If they are so likely to commit their crime again, then keep them in jail. Why on earth would you allow someone out of jail if you expected them to commit their crime over and over again?
Because it's hard to predict in advance which of the prisoners will reoffend and which won't.
Let's say you had a pool of prisoners that you know has a average recidivism rate of 50% ( the pool is large enough that the average makes sense). You've got a serious problem, according to your logic -- you can't release them because you have a very good expectation that they will commit more crimes. On the other hand, it seems quite cruel to the other 50% to be held in jail indefinitely even though they pose no threat to society.
It seems quite reasonable, then, to release prisoners under a parole system with restriction that loosen as they prove more integrated. Some rights (e.g. gun ownership) might logically never be restored because they entail a huge responsibility. Repeat offenders are subject to much higher sentencing.
I'm simplifying things a lot here, but the point is that you can't keep all convicts in jail indefinitely because some fraction of the will reoffend. It's cruel, it's expensive (both in terms of cost of jailing and lost productivity) and, ultimately it is against our general societal value in giving people a second chance even if some of them will just fuck it up again.
Either they've served their debt to society or keep them in jail. This half-assed "you're out of jail but you can only do X" is ridiculous.
"Served his debt to society" is not coterminous with "does not pose a threat to the rights of others -- we would failing our duty to preserve those rights if we did not take reasonable steps to reduce the risk to society as we attempt to reintegrate prisoners into society. We know that some will succeed and some will fall back into crime but, of course, we don't know how it will play out in each individual case. We could keep them all in jail a lot longer because some are still dangerous or we could let them out under reasonable restrictions. The latter seems much more humane, IMO.
The most obvious is the law prohibiting convicted felons from owning firearms. On/. it's easy for people to insist that felons should have all their rights back but I can just imagine how the public would react to a politician that proposes restoring gun-ownership rights for convicts.
Another fairly clear-cut case are the provisions banning those convicted of certain white-collar financial crimes from taking a position of trust (aka, being accountants) over others' money. It seems reasonable that once you are convicted of embezzling your clients'/company's money, that line of work is off limits.
[ IMO, the instant case turns on how narrowly or widely the term "sex offender" is construed -- if it really means "violent people that prety on children" versus "had sex while he was 17 and she was 16". In the former case, I'm not going to lose sleep over child rapists not browsing facebook -- in the latter, well, that just goes to show how retarded our sex-crime laws can be. ]
That's a fine policy argument about why the legislature. If I weren't already convinced that software liability is a terrible idea, I'd be convinced now. My point was that the legislature is not required to believe that the distinctions and arguments you've made if they aren't persuasive to them. They can (I hope not) reject your reasoning and decide that all software in $STATE must be sold with a warranty of suitability.
The GGP (to which I was responding) basically said "there's a disclaimer, that's the end of the story". My point is that what warranties can and cannot be disclaimed is a matter of State law that can change as often as the whims of the legislature do.
Of course you can - I can happily sell a device that looks just like a car, with wheels, can be driven, but make it clear that this is not intended to be driven on roads. If you do so, that's your problem.
If it's a model that was road-legal, no you cannot. That is you can't sell your old beater Honda Civic if the seatbelts are broken, even if I want to use it as a bird house.
But I can damn well sell a substance that would be inedible, and it's your own fault if you eat it.
You can't sell rotten apples as "non-food-substance" no matter how many disclaimers you put on it.
Yes, you can't sign or agree away rights allowed under law, but since these disclaimers aren't contracts or agreements, that's not an issue. They're disclaimers - no different to the disclaimer that says that the "car" you bought is not intended to be driven on roads. If that's allowed for physical products, why should software be held to a different standard?
I should have stated it this way: there are some warranties that the legislature will not let you disclaim. The legislature is not required to respect every possible form of disclaimer.
"NO WARRANTY OR GUARANTEE IS IMPLIED. USE THIS SOFTWARE AT YOUR OWN RISK" or some combination of that. Even my home server says that every time I SSH into it.
There is no reason that a legislature cannot pass a law saying that this disclaimer is contrary to public policy and won't be respected in the courts.
For instance, in my State, contracts to purchase a car that are "AS-IS" are not legal. You can write those terms into the contract and the buyer can sign it, but if she turns around and sues you the Court won't give effect to that part of the contract.
Another example, I cannot rent an apartment or house "AS-IS", I am required by law that my rentals conform to a general standard of habitability. It doesn't matter how many times in the rental contract I disclaim any warranty of habitability, I still have to provide a habitable dwelling.
Consumer protection statutes are full of these sorts of provisions that forbid the use of certain kinds of terms and conditions. You can't sell food without a warranty of non-contamination or edibility, you can't sell children's playground equipment without a warranty of safety,.....
TL;DR version: the law does not have to respect your right to contract under whatever terms you see fit (I'll leave the normative argument of whether it should for another time & place).
Please patent it, Apple. Then I can buy my cell phone from someone else and know that this technology isn't included. patent
You know that companies (even public ones) don't have to disclose their patent-licensing agreements.
Even the in the absence of an actual agreement, a manufacturer like Nokia or Motorola almost certainly have enough patents of their own to hold over Apple in case of suit. Mutually-assured-destruction is a stable equilibrium.
(1) You are correct that there are no reliable data on costs. I would dispute, however, that this means that the most rational assumption is "no difference".
For one, a neutrality mandate from Congress can only increase costs or keep them the same since, in the absence of a mandate, the telcos could chose between neutrality and non-neutrality. IOW, if neutrality is cheaper then an FCC mandate makes no difference (since providers would do it already), otoh, if non-neutrality is cheaper then the FCC mandate increases costs. No matter what uncertainty there is about the cost function, the expected cost difference of the mandate is strictly non-negative.
(2) Yup, current market conditions are far from ideal and effectively obscure market preferences. We don't know what the function is because people don't have a choice.
My basic point is that (1) and (2) means that you probably should not make any predictions about what might happen in a hypothetical ideal free market for internet. One that we certainly don't have today.
Agreed. If it weren't for the near-monopoly on broadband, the market would theoretically be able to weed out the bad companies that don't adopt a neutral stance.
You are making a lot of assumptions here without even stating them, let alone proving them.
For instance, you assume that the marginal cost of maintaining a neutral network is identical to a non-neutral one, which might not be true. If the non-neutral one has significantly lower upkeep, it might win out as an inferior but cheaper product. That is, even if consumers prefer neutral ISPs to non-neutral ones, that preference only goes so far towards convincing them to pay a higher rate.
Another important assumption is that the consumer preference function really distinguishes between neutral and non-neutral. For the vast majority of consumers this might not be the case -- especially with less-tech savvy older folks that use the net mostly for email/light web and don't notice any filtering. For those consumers, there is no product differentiation being neutral and non-neutral at all.
So yeah, if the costs stack up right and the consumer preference actually does favor neutrality, then a free market would deliver it. Those are some pretty big caveats though.
Also a headless botnet could be taken over by a new master if they can figure out how.
I hope to god that the master control uses some form of public/private key. In that case, I'm going to wager that if the key were lost, the botnet is basically on autopilot forever.
The reciprocal problem, however, is one of uptake (you need 20 cars to have their efficiency increased for the effect of 1 truck, if both cars and trucks gain 6mpg). Personally I think it probably comes out in the wash, so we should strive to improve both:) Nothing like sitting on the fence:)
If we assume some fixed non-zero initial cost for each (associated with construction/delivery) then the number of cars you will need to replace will be even higher than the marginal fuel-economy numbers would suggest.
Lets say my commute is 60 miles. You're saying that improving a 30mpg to a 60mpg vehicle, which halves the gas usage, is the same as a 12mpg to a 15mpg, which does nowhere near that kind of improvement?
60/12=5 60/15=4
60/30=2 60/60=1
In both cases you saved exactly one gallon. Percentage improvement does not help the environment -- absolute reductions do.
The more math-savvy will not that the number "60" plays no role here -- for any length commute, 12mpg->15mpg is the same savings as 30mpg->60mpg.
Let's remember some other things that I think are relevant to the discussion. Or really just one thing: Amdahl's law http://en.wikipedia.org/wiki/Amdahl's_law, which I think is woefully ignored in the green-car world. As an result-oriented environmentalist, this disappoints me immensely.
In short, Amdahl's law says that when you want to improve a system that is made up of lots of different components, you do best to improve the lowest-performing part first. In programming, that means focusing your performance analysis on the parts of the program that are taking the most time before you focus on making the fast parts faster. In terms of automobiles, that means you should replace the most fuel-guzzling part of the fleet before you start thinking about making the thrifty cars thriftier.
Let's do some numbers, for the same number of miles driven, replacing a 12 mpg vehicle with a 15 mpg vehicle saves you as much as replacing a 30 MPG vehicle with a 60 MPG vehicle. Improve that 12 mpg to 18 mpg and now you need to replace a 30 mpg with a 180 MPG car (the EPA calculates the carbon-cost of an electric vehicle using our mix of power source to be roughly 120 mpg) to match the fuel savings.
So if we were really serious about making a dent in oil consumption and CO2, we would be pushing for more fuel-efficient pickup trucks, cargo vans and SUVs instead of this inane (but highly press-friendly!) pursuit of ever-more-efficient small vehicles. The people that drive those vehicles can't or won't replace them with small cars no matter how efficient.
Ultimately, it comes down to whether we value results or whether we value cool technology. As a gadget-nerd, I freely admit that all-electric cars are much sexier than a new pickup truck that gets 16 mpg instead of 12. But the programmer inside me knows that the pickup truck will probably do a lot more good over the lifetime of the vehicle. There are only so many R&D dollars going around and I feel like they aren't being well spent (from the point of view of the environment -- for marketing, the halo effect of the Prius is definitely worth it).
How does this, in any way shape or form, "break" Truecrypt?
It breaks the unspoken (and totally unwarranted & incorrect) assumption that TrueCrypt not only encrypts but also authenticates.
This is not "breaking" TrueCrypt since they never claimed to authenticate the MBR/BIOS against this sort of attack. That's what's somewhat clever about it -- it doesn't attempt to smash the door open but rather attacks in a fashion that this particular security software was not designed to handle.
Because if you have a compromised BIOS, it could "read back" whatever you wanted to hear. Asking a hacked BIOS to read itself back to you is like asking a liar whether he is a liar -- it gets you no reliable information.
As to updating the BIOS in a TPM system, I imagine that the procedure would be like this:
(1) Get new BIOS from reliable source, check digital signature, note hash. (2) Update BIOS. (3) On next boos, TPM raises an alert saying "BIOS has been replaced -- new bios hash XXXXXXX" (4) User checks that hash against reliable source, if it matches, authenticates to TPM and adds it as a "trusted" BIOS.
Replacing software security with hardware security only moves the attacks from software to hardware.
It's much harder to compromise a cryptographic key that is burned into a piece of silicon (think millions for a scanning electron microscopy setup and many hours) than it is to attack software.
See Nintendo's Wii, Microsoft's XBoxen (both of them), BluRay/HD-DVD and we could go on ad nauseum.
Different security situation in those, since you need the person to be able to decrypt the content in order to play the game. By contrast, a TPM-based setup needs only to confirm that the BIOS and MBR match a specific hash and then pass along control to the (now verified) boot loader or, failing that, draw a red screen.
Funny, also, that you didn't mention the PS3, which has real hardware crypto and is remains uncracked. Oh well, pick and chose, right?
Incidentally, the Xbox360 "hack" is based on replacing the firmware on the DVD player to lie to the OS about the disk. Doesn't that sound familiar somehow?
Linux has had kernel level support for TPM for a while but most F/OSS developers have an intrinsic aversion to the concept (as I said in the GP, the identity of the TPM principals doesn't exactly give me a lot of confidence) so it's not widely used as far as I can tell.
A wonderful response from the F/OSS community would be to build a version of TrueCrypt that uses TPM to authenticate the BIOS and MBR against the known good versions.
If you care about the privacy of your information then your PC had better be secured at least as well as you would secure your other valuables. If someone can gain physical access to your machine then it's effectively game over.
But that's the entire point of System Encryption right there! Someone gains physical access to your machine and they still can't do squat to read the contents (short of beating you with a hose to get the password or spending serious supercomputer time). System Encryption was designed for precisely this application.
This nice little trick here gives them a third option -- install malware at the BIOS level while leaving TrueCrypt unchanged so as to give you the illusion of safety while they read your mail/keystrokes/whatever. If I were the Border Patrol, I would consider a tool that automates the installation of this tool to be a very worthy investment.
In short, he's exploiting the fact that encryption and authentication are two very different things. TrueCrypt can assure you that you data are unreadable without the key but cannot authenticate the MBR as being genuine. For that, you need some form of trusted computing, the mention of which never goes well.
That signing happens after linkage, which means that it's not part of the binary. The binary produced (without the code) will run just fine.
The developer signature is all crypto related to the app-store distribution method -- that is, an iPhone (in default configuration) will not run an unsigned app. That is hardly the developers fault.
TFA has a very good point -- unless you (cryptographically) trust the components of your system all the way down to the hardware itself, you can get pwned by an attack like this. You can regularly do all-the-way-to-the-firmware scrubs of your machine as damage-control, but the only real prophylactic is some form of trusted computing.
Of course, I'm not really dying to jump on the TPM bandwagon, given the sponsors, but it sure would be nice if there was an openly-audited trusted computing module.
For the price of the ISS, you could do 1000 times as many unmanned experiment. WMAP, COBE, GALEX, CHANDRA, Planck,.... (really the list is quite long) all of which have produced real advances (WMAP & COBE revolutionized cosmology) at a fraction of the cost of manned space missions.
Humans are frail (and they complain a lot). Robots work for 24 hours a day everyday without healthcare or a pension. I think the choice is pretty clear.
There should be no warnings. Nothing to click. You simply don't let them see the page and you tell them why. Assume they will work around it and protect them as much as you can anyway.
As someone that uses a number of personal webpages with self-signed SSL certs (I have the last few digits of the fingerprint memorized, actually) I would like to please ask that you die in a fire and then burn in hell. Inconveniencing people that know what they are doing in order to protect the idiotic accomplishes neither.
Look at what happened in the new FF -- it takes 7 clicks to get around a self-signed SSL cert which means that the clueful will click 7 time and get around them and the clueless will, wait for it, click 7 times and get around it. It hasn't improved security at all.
The ONLY purpose of DRM is to make sure they can deny access to a) pirates b) me, a paying customer WHENEVER THEY WANT.
There is NO FUCKING BENEFIT to the customer. EVER. Things are not cheaper, they are no easier to access - in fact the opposite is often true.
Here's the benefit -- if Amazon had not deleted the book, they would have been sued for continuing infringement on the distribution right of the book. Then they would have had to pay lots of money, money that can only come from their CUSTOMERS. Corporations don't have a magical lawsuit-bank-account that pays for settlements, that money comes from revenue, which means it comes from you and me.
As an Amazon customer, I am quite glad they did the right thing in cutting off their liability as soon as possible because I have no desire to be on the hook. Their mistake was getting into the situation in the first place, not solving the problem in the most economical way possible.
I used to have a delivery subscription for ~$5/wk but I canceled it a while ago because it was nothing but extra clutter. When I canceled, I told the rep that I still greatly value the paper's content and would not mind continuing to pay some small amount to keep it going but, alas, they were incapable of taking my money without sending paper to my doorstep.
$5/month seems eminently reasonable, I hope they do something like that.
Slashdot Mirror
If they are so likely to commit their crime again, then keep them in jail. Why on earth would you allow someone out of jail if you expected them to commit their crime over and over again?
Because it's hard to predict in advance which of the prisoners will reoffend and which won't.
Let's say you had a pool of prisoners that you know has a average recidivism rate of 50% ( the pool is large enough that the average makes sense). You've got a serious problem, according to your logic -- you can't release them because you have a very good expectation that they will commit more crimes. On the other hand, it seems quite cruel to the other 50% to be held in jail indefinitely even though they pose no threat to society.
It seems quite reasonable, then, to release prisoners under a parole system with restriction that loosen as they prove more integrated. Some rights (e.g. gun ownership) might logically never be restored because they entail a huge responsibility. Repeat offenders are subject to much higher sentencing.
I'm simplifying things a lot here, but the point is that you can't keep all convicts in jail indefinitely because some fraction of the will reoffend. It's cruel, it's expensive (both in terms of cost of jailing and lost productivity) and, ultimately it is against our general societal value in giving people a second chance even if some of them will just fuck it up again.
Either they've served their debt to society or keep them in jail. This half-assed "you're out of jail but you can only do X" is ridiculous.
"Served his debt to society" is not coterminous with "does not pose a threat to the rights of others -- we would failing our duty to preserve those rights if we did not take reasonable steps to reduce the risk to society as we attempt to reintegrate prisoners into society. We know that some will succeed and some will fall back into crime but, of course, we don't know how it will play out in each individual case. We could keep them all in jail a lot longer because some are still dangerous or we could let them out under reasonable restrictions. The latter seems much more humane, IMO.
The most obvious is the law prohibiting convicted felons from owning firearms. On /. it's easy for people to insist that felons should have all their rights back but I can just imagine how the public would react to a politician that proposes restoring gun-ownership rights for convicts.
Another fairly clear-cut case are the provisions banning those convicted of certain white-collar financial crimes from taking a position of trust (aka, being accountants) over others' money. It seems reasonable that once you are convicted of embezzling your clients'/company's money, that line of work is off limits.
[ IMO, the instant case turns on how narrowly or widely the term "sex offender" is construed -- if it really means "violent people that prety on children" versus "had sex while he was 17 and she was 16". In the former case, I'm not going to lose sleep over child rapists not browsing facebook -- in the latter, well, that just goes to show how retarded our sex-crime laws can be. ]
That's a fine policy argument about why the legislature. If I weren't already convinced that software liability is a terrible idea, I'd be convinced now. My point was that the legislature is not required to believe that the distinctions and arguments you've made if they aren't persuasive to them. They can (I hope not) reject your reasoning and decide that all software in $STATE must be sold with a warranty of suitability.
The GGP (to which I was responding) basically said "there's a disclaimer, that's the end of the story". My point is that what warranties can and cannot be disclaimed is a matter of State law that can change as often as the whims of the legislature do.
Of course you can - I can happily sell a device that looks just like a car, with wheels, can be driven, but make it clear that this is not intended to be driven on roads. If you do so, that's your problem.
If it's a model that was road-legal, no you cannot. That is you can't sell your old beater Honda Civic if the seatbelts are broken, even if I want to use it as a bird house.
But I can damn well sell a substance that would be inedible, and it's your own fault if you eat it.
You can't sell rotten apples as "non-food-substance" no matter how many disclaimers you put on it.
Yes, you can't sign or agree away rights allowed under law, but since these disclaimers aren't contracts or agreements, that's not an issue. They're disclaimers - no different to the disclaimer that says that the "car" you bought is not intended to be driven on roads. If that's allowed for physical products, why should software be held to a different standard?
I should have stated it this way: there are some warranties that the legislature will not let you disclaim. The legislature is not required to respect every possible form of disclaimer.
"NO WARRANTY OR GUARANTEE IS IMPLIED. USE THIS SOFTWARE AT YOUR OWN RISK" or some combination of that. Even my home server says that every time I SSH into it.
There is no reason that a legislature cannot pass a law saying that this disclaimer is contrary to public policy and won't be respected in the courts.
For instance, in my State, contracts to purchase a car that are "AS-IS" are not legal. You can write those terms into the contract and the buyer can sign it, but if she turns around and sues you the Court won't give effect to that part of the contract.
Another example, I cannot rent an apartment or house "AS-IS", I am required by law that my rentals conform to a general standard of habitability. It doesn't matter how many times in the rental contract I disclaim any warranty of habitability, I still have to provide a habitable dwelling.
Consumer protection statutes are full of these sorts of provisions that forbid the use of certain kinds of terms and conditions. You can't sell food without a warranty of non-contamination or edibility, you can't sell children's playground equipment without a warranty of safety, .....
TL;DR version: the law does not have to respect your right to contract under whatever terms you see fit (I'll leave the normative argument of whether it should for another time & place).
Please patent it, Apple. Then I can buy my cell phone from someone else and know that this technology isn't included.
patent
You know that companies (even public ones) don't have to disclose their patent-licensing agreements.
Even the in the absence of an actual agreement, a manufacturer like Nokia or Motorola almost certainly have enough patents of their own to hold over Apple in case of suit. Mutually-assured-destruction is a stable equilibrium.
So, you can actually feel something when you touch the hologram?
3-D PORN.
Ahem, they said mind blowing ...
(1) You are correct that there are no reliable data on costs. I would dispute, however, that this means that the most rational assumption is "no difference".
For one, a neutrality mandate from Congress can only increase costs or keep them the same since, in the absence of a mandate, the telcos could chose between neutrality and non-neutrality. IOW, if neutrality is cheaper then an FCC mandate makes no difference (since providers would do it already), otoh, if non-neutrality is cheaper then the FCC mandate increases costs. No matter what uncertainty there is about the cost function, the expected cost difference of the mandate is strictly non-negative.
(2) Yup, current market conditions are far from ideal and effectively obscure market preferences. We don't know what the function is because people don't have a choice.
My basic point is that (1) and (2) means that you probably should not make any predictions about what might happen in a hypothetical ideal free market for internet. One that we certainly don't have today.
Agreed. If it weren't for the near-monopoly on broadband, the market would theoretically be able to weed out the bad companies that don't adopt a neutral stance.
You are making a lot of assumptions here without even stating them, let alone proving them.
For instance, you assume that the marginal cost of maintaining a neutral network is identical to a non-neutral one, which might not be true. If the non-neutral one has significantly lower upkeep, it might win out as an inferior but cheaper product. That is, even if consumers prefer neutral ISPs to non-neutral ones, that preference only goes so far towards convincing them to pay a higher rate.
Another important assumption is that the consumer preference function really distinguishes between neutral and non-neutral. For the vast majority of consumers this might not be the case -- especially with less-tech savvy older folks that use the net mostly for email/light web and don't notice any filtering. For those consumers, there is no product differentiation being neutral and non-neutral at all.
So yeah, if the costs stack up right and the consumer preference actually does favor neutrality, then a free market would deliver it. Those are some pretty big caveats though.
Also a headless botnet could be taken over by a new master if they can figure out how.
I hope to god that the master control uses some form of public/private key. In that case, I'm going to wager that if the key were lost, the botnet is basically on autopilot forever.
The reciprocal problem, however, is one of uptake (you need 20 cars to have their efficiency increased for the effect of 1 truck, if both cars and trucks gain 6mpg). Personally I think it probably comes out in the wash, so we should strive to improve both :) Nothing like sitting on the fence :)
If we assume some fixed non-zero initial cost for each (associated with construction/delivery) then the number of cars you will need to replace will be even higher than the marginal fuel-economy numbers would suggest.
Lets say my commute is 60 miles. You're saying that improving a 30mpg to a 60mpg vehicle, which halves the gas usage, is the same as a 12mpg to a 15mpg, which does nowhere near that kind of improvement?
60/12=5
60/15=4
60/30=2
60/60=1
In both cases you saved exactly one gallon. Percentage improvement does not help the environment -- absolute reductions do.
The more math-savvy will not that the number "60" plays no role here -- for any length commute, 12mpg->15mpg is the same savings as 30mpg->60mpg.
Let's remember some other things that I think are relevant to the discussion. Or really just one thing: Amdahl's law http://en.wikipedia.org/wiki/Amdahl's_law, which I think is woefully ignored in the green-car world. As an result-oriented environmentalist, this disappoints me immensely.
In short, Amdahl's law says that when you want to improve a system that is made up of lots of different components, you do best to improve the lowest-performing part first. In programming, that means focusing your performance analysis on the parts of the program that are taking the most time before you focus on making the fast parts faster. In terms of automobiles, that means you should replace the most fuel-guzzling part of the fleet before you start thinking about making the thrifty cars thriftier.
Let's do some numbers, for the same number of miles driven, replacing a 12 mpg vehicle with a 15 mpg vehicle saves you as much as replacing a 30 MPG vehicle with a 60 MPG vehicle. Improve that 12 mpg to 18 mpg and now you need to replace a 30 mpg with a 180 MPG car (the EPA calculates the carbon-cost of an electric vehicle using our mix of power source to be roughly 120 mpg) to match the fuel savings.
So if we were really serious about making a dent in oil consumption and CO2, we would be pushing for more fuel-efficient pickup trucks, cargo vans and SUVs instead of this inane (but highly press-friendly!) pursuit of ever-more-efficient small vehicles. The people that drive those vehicles can't or won't replace them with small cars no matter how efficient.
Ultimately, it comes down to whether we value results or whether we value cool technology. As a gadget-nerd, I freely admit that all-electric cars are much sexier than a new pickup truck that gets 16 mpg instead of 12. But the programmer inside me knows that the pickup truck will probably do a lot more good over the lifetime of the vehicle. There are only so many R&D dollars going around and I feel like they aren't being well spent (from the point of view of the environment -- for marketing, the halo effect of the Prius is definitely worth it).
How does this, in any way shape or form, "break" Truecrypt?
It breaks the unspoken (and totally unwarranted & incorrect) assumption that TrueCrypt not only encrypts but also authenticates.
This is not "breaking" TrueCrypt since they never claimed to authenticate the MBR/BIOS against this sort of attack. That's what's somewhat clever about it -- it doesn't attempt to smash the door open but rather attacks in a fashion that this particular security software was not designed to handle.
Because if you have a compromised BIOS, it could "read back" whatever you wanted to hear. Asking a hacked BIOS to read itself back to you is like asking a liar whether he is a liar -- it gets you no reliable information.
As to updating the BIOS in a TPM system, I imagine that the procedure would be like this:
(1) Get new BIOS from reliable source, check digital signature, note hash.
(2) Update BIOS.
(3) On next boos, TPM raises an alert saying "BIOS has been replaced -- new bios hash XXXXXXX"
(4) User checks that hash against reliable source, if it matches, authenticates to TPM and adds it as a "trusted" BIOS.
Replacing software security with hardware security only moves the attacks from software to hardware.
It's much harder to compromise a cryptographic key that is burned into a piece of silicon (think millions for a scanning electron microscopy setup and many hours) than it is to attack software.
See Nintendo's Wii, Microsoft's XBoxen (both of them), BluRay/HD-DVD and we could go on ad nauseum.
Different security situation in those, since you need the person to be able to decrypt the content in order to play the game. By contrast, a TPM-based setup needs only to confirm that the BIOS and MBR match a specific hash and then pass along control to the (now verified) boot loader or, failing that, draw a red screen.
Funny, also, that you didn't mention the PS3, which has real hardware crypto and is remains uncracked. Oh well, pick and chose, right?
Incidentally, the Xbox360 "hack" is based on replacing the firmware on the DVD player to lie to the OS about the disk. Doesn't that sound familiar somehow?
Unless the bios writes a kernel module that hooks into reads from /dev/sda and gives out false information for the first 512 (or whatever) bytes.
You cannot possibly defeat malware that is running on the same level of privilege as your detection code.
http://lwn.net/Articles/144681/
Linux has had kernel level support for TPM for a while but most F/OSS developers have an intrinsic aversion to the concept (as I said in the GP, the identity of the TPM principals doesn't exactly give me a lot of confidence) so it's not widely used as far as I can tell.
A wonderful response from the F/OSS community would be to build a version of TrueCrypt that uses TPM to authenticate the BIOS and MBR against the known good versions.
If you care about the privacy of your information then your PC had better be secured at least as well as you would secure your other valuables. If someone can gain physical access to your machine then it's effectively game over.
But that's the entire point of System Encryption right there! Someone gains physical access to your machine and they still can't do squat to read the contents (short of beating you with a hose to get the password or spending serious supercomputer time). System Encryption was designed for precisely this application.
This nice little trick here gives them a third option -- install malware at the BIOS level while leaving TrueCrypt unchanged so as to give you the illusion of safety while they read your mail/keystrokes/whatever. If I were the Border Patrol, I would consider a tool that automates the installation of this tool to be a very worthy investment.
In short, he's exploiting the fact that encryption and authentication are two very different things. TrueCrypt can assure you that you data are unreadable without the key but cannot authenticate the MBR as being genuine. For that, you need some form of trusted computing, the mention of which never goes well.
That signing happens after linkage, which means that it's not part of the binary. The binary produced (without the code) will run just fine.
The developer signature is all crypto related to the app-store distribution method -- that is, an iPhone (in default configuration) will not run an unsigned app. That is hardly the developers fault.
TFA has a very good point -- unless you (cryptographically) trust the components of your system all the way down to the hardware itself, you can get pwned by an attack like this. You can regularly do all-the-way-to-the-firmware scrubs of your machine as damage-control, but the only real prophylactic is some form of trusted computing.
Of course, I'm not really dying to jump on the TPM bandwagon, given the sponsors, but it sure would be nice if there was an openly-audited trusted computing module.
For the price of the ISS, you could do 1000 times as many unmanned experiment. WMAP, COBE, GALEX, CHANDRA, Planck, .... (really the list is quite long) all of which have produced real advances (WMAP & COBE revolutionized cosmology) at a fraction of the cost of manned space missions.
Humans are frail (and they complain a lot). Robots work for 24 hours a day everyday without healthcare or a pension. I think the choice is pretty clear.
http://en.wikipedia.org/wiki/Wilkinson_Microwave_Anisotropy_Probe
http://en.wikipedia.org/wiki/Planck_satellite
There should be no warnings. Nothing to click. You simply don't let them see the page and you tell them why. Assume they will work around it and protect them as much as you can anyway.
As someone that uses a number of personal webpages with self-signed SSL certs (I have the last few digits of the fingerprint memorized, actually) I would like to please ask that you die in a fire and then burn in hell. Inconveniencing people that know what they are doing in order to protect the idiotic accomplishes neither.
Look at what happened in the new FF -- it takes 7 clicks to get around a self-signed SSL cert which means that the clueful will click 7 time and get around them and the clueless will, wait for it, click 7 times and get around it. It hasn't improved security at all.
The ONLY purpose of DRM is to make sure they can deny access to a) pirates b) me, a paying customer WHENEVER THEY WANT.
There is NO FUCKING BENEFIT to the customer. EVER. Things are not cheaper, they are no easier to access - in fact the opposite is often true.
Here's the benefit -- if Amazon had not deleted the book, they would have been sued for continuing infringement on the distribution right of the book. Then they would have had to pay lots of money, money that can only come from their CUSTOMERS. Corporations don't have a magical lawsuit-bank-account that pays for settlements, that money comes from revenue, which means it comes from you and me.
As an Amazon customer, I am quite glad they did the right thing in cutting off their liability as soon as possible because I have no desire to be on the hook. Their mistake was getting into the situation in the first place, not solving the problem in the most economical way possible.
I used to have a delivery subscription for ~$5/wk but I canceled it a while ago because it was nothing but extra clutter. When I canceled, I told the rep that I still greatly value the paper's content and would not mind continuing to pay some small amount to keep it going but, alas, they were incapable of taking my money without sending paper to my doorstep.
$5/month seems eminently reasonable, I hope they do something like that.