These comments from Michael Thomas (mlthomas@microsoft.com) should speak for themselves. All you Apache users out there are letting the terrorists win....
Following Gartner's recommendation to seek
alternatives to IIS only accomplishes what
the industrial terrorists want. The
terrorists who hijacked U.S. airplanes on
September 11 analyzed the airline security
system until they found a weakness, and
then they exploited it. Much in the same
way, industrial terrorists analyzed IIS
Web server security until they found a
weakness, and then they exploited it. If
Gartner wrote an equivalent recommendation
for business travelers, would it be to
take the bus rather than risk airline
travel? That would be a victory for
terrorism, as would abandoning IIS.
The largest problem with mandating this is, of course, all the crypto that's already out there in the wild. What good is forcing backdoors when existing crypto is still relatively secure?
Fear not, good government. There is a solution. A beast exists called the "Outlook Virus" with such hypnotic power that no such matter of man or woman can contemplate not doing its bidding. Having seen the effectiveness of these, the crypto backdoors will most likely take the innocent seeming form of:
but it would be free, unmoderated and uncensored
And then won't the whole story just repeat? Being that that was the purpose of the Internet, if there arose a new network that anyone could connect to, would corporations just try and take it over just like they want to with the Internet?
I used to have a game for Apple called Karateka (i think). On the right side, the game was normal. But if you flipped it over you were playing upside down.
I believe the danger they were investigating was that humans with these transplants may become susceptible to a mutation of foot and mouth disease. In the worst case scenario the virus could further mutate and spread to the rest of humanity.
This may or may not be valid and I do not have the knowledge to debate that validity. However it seems obvious that we must be more careful about these sorts of things because of the simple fact that there are no precendents!
I'll probably get flamed for this, but I read in an interview that IP6 was ready to go and NAT is often not needed. Apparently the only thing holding the net up from adoption of IP6 is hardware companies not making the proper equipment.
Since IP6 is a logical solution to the problem with address, is there any reason we shouldn't push hardware companies to adopt it instead of focusing so much on workarounds?
Their operating systems boast a superior UI, an extensive object-oriented architecture complete with distributed RMI, and run on a greater variety of hardware than any other system, including GNU/Linux.
So Windows runs on ppc, alpha, sparc, m68k, and vax? Cause I have two OpenBSD CDs that cover just that, and I've *never* heard of MS dealing with any of that hardware...
So this would be a strictly i386 virus which wouldn't pass on to ppc, sparc, alpha, and what-not? My question is: would it actually be able to run in Linux binary emulation on my OpenBSD box?
It's understandable why it might make one skittish, however keep in mind that Mr. Torvalds is not the ruling hand in open source software. Yes he wrote the Linux kernel and has contributed as much as any one person (maybe 10 people) can, but that does not mean that whatever he says goes. Same with SGI, IBM, Transmeta, etc...
Actually, since everything is really made out of NAND and NOR gates, each of which takes, say, four transistors, this is really equivalent to around 6 or 8 MOSFETs.
I believe you're basically right about that. Once one has data, there's nothing anybody can do to keep one from copying said data. It's basically like trying to keep someone from making photocopies of a piece of paper.
There could be changes to the software that generally reads CD's and what-not. But that should only affect M$ users.:)
Slashdot Mirror
Slashdot sinks to a new low in the sinking-to-a-new-low dept. by failing to check the validity of a story. Again! MPEG at 11.
A good picture of an Xbox crash:
http://mosfet.cjb.net/images/xbox.jpg
These comments from Michael Thomas (mlthomas@microsoft.com) should speak for themselves. All you Apache users out there are letting the terrorists win....
Following Gartner's recommendation to seek
alternatives to IIS only accomplishes what
the industrial terrorists want. The
terrorists who hijacked U.S. airplanes on
September 11 analyzed the airline security
system until they found a weakness, and
then they exploited it. Much in the same
way, industrial terrorists analyzed IIS
Web server security until they found a
weakness, and then they exploited it. If
Gartner wrote an equivalent recommendation
for business travelers, would it be to
take the bus rather than risk airline
travel? That would be a victory for
terrorism, as would abandoning IIS.
The largest problem with mandating this is, of course, all the crypto that's already out there in the wild. What good is forcing backdoors when existing crypto is still relatively secure?
Fear not, good government. There is a solution. A beast exists called the "Outlook Virus" with such hypnotic power that no such matter of man or woman can contemplate not doing its bidding. Having seen the effectiveness of these, the crypto backdoors will most likely take the innocent seeming form of:
Fromt: 313373_98751@hotmail.com
Subject: ILOVEANAKOURNIKOVA --- XXX PIX
Attachments: virus.vbs
1 0wNz j00 5uX3R
I don't know if it will actually support being a DHCP server while it is doing it's other tricks
FYI: As a matter of fact, it does! I'm using it in such a manner...
but it would be free, unmoderated and uncensored And then won't the whole story just repeat? Being that that was the purpose of the Internet, if there arose a new network that anyone could connect to, would corporations just try and take it over just like they want to with the Internet?
They should be required to provide an opt-out number...
I guess it all depends on whether or not the translation and dubbing are as good as that of IRON CHEF
Pretty trippy
Came as quite a culture shock.
CERT is federally funded. At least *part* of the idea was to provide a timely list of security problems to anyone at *no cost*.
looks as if the next addition to norton utilities will be CERT...
This may or may not be valid and I do not have the knowledge to debate that validity. However it seems obvious that we must be more careful about these sorts of things because of the simple fact that there are no precendents!
You have a point. Lack of education is usually the biggest factor in problems from security to, hell even racism.
Since IP6 is a logical solution to the problem with address, is there any reason we shouldn't push hardware companies to adopt it instead of focusing so much on workarounds?
Me too. We'd probably have to add it to our menu like
[exec] (Scripting Virus) {virus.sh}
Their operating systems boast a superior UI, an extensive object-oriented architecture complete with distributed RMI, and run on a greater variety of hardware than any other system, including GNU/Linux. So Windows runs on ppc, alpha, sparc, m68k, and vax? Cause I have two OpenBSD CDs that cover just that, and I've *never* heard of MS dealing with any of that hardware...
It's easier to blame something intangible and large than it is to blame the parents who raise them that way.
So this would be a strictly i386 virus which wouldn't pass on to ppc, sparc, alpha, and what-not? My question is: would it actually be able to run in Linux binary emulation on my OpenBSD box?
It's understandable why it might make one skittish, however keep in mind that Mr. Torvalds is not the ruling hand in open source software. Yes he wrote the Linux kernel and has contributed as much as any one person (maybe 10 people) can, but that does not mean that whatever he says goes. Same with SGI, IBM, Transmeta, etc...
Or in another tangent it could be the name of the violinist... Maybe next we'll have Casals and Horowitz distros. I could get into that.
Actually, since everything is really made out of NAND and NOR gates, each of which takes, say, four transistors, this is really equivalent to around 6 or 8 MOSFETs.
I believe you're basically right about that. Once one has data, there's nothing anybody can do to keep one from copying said data. It's basically like trying to keep someone from making photocopies of a piece of paper. There could be changes to the software that generally reads CD's and what-not. But that should only affect M$ users. :)