh, no... They'll end up PAYING that back to the state because the law's explicit and the amount exceeds the $75k floor on Diversity. They don't want to be drug into a Federal Court and face off against Texas using the State's laws there- lose the case and the loser pays legal fees... This is posturing to get them to back down from the demand for sales tax. If they start to carry through with it, the premise is that the people will lean on the state to back down.
Considering that it has nothing to do with source code and more implementation of security (Crypto's easy...security's blindingly hard to get right...) combined with an ill-advised notion that it's secure and we should keep passwords on the iOS devices in the first place...
Passwords should NOT be so hard that you have to write the idiot things down. If it's complex, hard to remember, the human factor comes into play and you end up with stupidities like this- they're not the security you need to concern yourself as much as everyone seems to do with them.
Only for really small things...like those phone apps or the indie titles I helped the studios deliver for Linux. Not everyone has "real" broadband everywhere. I'm actually being reminded of just how bad things can be while I'm on an extended consulting gig in Colorado. Is there a 20/20Mbit connection offered anywhere? No, the best you can hope for is 20/7 or 40/7 in "select locations"- and that's with caps unless you get business service. Not in Longmont or the surrounding areas, though. Wireless? If you're in Denver or Boulder, you can get Verizon LTE and MAYBE Clear/Sprint- with possibly adequate HSPA+ being brought up the rear by T-Mobile if you're lucky. And, only Clear/Sprint offers no caps...right at the moment. I'm checking into OpenRange as a possibility for where I'm staying, but there's no assurances on coverage or backhaul latencies/bandwidth with them. Right now, I'm having a bit of fun trying to push the few updates to the Linux versions I've pushed out over the last couple of weeks- and it's going to be entertaining for ARM builds or any other titles if LTE or WiMax in a useful manner isn't rolled out in the area I'm in. And this doesn't get into me GETTING games.
Digital distribution might be "The Future"(tm), but if so, a lot of your customer base isn't going to be able to partake as much as you'd think they would.
This is in response to a similar style of lawsuit Sony did to them over something in their phones that's been there for a bit. As someone pointed out, they're very likely both violating each others' patents in the manner the suits allege- it's just Sony showed the poor form of suing them instead of working out a deal with them first. But then, Sony's been showing poor/bad form for a while now in my not so humble opinion...things like asking for the people that viewed the jailbreak video GeoHotz put up on a private channel's a bit over the top and nothing that they really ought to be asking for.
Whoo... Nitrating Glycerin's not really what I would call something to do in a High School chem lab. It's really easy for even the pros to blow themselves up doing it.
Little company, called epicRealm. Didn't do so hot on content delivery because they didn't sell it enough. One of the things it did best was help mitigate the damages of DDoSes by spreading things all over the net and you never going directly to the server farm. I wrote the software that resided on the cache engine racks.
Also worth noting... If you're attacking the state table, that's not really something that a DDoS does- that's just an ordinary DoS like a Ping Of Death.
Main purpose of a DDoS is to distribute the numbers so you can choke the pipe and not be detected doing it.
That only benefits the big companies... Filing is friggin' expensive. Tens of thousands of dollars are involved with the filing of a Patent. First to file means whomever has the resources will get to it first. That's NOT reform.
They said the same basic thing about Tablets and the pre-Honeycomb versions of Android... ChromeOS was supposed to be for Tablets earlier on- and people went and did Tablets with 1.x and 2.x versions anyway to mostly good results. If there's not anything explicitly keeping it from being useful on phones, SOMEONE will do a phone with it.
And here's why I think the "Cloud" is a stupid thing for people and businesses to utilize.
Google's little video about ChromeOS machines not withstanding, are the "features" they use to entice you to use it worth having the possibility of someone getting access to your info through a fishing expidition? I can assure you, Google's not going to push back on a subpoena unless it's so egregious that they can't do anything else- and it'd be doing no evil for them to fork stuff over on a lawyer's fishing expedition (whereas you can get an attorney and push back when they're asking for too much...) And, this is someone as big as Google. What about that little player? They're really not going to push back and before you know they've caved, they'll have done it and divulged info that probably should've been kept confidential.
Who said anything about crooks- that's just the tip of the iceberg there.
Open your mouth in the wrong way anywhere on the 'net and you could be facing the consequences of that act down the line. As an object lesson...I offer myself. I "opened my mouth" about a patent troll I used to work for on THIS forum about some of their activities in anger because of the nature of the company's laying people off and how it all could've been avoided. As a result, several years later I got the angry remarks flung back in my face by the attorney for the company when I was being deposed as an expert witness in one of their patent troll trials, in an attempt to impeach my testimony. It was NOT a fun experience, let me tell you, because part of what I'd mouthed off about was technically in violation of my employment agreement at the time, still in effect when I'd made the remarks. It's damned easy to get yourself in a deep dark crack with this stuff.
No, it's not way over your head. Your simplistic explanations of things are right on the money there. If a firewall was a chokepoint, you're doing the wrong type of filtering, you've got not enough muscle for the pipe you're serving the firewall for, or similar. It's not a "new" chokepoint for DDoSes- the goal's to choke off the pipe however you can. Putting it on the outside of a firewall's stupid for other reasons and doesn't keep the webserver from being an attack point or the pipe really being the choke point that's attacked by a DDoS. If your firewall's a problem, it's because it's not sized correctly or you've misconfigured it.
Looks like it. Single point of failure in a DDoS? If they choke your inbound pipe (the very definition of a DDoS...) having it on a DMZ or unprotected will not help prevent things from crushing your connectivitiy. In many cases, the Firewall can actually handle higher transaction traffic than the webserver can. If you're doing a load-balanced setup, he might be right, but that's not the premise he apparenly lead with.
Actually, the firmware mod opens it up to being further hacked (Do remember that they lost positive control of the ROOT signing key...meaning that ANYONE can MITM their update chain now...) as now hackers can put and remove things at will on their boxes. This means we should see the beginnings of PS3 Botnets all over the place eventually.
And this would make the second wrong move from Sony, with the OtherOS being removed being the first.
Challenge... Compared to console homebrew, PC homebrew's "easy".
As for the rest...that's because Sony screwed the pooch on their security measures and now they've got to frantically try to close the gaping hole in the fence they left, long after the horses left the pasture. The pirates would have eventually accomplished this same task with or without the homebrew crowd and laying this at their feet is LAME as what Sony's done in response to all of it. Quit trying to pin blame for all of this on everyone but Sony. It's their fault that the security on their console was so fragile (and it was, folks...) in the first place- they're the ones that relied on the signing key not being discoverable, which is actually an impossible thing to begin with.
Slashdot Mirror
Here's an idea... How about not trying to end-run around their crap...and not buying the stuff that they're shoveling?
Let them waste their efforts in what is effectively locking excrement into a safe that is then locked within a larger safe and then another yet larger safe after that.
Heh... Either concoction will make a hash of the HD/SSD it's used on- and do it rather swiftly.
You might not be able to extract it with the hardware provided by the disk itself, but the platters CAN be read with other gear and like all other magnetic media, retain ghosts of the stuff you wrote out to it previously unless you use massive alternating magnetic fields to erase the whole media.
For example, if you reused some tape in a reel-to-reel or an audio cassette, you might notice ghosts of previous recordings on your silent parts of the current recording- unless you used a bulk tape eraser (which used AC and a VERY intense for the media magnetic field to wipe the tape...) as the heads had the power to put your current content on there as well as sort-of erase the old stuff. It's little different with hard disks, really, but it's quite a bit harder to "bulk erase" them. Seems there's some similar issues with the SSD's, though I wouldn't have categorized them as being a questionable place to put data as the article submitter presented- it's really much the same problem with spinning magnetic disks and the DoD would demil things by physical destruction if they needed it to stay classified.
Nothing like a good 4# engineer's sledge for fixing a security issue, eh?
The main reason they're going to be held accountable is not due to the premise you're making but due to things where he's either instructing or approving things like the government standard grope and perv shots to the tune of BILLIONS all the while they know they're doing them more for show to look like they're "doing something" about it- and then it proves out that it was as ineffective as many said it was.
Nokia's no Intel.
They're claiming this...and they claimed it with Theora. Google's got much of that alleged pool to themselves right now since VP8 was patented itself, even though Google's granted an effective license to those implementing WebM or a FOSS project.
Any of those patents showing up will need to...
1) Pass muster against the ones already held by Google (i.e. not invalidated by their prior art)
2) Survive prior art scrutiny (i.e. They've taken on someone with deep pockets capable of making a go at that sort of thing)
3) Be actually relevant to VP8.
This is saber rattling from the MPEG-LA managers and the primary players in the pool (Apple, for example...).
Until you see it all play out, it IS royalty free and will always be so- just like any other tech. You've no assurances that MPEG-LA's license pool fully covers h.264- it could just as easily be that Google's got a critical patent NOT in the pool and you're all in violation with h.264. You just don't know with the current sad state of affairs with Patents, especially software ones.
Oh, no... They'll end up PAYING that back to the state because the law's explicit and the amount exceeds the $75k floor on Diversity. They don't want to be drug into a Federal Court and face off against Texas using the State's laws there- lose the case and the loser pays legal fees... This is posturing to get them to back down from the demand for sales tax. If they start to carry through with it, the premise is that the people will lean on the state to back down.
He probably did. They nuked things like their Crackberry messaging traffic amongst other things at his insistence.
Considering that it has nothing to do with source code and more implementation of security (Crypto's easy...security's blindingly hard to get right...) combined with an ill-advised notion that it's secure and we should keep passwords on the iOS devices in the first place...
Passwords should NOT be so hard that you have to write the idiot things down. If it's complex, hard to remember, the human factor comes into play and you end up with stupidities like this- they're not the security you need to concern yourself as much as everyone seems to do with them.
Digital distribution?
Only for really small things...like those phone apps or the indie titles I helped the studios deliver for Linux. Not everyone has "real" broadband everywhere. I'm actually being reminded of just how bad things can be while I'm on an extended consulting gig in Colorado. Is there a 20/20Mbit connection offered anywhere? No, the best you can hope for is 20/7 or 40/7 in "select locations"- and that's with caps unless you get business service. Not in Longmont or the surrounding areas, though. Wireless? If you're in Denver or Boulder, you can get Verizon LTE and MAYBE Clear/Sprint- with possibly adequate HSPA+ being brought up the rear by T-Mobile if you're lucky. And, only Clear/Sprint offers no caps...right at the moment. I'm checking into OpenRange as a possibility for where I'm staying, but there's no assurances on coverage or backhaul latencies/bandwidth with them. Right now, I'm having a bit of fun trying to push the few updates to the Linux versions I've pushed out over the last couple of weeks- and it's going to be entertaining for ARM builds or any other titles if LTE or WiMax in a useful manner isn't rolled out in the area I'm in. And this doesn't get into me GETTING games.
Digital distribution might be "The Future"(tm), but if so, a lot of your customer base isn't going to be able to partake as much as you'd think they would.
Heh... That's what I thought was going on.
This is in response to a similar style of lawsuit Sony did to them over something in their phones that's been there for a bit. As someone pointed out, they're very likely both violating each others' patents in the manner the suits allege- it's just Sony showed the poor form of suing them instead of working out a deal with them first. But then, Sony's been showing poor/bad form for a while now in my not so humble opinion...things like asking for the people that viewed the jailbreak video GeoHotz put up on a private channel's a bit over the top and nothing that they really ought to be asking for.
Lawsuits are a slow means of destruction in most cases...
Whoo... Nitrating Glycerin's not really what I would call something to do in a High School chem lab. It's really easy for even the pros to blow themselves up doing it.
Actually...if you'd ever read my resume...I HAVE.
Little company, called epicRealm. Didn't do so hot on content delivery because they didn't sell it enough. One of the things it did best was help mitigate the damages of DDoSes by spreading things all over the net and you never going directly to the server farm. I wrote the software that resided on the cache engine racks.
Also worth noting... If you're attacking the state table, that's not really something that a DDoS does- that's just an ordinary DoS like a Ping Of Death.
Main purpose of a DDoS is to distribute the numbers so you can choke the pipe and not be detected doing it.
That only benefits the big companies... Filing is friggin' expensive. Tens of thousands of dollars are involved with the filing of a Patent. First to file means whomever has the resources will get to it first. That's NOT reform.
They said the same basic thing about Tablets and the pre-Honeycomb versions of Android... ChromeOS was supposed to be for Tablets earlier on- and people went and did Tablets with 1.x and 2.x versions anyway to mostly good results. If there's not anything explicitly keeping it from being useful on phones, SOMEONE will do a phone with it.
And here's why I think the "Cloud" is a stupid thing for people and businesses to utilize.
Google's little video about ChromeOS machines not withstanding, are the "features" they use to entice you to use it worth having the possibility of someone getting access to your info through a fishing expidition? I can assure you, Google's not going to push back on a subpoena unless it's so egregious that they can't do anything else- and it'd be doing no evil for them to fork stuff over on a lawyer's fishing expedition (whereas you can get an attorney and push back when they're asking for too much...) And, this is someone as big as Google. What about that little player? They're really not going to push back and before you know they've caved, they'll have done it and divulged info that probably should've been kept confidential.
Who said anything about crooks- that's just the tip of the iceberg there.
Open your mouth in the wrong way anywhere on the 'net and you could be facing the consequences of that act down the line. As an object lesson...I offer myself. I "opened my mouth" about a patent troll I used to work for on THIS forum about some of their activities in anger because of the nature of the company's laying people off and how it all could've been avoided. As a result, several years later I got the angry remarks flung back in my face by the attorney for the company when I was being deposed as an expert witness in one of their patent troll trials, in an attempt to impeach my testimony. It was NOT a fun experience, let me tell you, because part of what I'd mouthed off about was technically in violation of my employment agreement at the time, still in effect when I'd made the remarks. It's damned easy to get yourself in a deep dark crack with this stuff.
No, it's not way over your head. Your simplistic explanations of things are right on the money there. If a firewall was a chokepoint, you're doing the wrong type of filtering, you've got not enough muscle for the pipe you're serving the firewall for, or similar. It's not a "new" chokepoint for DDoSes- the goal's to choke off the pipe however you can. Putting it on the outside of a firewall's stupid for other reasons and doesn't keep the webserver from being an attack point or the pipe really being the choke point that's attacked by a DDoS. If your firewall's a problem, it's because it's not sized correctly or you've misconfigured it.
Looks like it. Single point of failure in a DDoS? If they choke your inbound pipe (the very definition of a DDoS...) having it on a DMZ or unprotected will not help prevent things from crushing your connectivitiy. In many cases, the Firewall can actually handle higher transaction traffic than the webserver can. If you're doing a load-balanced setup, he might be right, but that's not the premise he apparenly lead with.
Agreed...on all counts there.
Actually, the firmware mod opens it up to being further hacked (Do remember that they lost positive control of the ROOT signing key...meaning that ANYONE can MITM their update chain now...) as now hackers can put and remove things at will on their boxes. This means we should see the beginnings of PS3 Botnets all over the place eventually.
And this would make the second wrong move from Sony, with the OtherOS being removed being the first.
Challenge... Compared to console homebrew, PC homebrew's "easy".
As for the rest...that's because Sony screwed the pooch on their security measures and now they've got to frantically try to close the gaping hole in the fence they left, long after the horses left the pasture. The pirates would have eventually accomplished this same task with or without the homebrew crowd and laying this at their feet is LAME as what Sony's done in response to all of it. Quit trying to pin blame for all of this on everyone but Sony. It's their fault that the security on their console was so fragile (and it was, folks...) in the first place- they're the ones that relied on the signing key not being discoverable, which is actually an impossible thing to begin with.