Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:Stating the obvious.. on Cisco CSO Says Antivirus Money "Completely Wasted" · · Score: 1

    The problem with Windows is that everyone and their dog is running Windows as administrator (root). Stop running Windows as root and you stop malware with a brick wall.

    No you don't. You might slow it down for a few months, but the vast majority of stuff that malware does, does not require privileges any higher than a regular (or even limited) user.

    I'm actually surprised that Vista hasn't sparked an outbreak of runs-as-a-regular-user malware.

  2. Re:Stating the obvious.. on Cisco CSO Says Antivirus Money "Completely Wasted" · · Score: 1

    I am sure that the malware folks would be happy to start writing their wares for OS X, Linux, Solaris, BSD, etc, but all of those OS's are superior by design, and more difficult to attack, other than by trickery.

    In what way(s) ?

  3. Re:Word processing vs. Page layout on Microsoft Office 2007 to Support ODF - But Not OOXML · · Score: 1

    Give me one good reason why a word processing document should look different when viewed on different computers that have all the fonts used.

    Because not all printers are physically capable of identical output. The most obvious example being the use of A4- vs US-Letter-sized paper.

  4. Re:Not embrace and extend, but embrace and squeeze on Microsoft Office 2007 to Support ODF - But Not OOXML · · Score: 1

    Why? Why would I want a word processing document printed at home to be laid out slightly differently when I print it at work? How is that an advantage instead of a huge pain in my ass?

    Because your setup at home is probably different from your setup at work. Different printers, different margins, different fonts, etc. Depending on the situation, your home printer may well be physically incapable of producing identical output to your work printer (different hardware margins, for example).

    Word processing fits content to a page, a paper page for printing.

    Exactly. Which is why the layout of that content is going to change depending on what the printer is capable of outputting.

    PDF is not appropriate for all uses.

    It is, however, appropriate for the case I gave as an example.

    For example, when I check a document into SVN and I want multiple people to collaborate on it, all making edits. Why the hell is it useful for one person to tweak the fonts to get them to fit properly on their printer, only to have the other people change them back to work on a different printer?

    Because person 2's printer might not be setup the same as person 1's printer.

    (To say nothing of why that sort of collaboration requires the document look the same when printed during that phase.)

    That is a stupid annoyance, not a benefit. You haven't presented a single use case where this is an advantage.

    Yes, I have:
    1. So what you see on screen is an accurate representation what comes out of your printer.
    2. So that when someone opens the document on a machine with different printing capabilities, what they see on their screen is also what will come out of their printer.

    Or, more succinctly, the whole point of having a WYSIWYG word processor in the first place. You are complaining because a program whose primary purpose is to make what you see on screen look the same as what will come out of the printer is doing exactly that.

  5. Re:Prior art on Microsoft Patents 'Proactive' Virus Protection · · Score: 2

    Except in the other multiuser OSes, that's not the DEFAULT. If it was done correctly, badware started up in the registry (which is an entirely seperate misfeature) would still run with user perms and thus not be able to modify those files.

    Applications started from the user's registry hive run as that user. Applications from the system's registry hive run as whatever user they are able to.

    This is no different to any other OS. If you start something on Linux from your .bashrc, it will run as you. If it gets started from an initscript or /etc/rc.local, it will run as a specified user (typically root).

    Elevate their privs when necessary: Good
    Elevate privs when not necessary without user interaction: NOT good

    I'm not sure why you think the latter happens in Windows, but it does not.

    Except that either "security context" means something other than what you think it means, or said "security context" is broken, or you're wrong. See above about modifying system files.

    No, you just don't have a clue what you're talking about. Processes running as a user can't modify files that user doesn't have permissions to. Further, processes can't magically elevate themselves to get sufficient privileges without user interaction.

    As for what has/has not ever been running in kernel space, look at MS' own statements re IE during the antitrust trial.

    Their statements say nothing about whether or not IE runs in kernel space (and it most certainly does not).

    Or the fact that relatively simple upgrades (WMP) require OS reboots.

    Again, a meaningless measure for making technical assessments.

    They are doing it wrong.

    How would you know ? You clearly don't even have basic grasp on how Windows works.

    They keyword difference between what I said and what you said is "unwittingly." If I want to overwrite a kernel module with firefox, I have to:
    a) Run firefox as root/under sudo
    or
    b) chmod o+w module.ko as root/under sudo
    Same goes for the setup files in /etc, or just about anything that lives outside of $HOME or /var/tmp

    Yes. Just like Windows. What's your point ?

  6. Re:Secure your email on US Firms Read Employee E-mail On a Massive Scale · · Score: 5, Insightful

    Large corps? Heh - you're just begging for attention if you start flinging around abnormal-looking SMTP traffic; esp. in really big companies that get a touch paranoid about such things as corporate espionage.

    There is an implied point here that deserves highlighting.

    The people who are employed specifically to analyse outgoing mail, aren't looking for you emailing your girlfriend during working hours, forwarding chain letters, or calling your boss names. They're looking for the folks whose "inappropriate" mail will cost the company big $$$$ - corporate espionage, sexual harassment, etc.

    Most people will never be in position to be monitored thus, because they'll just never be "important" enough.

  7. Re:Not embrace and extend, but embrace and squeeze on Microsoft Office 2007 to Support ODF - But Not OOXML · · Score: 1

    That's called a bug. Word processing files should look exactly the same across platforms and versions, with exceptions given for missing fonts or other referenced data. It should absolutely not change when you switch printers and as far as I know MS Word is the only program to have that problem.

    Quite the opposite. Word processors should most definitely change the display to match new output devices like a printer. Just like browsers should change the display of a web page to match *your* screen, not the screen of some web designer somewhere.

    You seem to be missing that it's What You See Is What You Get, not What You See Is What They Get.

    If you want a document to look the same regardless of where it is viewed, use something like a PDF. If you want it to be editable, use some form of page layout software.

  8. Re:Flushot+ did the same thing many years ago on Microsoft Patents 'Proactive' Virus Protection · · Score: 1

    Quote from the patent ``The method as recited in claim 3, wherein identifying calls that are potentially indicative of malware includes: comparing calls made in the executable with calls that exist in known malware; and if a call matches one that exists in known malware, determining that the call is potentially indicative of malware,,
    There was a TSR program for the IBM compatibles called FLU_SHOT which would do the same. It would remain in memory and warn the user whenever a program tried to change a file on the hard disk or diskette, or whenever a program tried to reside in memory.

    Uh, those two things aren't even conceptually the same, let alone similar enough to invalidate a patent. One is using heuristics to assess whether a program's actions "look like" malware based on known "malicious behaviour" and the other is prompting the user for permission to do something.

  9. Re:Prior art on Microsoft Patents 'Proactive' Virus Protection · · Score: 1

    It is their DUTY to release that kind of thing FREE as they all deal with fixing their own products flaws.

    AV products don't fix OS flaws, they fix user flaws.

  10. Re:Prior art on Microsoft Patents 'Proactive' Virus Protection · · Score: 1

    Evidently not, since a user getting a virus could infect the system files, and not just that user's files.

    Only if that user has write privileges to those files (just like every other multiuser OS).

    That means the user either had elevated privs (which means that "solution" fails it) [...]

    How so ? Because the user is able to elevate their privilege levels when necessary ?

    Things that DO NOT belong in kernel space: [...]

    My mistake, I was assuming you had some vague idea of what you were talking about. The "browser rendering engine" has never run in kernel space (nor has the GUI, or "shared libraries" for that matter). They are user space applications and run in the security context of the user that started them (except IE on Vista, which runs with reduced privileges).

    If it's at the point where a user can unwittingly allow overwriting operating system files via a web browser, the developer needs to stop writing OS software NOW and go back to PHP.

    Firefox running with appropriate privileges can overwrite "operating system files" on, for example, both Linux and OSX.

    No remotely current version of IE will do what you claim by design, without user intervention to modify privileges levels, or a software bug, both situations which apply equally to all OSes.

  11. Re:Reminds me of ... on Microsoft Acknowledges NBC's Wish is Its Command · · Score: 1

    Ok, let's ask it concrete: how do I play HD-Audio and HD-Video over HDMI without involving the PVP-OPM and PUMA modules? Answer: I can't. Period. Even if the audio and video are unprotected content, I have to pass the Media Gateway Interface.

    I don't know how many times - or in how many different ways - I'll need to repeat this before it sinks in:

    The playback of media that is not DRM-encumbered does not use the "protected paths" (unless, of course, your player application needlessly uses the "protected paths" - in which case you need to take it up with the software developer). This is how the system is designed to work and it is exactly how it does work. The activation and usage of the "protected paths" is wholely, solely, completely, utterly, without reservation, 100% and totally at the discretion of a) the developer of the player software and b) the content provider. Vista will not apply any DRM restrictions to any playback unless directed to by the player application, which should only do so when the content provider has flagged their media appropriately.

    Vista will not apply DRM restrictions to unprotected media. Indeed, it won't even apply restrictions to DRM-encumbered media if the player application doesn't tell it to.

  12. Re:Prior art on Microsoft Patents 'Proactive' Virus Protection · · Score: 1

    Poor user-level access controls (apparently partly addressed in Vista) [...]

    "Addressed" in all versions of Windows NT.

    [...] and mind-blowing abuse of kernelspace [...]

    For example ?

    I'm sure there are others, like why the hell a website plugin can result in files being autoexecuted on boot...

    Because the user allowed it to, same way any program can.

  13. Re:Prior art on Microsoft Patents 'Proactive' Virus Protection · · Score: 3, Interesting

    No, they'll get their license fees, or they'll release Windows v8 with proper security in place, ruining all these vendors businesses overnight.

    What deficiencies in OS security do you think antivirus tools are addressing ?

  14. Re:No it's not, and quit the stupid analogies on French Judge Orders Refund For Pre-Installed XP · · Score: 1

    On the other hand, that applies to many laws and cases.

    For example ?

    There is always greyzones and situations that aren't covered completely by the law itself or circumstances that might affect the outcome. Ultimately the courts will set the lines and define the boundaries of what applies when and so on.

    The idea you can be found guilty of breaking a law without actually being able to know beforehand if you were going to break that law, should be terrifying to any and all sane people.

  15. Re:Reminds me of ... on Microsoft Acknowledges NBC's Wish is Its Command · · Score: 1

    Any media still goes through the new driver infrastructure, and since all drivers for Vista must implement policy controls, [...]

    Clearly they must not. Unless you want to try and argue that all those video and sound cards physically incapable of providing a "protected path" currently being used with Vista are figments of their respective owner's imaginations.

    [...] I ask you again: how do I play unprotected content on Vista without clearing it with the kernel first?

    And I repeat (for about the fourth time): use non-DRM-encumbered media (and if you're particularly paranoid, a player application and hardware that doesn't support DRM).

    If that doesn't answer your question, then you need to better explain what you mean by "clearing it with the kernel". (I have had to do some interpretation there, since "clearing it with the kernel" is, in and of itself, a nonsensical statement. The "kernel" doesn't "clear" anything. It does what the player asks it to do, which is to either use or not use the "protected path".)

    You do realise that you are blatantly contradicting Microsoft's own whitepaper on the subject and basic computer science, aren't you?

    Please quote the relevant parts of Microsoft's documentation where they state non-DRM-encumbered content must be subject to DRM restrictions.

    Once you've done that, you can explain why the equivalent of a simple IF statement "contradicts basic computer science".

  16. Re:$1,000 market dominance... on 66% Apple Market Share For Sales of High-End PCs · · Score: 1

    Mate, if you are working in Australia, and only getting about $60,000, you are getting paid very badly. Unless you are a graduate.

    Say what ? Even in Sydney, $60k would have you earning more than most people.

  17. Re:Reminds me of ... on Microsoft Acknowledges NBC's Wish is Its Command · · Score: 1

    So you are saying that it is possible to create an application that is able to play content on vista without going through the content protection measures to affirm its unprotected status?

    Yes.

    (Whether or not you can convince the various media companies to provide you with the ability to play their HD content on your potentially "insecure" player, OTOH, is a different matter.)

    Are you seriously saying that Microsoft sold snake oil to the content producers?

    No. It's acting exactly how it was designed to (and exactly the same way any equivalent appliance does). DRM-encumbered == "protected path". Non DRM-encumbered == "unprotected path". It is the responsibility of the player to determine which path is needed.

    Here's the question, and answer it for a change: how do you play any content on Vista without clearing it with the kernel first?

    You install a video or music player (say, VLC) and then open your media file in it. Complicated, I know, but with a little practice you should be able to handle it.

    You keep asserting it can be done, so why don't you prove it for a change? Just saying 'it ain't so' is not going to cut it forever, you know.

    What exactly do you want me to "prove" ? You can play HD, un-DRMed media in Vista without any restrictions - through an analogue VGA out and with audio via SPDIF. This is trivially demonstrable just by sitting in front of a Vista machine and doing it. My media centre does it every night.

    In the meantime, you'll excuse me if I take a computer scientist with a long publishing history in cryptography a little more seriously than an anonymous Microsoft shill on a message board.

    You'll have to excuse me if I take the specifications of the developer and actual, observed behaviour over the musings of an obviously biased third party who hasn't even used Vista.

  18. Re:Much as I hate to defend Apple's prices... on Mac Cloner Psystar Ships First Service Pack · · Score: 4, Insightful

    What they would have to worry about is cannibalising the iMac sales, because a standard-tower Mac plus a third party monitor, graphics card & RAM would be cheaper than an iMac and superior in every way except form-factor, which isn't really high on most people's list for a desktop.

    No it wouldn't. The mythical mini-tower Mac, if it were ever made, would be priced at a little less than equivalent iMacs (if not exactly the same).

    The real threat from such a box would be to Mac Pro sales.

  19. Re:Reminds me of ... on Microsoft Acknowledges NBC's Wish is Its Command · · Score: 1

    Well, guess what, Mr. Shill, even implementing an open spec may leave you open to charges of copyright infringement, if you don't document your processes. Which is why Compaq chose to do a clean-room reverse-engineered implementation, to cover their arses, because IBM has always been known to have a trigger-happy legal division, then even more than now.

    Strange behaviour from a company supposedly trying to encourage everyone to copy their "open platform".

    And as for your pro-Vista shilling, how does Vista enforce that applications use a secure media path?

    It doesn't. Nor is it supposed to in either design or spirit. The onus is on the application to request the "secure media path". The OS just provides one. No different from allocating memory, creating files or making network connections.

    You keep dancing around that, don't you? I wonder why that is?

    I don't "dance around" anything. You are simply unable to grasp that your preconceptions about how you think the system works (presumably based on the phenomenal amount of anti-Vista FUD posted on Slashdot) are wrong.

    Vista doesn't "enforce" DRM - that would imply it applies DRM restrictions to media which is not DRM-encumbered (something that is, again, trivially disproven). It provides DRM functionality for those content providers who want to use it (as is their right, as the owner of said content). Which is why, as previously mentioned, if you don't like DRM all you need to do to avoid it is not use DRM-encumbered media. It's also why the only people ultimately responsible for DRM restrictions are those releasing their content DRM-encumbered, and why directing fury at Microsoft is both pointless and wasteful.

    Ultimately, Vista's DRM won't do anything that every other player (be it a software application or a hardware appliance) will also be doing.

  20. Re:If an app was never tested on NT on New Malware Report Hits Vista's Security Image · · Score: 2, Interesting

    The first OS to have a prototype implementation of an API is beside the point.

    Uh, not when you're arguing it's a problem with the API, it's not.

    I'm not sure why you think it was a "prototype", either. Win32 was NT's primary API.

    Most applications for the home market were designed and tested not on Windows NT but on Windows 95 and Windows 98, as Microsoft didn't market NT for home use until 2002.

    This does not excuse developers for blatantly bad practices. There is no excuse, for example, for applications spewing user-level data like configuration files through system areas.

    What's the good way to solve PEBKAC without requiring the OS vendor to certify all applications with a digital signature, which certification processes have historically shut out free software?

    There isn't one - at least, not within the realms of practicality.

  21. Re:Windows is basically a wrong architecture on New Malware Report Hits Vista's Security Image · · Score: 1

    By Design Windows is flawed.

    How ?

    Vista was done from ground up ripping out all old code but still has all problems in addition to UAC, BECAUSE Microsoft thinks Security is an add-on.

    Vista was in no way "done from the ground up ripping out all old code" any more than OS X was.

    Mac OS X thinks security is part of OS and hence Administrator is different from root.

    Windows has no concept of 'root' (unlike, say, OS X, where an 'admin' user is but one step away from 'root'). Your comment is nonsensical.

    One should not need UAC to install software, and the registry concept should be thrown out.

    One should most certainly need UAC to install *system-wide* Applications (or you could just use the less secure OS X method where any 'admin' user can write to /Applications).

    Why the fcuk should a software write to a registry?

    Same reason they should write to /etc or system-wide .plists.

    It was originally meant for Windows only and should have been locked out instead of allowing every joker to write to it.

    Why ? The Registry is a transactional, ACL-controlled database.

  22. Re:PR != Security on New Malware Report Hits Vista's Security Image · · Score: 2, Interesting

    Part of the problem is the Vistas UAC prompts users (even local admins) far to often.

    Being a "Local Admin" just means your user has the ability to elevate using UAC. It is the rough equivalent of the 'wheel' group or
    %administrators ALL=(ALL) ALL
    in /etc/sudoers.

    If I'm a local admin on a workstation, there are certain tasks that I would expect to be prompted for (installing software, patching software, deleting file from C:\Program*\, ETC.) but changing the system time? Opening the system management MMC? This simply means that most admins will turn it off, which significantly reduces its functionality ;)

    You should most certainly need elevated privileges to change the system time and run the system management tools.

  23. Re:PR != Security on New Malware Report Hits Vista's Security Image · · Score: 1

    Key difference - Using sudo represents an active request by the user for privilege escalation.

    I'm sure the GP is talking about the graphical sudo prompts in Ubuntu (and others), rather than 'sudo blah' style commands.

  24. Re:PR != Security on New Malware Report Hits Vista's Security Image · · Score: 1

    The sudo prompt is only expected to appear in certain situations (such as clicking on administrator mode button in certain dialogs), not randomly when browsing the web. AFAIK, on Vista it can appear anytime application asks for it (but I am not Vista user).

    UAC prompts appear anytime an application tries to do something that requires elevated privileges (this is detected automatically by the OS).

    I don't use Vista heavily, but I've yet to see a UAC prompt that was unnecessary (although they are sometimes unexpected due to poorly written applications).

  25. Re:Back-compat is the hurdle on New Malware Report Hits Vista's Security Image · · Score: 1

    No other popular desktop OS has had a continuously maintained API going back to an operating system with a single-user kernel. The Win32 API has been around since the single-user Windows 98, and end users expect binaries compiled and tested on Windows 98 to run on Windows Vista.

    Win32 originated from the multiuser Windows NT 3.1, in 1992.

    Apple solved this on Mac OS X (Classic environment) and CodeWeavers solved this on Linux (Wine) through partial virtualization of an old operating system to run its applications.

    The API simply isn't relevant. Nearly all malware issues can be narrowed down to PEBKAC.