You'd never have to pay *every* time you compile. You'd pay for your signature once, and then apply it to every new executable you create. It's a one-time deal (unless it's subscription based, but that's still not unreasonable).
The target system does not require all code to be signed; It's an option. As for the GPL issue, I am hardly a legal expert, but I don't see how the GPL would be interpereted this way, as the signature is not related to the code, or its execution, in any way (other than its authorization).
Having said that, you could be correct. It's entirely possible that MS is creating a scenario where EVERY developer has to have their own signature. However, this isn't any more relevant to the free software community than it is to the closed-source community. To compile *anything*, closed or open, you'd have to have a signature.
Well that's hardly relavent, since you don't have to show your source code or even it's compiled results to Microsoft, or VeriSign. You just have to apply the digital signature that's been issued to you.
But don't let me stop you from drawing ridiculous analogies to prove a stupid point.
Well I was talking about ActiveX controls, not applications. ActiveX controls being more dangerous because they're embeddable in websites.
However you make a good argument about signing. Will Windows simply run an application with *any* signature. If so, how is that useful?
I see it as being more useful than the situation we have right now. If someone wants to get a signature from VeriSign, they need to submit contact information and (I'm not sure about this) probably a marginal fee. Now, this signature requirement doesn't stop malicious code from being executed on anyone's system, but it does add some accountability.
How many trojan-authors are willing to pay a fee to sign their apps? It's possible that they can do it, but they'll have to be willing to have their trojan discovered and their signature black-listed. And if their payment required some form of ID (even a credit-card), it would be much easier to trace the author.
I'm not saying it's a great solution. It's not a great solution. But it's better than nothing, which is what we have now. Besides, if you don't like it, you can just shut it off.
Yes, case sensitity does increase your keyspace, but so do longer passwords and larger character sets. The method used to encrypt/hash those passwords is still relatively irrelevant, as long as it's cryptographically secure, which NT's system is.
And, we may agree to disagree here, but I am fairly familiar with lophtcrack and, although it is a very efficient system, it's not supernatural. To go through every alphanumeric combination of an NT password, on a Pentium 90, would still take a really long time. A month maybe? The bottom line is that on NT or Unix systems, a well-chosen password could take months or years to brute force, depending on the speed of the machine.
As for the idea being silly -- I disagree. Look at ActiveX controls right now. They're almost all signed, and it's works very well in alerting users to potentially dangerous or untrusted code. If I see a control that was authored by Macromedia or Microsoft, I feel safe in running it, because I know that neither one of these companies is likely to insert malicious code into their systems. However, if I see an ActiveX control that *isn't* signed, I won't run it. Why? Because it would easily delete all the system files on my machine without me being able to stop it.
The same is true for any application, and I see no reason not to extend the idea to other realms.
A decent question. Let's take Apache for example, because they produce a Win32 version of their program.
Before the Apache group puts a new (compiled) version of their program online, for people to download, they would sign the executable with a digital signature that has been assigned to them by VeriSign. This signature would guarantee that the application was released by Apache, and not altered by any third parties.
Now, if you were to download the source and compile it yourself, there would be no such signature. And there shouldn't be one either, because Apache can't verify that you haven't altered the source. It's not guaranteed to be the same executable anymore. However, you're perfectly capable of putting *your* signature on the Apache application, after you've compiled it. That would certify that the application hasn't been altered by anyone, after it was altered (compiled) by you.
You don't understand the concepts behind signing. It has nothing to do with the compiler. The compiler doesn't sign the executable (although, in theory, this functionality could be added to a compiler).
You can digitally sign any sort of file. It's like adding your PGP signature to an email. It doesn't certify that the contents of your email are particularly interesting, or truthful. What it does is mathematically certify that you are the only person who could've produced the email (provided your signature hasn't been compromised, which would be your own fault).
So here's how it goes: Say I'm a Win32 developer, and I have an application called FooSpaz. I finish a release version of this application, and it's ready for distribution to the unwashed masses. Before I start the factory burning it to the CDs, I digitally sign the executables (and probably the installation program as well), certifying that they haven't been altered by any third-parties.
The signature I write has been given to me by VeriSign, and I am the only one who can sign files with it, because no one else has my key, cerrtainly not my compiler or microsoft.
What you need to keep in mind is that these signatures do not, in any way, indicate that a program is trustworthy. That's not their intention. What they show you is that a program has an author and that author is registered with VeriSign. If the application happens to be malicious, you'll know who produced it. However, this is not a certification process, by any means.
First of all: if you could lophtcrack the admin password on a P90 in under an hour, then the admin password *had* to be a dictionary word, or a very simple derivative of one.
Second: Given the same password, a brute-force cracking system would've been able to do the exact same thing under Linux, BSD, etc. It simply doesn't matter *how* the password is encrypted when you're dealing with brute force.
Now, on top of all of this, Microsoft doesn't write the software that signs applications. VeriSign does. It uses the same cryptographic principles that make SSH and SSL usable and secure.
Oh, for Christ's sake! Make sure you understand how secure-signing works before you post anything about the subject.
"They" don't get a say in what is and is not a valid application. It doesn't work that way. A developer gets a signature and it is cryptographically written to their executables. It's just a simple method of authenticating *who* wrote/distributed the application. The process has nothing to do with whether the application is "ok" in anyone's view.
Yeah, right. You also showed that you really don't understand the concept of signing an executable. It's not something that Microsoft does for individual EXEs, DLLs, etc. It's a cryptographically secure signature that get's written to new applications by their authors. The signature is registered with an authority (think VeriSign, not Microsoft) and then it's okay to run.
Your "malicious" DLL would have to be signed too, in order to be run under this scheme. The certification is in no way meant as an indicator of a program's relative maliciousness. It's just a method of verifying who authored it, for accountability purposes.
It is workable. Not everyone will want to keep this feature enabled, but I can think of tons of companies who will eat it up.
That's simply not how this signing-system is designed to work. The OS isn't choosey about who signs the executables, simply that they are signed by someone. It's an effort to add accountability to the programs that run on your system, not to pick and choose which ones can run.
And, for God's sake, it can be disabled -- what the heck is wrong with you people? I am so disappointed with Slashdot for the way they ran this story.
Microsoft doesn't handle the certification; they have no say in the process, and there are no standards to say what sorts of applications can be signed or not. The bottom line is that a signature just adds accountability, not certification of usefulness.
Now that's funny. Reverse engineer the signing process? If you think you can "reverse engineer" a cryptographically secure system, I'd love to see it done.
Not really, the discussion is about the kernel and the OS. Although the installer is definitely tied to the distro, it would be nice if Linux had a singular installation system.
I'm sure this fellow has better things to do with his time than administer a email/fax webserver. It's not about the possibility, it's about the convenience, and the reliability.
Well let's see -- VMWare has been out for about two years now... But yeah, now that some grassroots virtual machine can run a piece of their software from five years ago, they'll probably start losing sleep.
Look at related past scenarios: VirtualPC and SoftWindows for the Mac do essentially the same thing (with minor performace issues), and Microsoft doesn't seem to mind them. WMWare hasn't been hassled by Microsoft, to the best of my knowledge, either.
But yeah, I'm sure Plex86, which is probably riddled with bugs and compatibility issues at this point, is going to scare them into litigation. Makes sense to me.
The fact that you can name institutions in the Boston-area does not make it any less interesting that the Free Software Foundation is located in Cambridge.
Nothing you mentioned has anything to do, specifically, with the area. If I went to any other major city in the US, I could say the same thing about their sports teams. Or their highway infrastructure. Or their museums. Or their malls. What do you have against Boston?
And, in fact, the only thing about the Boston-area that has anything to do with the Free Software Foundation, is one of the things you neglected to mention: MIT. Stallman was at MIT when he started the foundation. If Stallman had been at Oberlin, he would've started the foundation in Ohio, but he wasn't -- it's got nothing to do with MA, for better or for worse.
Certainly living in a state where the outcome is predictable gives me the ability to vote my true choice. That's very comforting, however I don't feel any more or less drawn towards the third parties than I do towards the two primary parties. And I really don't think it's appropriate for me to cast a vote for a party simple because they 'need' it.
Really, I voted Gore because I felt he had the experience and knowledge to make a better president than anyone else running. Even if he had a snowballs chance, I wouldn't vote for Nader, because he I don't believe he'd make a very good president. I feel similarly towards Brown and Buchanan.
Some people's votes literally do not matter. Clearly that's not the case in states like Wisconsin and Florida, but in my mostly Democrat home state of Massachusetts Gore had almost twice as many votes as Bush did. I still went out and voted, because of the other questions on the ballot, but regardless of how I voted, Gore was going to get our Electoral.
While I do agree that the amount of pre-installed software for Linux basically dwarfs the amount that comes with Win2k, I don't see that as a reason to switch. I don't use most of that software, but there are some apps that I use a great deal. Here's why I stick with Win2K:
IE 5 / Explorer
DVD
Microsoft Office
Under Linux, I use Mozilla M18, which is really quite good, but not quite as good as IE and lacks an integrated file manager, although the filemanager in KDE 2.0 is very good, so I won't count that against it.
I am stuck without DVD in Linux, and I don't think that's going to change any time soon, unless ATI releases a version of their player for Linux.
KOffice isn't on par with MSOffice. KOffice is good, and it has the potential to really take off, but feature-for-feature, MS is just better.
Now, as for the customizablility of Linux, I agree that it's nice, but I also value the standardization of the widget-set under Windows, which is more than I can say for Linux. Right now there are four toolkits that I commonly see in my Linux desktop: KDE, Gnome, Motif, and OpenStep. Under Win32, it's all the same, with very little deviation. I couldn't really care less what my window title-bars looked like, either.
Slashdot Mirror
You'd never have to pay *every* time you compile. You'd pay for your signature once, and then apply it to every new executable you create. It's a one-time deal (unless it's subscription based, but that's still not unreasonable).
Having said that, you could be correct. It's entirely possible that MS is creating a scenario where EVERY developer has to have their own signature. However, this isn't any more relevant to the free software community than it is to the closed-source community. To compile *anything*, closed or open, you'd have to have a signature.
But don't let me stop you from drawing ridiculous analogies to prove a stupid point.
However you make a good argument about signing. Will Windows simply run an application with *any* signature. If so, how is that useful?
I see it as being more useful than the situation we have right now. If someone wants to get a signature from VeriSign, they need to submit contact information and (I'm not sure about this) probably a marginal fee. Now, this signature requirement doesn't stop malicious code from being executed on anyone's system, but it does add some accountability.
How many trojan-authors are willing to pay a fee to sign their apps? It's possible that they can do it, but they'll have to be willing to have their trojan discovered and their signature black-listed. And if their payment required some form of ID (even a credit-card), it would be much easier to trace the author.
I'm not saying it's a great solution. It's not a great solution. But it's better than nothing, which is what we have now. Besides, if you don't like it, you can just shut it off.
And, we may agree to disagree here, but I am fairly familiar with lophtcrack and, although it is a very efficient system, it's not supernatural. To go through every alphanumeric combination of an NT password, on a Pentium 90, would still take a really long time. A month maybe? The bottom line is that on NT or Unix systems, a well-chosen password could take months or years to brute force, depending on the speed of the machine.
As for the idea being silly -- I disagree. Look at ActiveX controls right now. They're almost all signed, and it's works very well in alerting users to potentially dangerous or untrusted code. If I see a control that was authored by Macromedia or Microsoft, I feel safe in running it, because I know that neither one of these companies is likely to insert malicious code into their systems. However, if I see an ActiveX control that *isn't* signed, I won't run it. Why? Because it would easily delete all the system files on my machine without me being able to stop it.
The same is true for any application, and I see no reason not to extend the idea to other realms.
Before the Apache group puts a new (compiled) version of their program online, for people to download, they would sign the executable with a digital signature that has been assigned to them by VeriSign. This signature would guarantee that the application was released by Apache, and not altered by any third parties.
Now, if you were to download the source and compile it yourself, there would be no such signature. And there shouldn't be one either, because Apache can't verify that you haven't altered the source. It's not guaranteed to be the same executable anymore. However, you're perfectly capable of putting *your* signature on the Apache application, after you've compiled it. That would certify that the application hasn't been altered by anyone, after it was altered (compiled) by you.
You can digitally sign any sort of file. It's like adding your PGP signature to an email. It doesn't certify that the contents of your email are particularly interesting, or truthful. What it does is mathematically certify that you are the only person who could've produced the email (provided your signature hasn't been compromised, which would be your own fault).
So here's how it goes: Say I'm a Win32 developer, and I have an application called FooSpaz. I finish a release version of this application, and it's ready for distribution to the unwashed masses. Before I start the factory burning it to the CDs, I digitally sign the executables (and probably the installation program as well), certifying that they haven't been altered by any third-parties.
The signature I write has been given to me by VeriSign, and I am the only one who can sign files with it, because no one else has my key, cerrtainly not my compiler or microsoft.
What you need to keep in mind is that these signatures do not, in any way, indicate that a program is trustworthy. That's not their intention. What they show you is that a program has an author and that author is registered with VeriSign. If the application happens to be malicious, you'll know who produced it. However, this is not a certification process, by any means.
Second: Given the same password, a brute-force cracking system would've been able to do the exact same thing under Linux, BSD, etc. It simply doesn't matter *how* the password is encrypted when you're dealing with brute force.
Now, on top of all of this, Microsoft doesn't write the software that signs applications. VeriSign does. It uses the same cryptographic principles that make SSH and SSL usable and secure.
Not quite. VeriSign creates the signatures, yes? The authors sign them to their applications.
"They" don't get a say in what is and is not a valid application. It doesn't work that way. A developer gets a signature and it is cryptographically written to their executables. It's just a simple method of authenticating *who* wrote/distributed the application. The process has nothing to do with whether the application is "ok" in anyone's view.
Your "malicious" DLL would have to be signed too, in order to be run under this scheme. The certification is in no way meant as an indicator of a program's relative maliciousness. It's just a method of verifying who authored it, for accountability purposes.
It is workable. Not everyone will want to keep this feature enabled, but I can think of tons of companies who will eat it up.
And, for God's sake, it can be disabled -- what the heck is wrong with you people? I am so disappointed with Slashdot for the way they ran this story.
Microsoft doesn't handle the certification; they have no say in the process, and there are no standards to say what sorts of applications can be signed or not. The bottom line is that a signature just adds accountability, not certification of usefulness.
Now that's funny. Reverse engineer the signing process? If you think you can "reverse engineer" a cryptographically secure system, I'd love to see it done.
Don't you have to actively use a trademark to defend it's ownership?
Not really, the discussion is about the kernel and the OS. Although the installer is definitely tied to the distro, it would be nice if Linux had a singular installation system.
I'm sure this fellow has better things to do with his time than administer a email/fax webserver. It's not about the possibility, it's about the convenience, and the reliability.
Look at related past scenarios: VirtualPC and SoftWindows for the Mac do essentially the same thing (with minor performace issues), and Microsoft doesn't seem to mind them. WMWare hasn't been hassled by Microsoft, to the best of my knowledge, either.
But yeah, I'm sure Plex86, which is probably riddled with bugs and compatibility issues at this point, is going to scare them into litigation. Makes sense to me.
Nothing you mentioned has anything to do, specifically, with the area. If I went to any other major city in the US, I could say the same thing about their sports teams. Or their highway infrastructure. Or their museums. Or their malls. What do you have against Boston?
And, in fact, the only thing about the Boston-area that has anything to do with the Free Software Foundation, is one of the things you neglected to mention: MIT. Stallman was at MIT when he started the foundation. If Stallman had been at Oberlin, he would've started the foundation in Ohio, but he wasn't -- it's got nothing to do with MA, for better or for worse.
It's not vaporware -- plenty of developers have seen it being used at shows.
It wasn't a very funny one. But I'll take the hit anyway.
Really, I voted Gore because I felt he had the experience and knowledge to make a better president than anyone else running. Even if he had a snowballs chance, I wouldn't vote for Nader, because he I don't believe he'd make a very good president. I feel similarly towards Brown and Buchanan.
Uh, no -- it's Attorney General. Your bio says you're from the US, but I find it amazing that you don't know who Janet Reno is.
Some people's votes literally do not matter. Clearly that's not the case in states like Wisconsin and Florida, but in my mostly Democrat home state of Massachusetts Gore had almost twice as many votes as Bush did. I still went out and voted, because of the other questions on the ballot, but regardless of how I voted, Gore was going to get our Electoral.
Under Linux, I use Mozilla M18, which is really quite good, but not quite as good as IE and lacks an integrated file manager, although the filemanager in KDE 2.0 is very good, so I won't count that against it.
I am stuck without DVD in Linux, and I don't think that's going to change any time soon, unless ATI releases a version of their player for Linux.
KOffice isn't on par with MSOffice. KOffice is good, and it has the potential to really take off, but feature-for-feature, MS is just better.
Now, as for the customizablility of Linux, I agree that it's nice, but I also value the standardization of the widget-set under Windows, which is more than I can say for Linux. Right now there are four toolkits that I commonly see in my Linux desktop: KDE, Gnome, Motif, and OpenStep. Under Win32, it's all the same, with very little deviation. I couldn't really care less what my window title-bars looked like, either.