Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:Extortion on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    False choices. Let's go with the unstated third choice: use some of that 90 billion dollars sitting in the bank to rewrite the OS and fix the damned problems, so we no longer need this "fix".

    What OS-level problems do you suggest they "fix" ?

  2. Re:Extortion on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    I understand exactly what you mean. But isn't there a fundamental difference in the architecture in Linux (all flavors) that makes it much more difficult for viruses to propogate?

    No.

    I thought it had something to do with the fact that most Windows users have administrative privileges while using Linux as root is taboo. Again I don't know much on the subject.

    This is not an "architectural" issue, it's a "configuration" issue. There is a vast canyon of difference between the two.

  3. Re:Extortion on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    It can't be denied, however, that the motivation for releasing a security patch (especially in the absense of high profile media coverage) in a timely manner goes down considerably. I mean, they have to "test" those patches before releasing them, right?

    You seem to be missing a rather important point - that antivirus (and antispyware) software, almost exclusively, is protecting you against things that _can't_ be patched, because they're not broken in the first place.

    Antivirus and antispyware software is there to stop you shooting yourself in the foot and/or to help you clean up after doing so. It's not there to protect you against things low-level OS security features can.

  4. Re:Extortion on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    But why can't the architechture Windows be improved instead of offering an anti-virus program?

    What "architectural" improvements are you thinking of ?

  5. Re:Cool on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    Doesn't solve the underlying problems, but makes the pain go away for a short while.

    Virus scanners don't protect you from "underlying problems", they protect you from things OS security can't.

  6. Re:Extortion on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    Suing for bundling everything under the sun with the intention of abusing monopolies is one thing, but bundling (for free), security software to protect the operating system that should be secured in the first place, does not strike me as monopolistic abuse.

    "Security software" - ie: anti-virus and anti-spyware programs - are protecting you against the thing that OS security - by definition - cannot. Yourself.

  7. Re:To be fair to Microsoft on Microsoft Officially Announces Anti-Virus Product · · Score: 1
    Anything can be stopped by good security.

    No, it can't.

    Especially in the case of iloveyou.jpg.exe. Here's how it goes. First, show the extensions, it is a security hazard not to when the extension controls whether or not the file is executed. Second, Give big warnings the first time you run a new executable, and each time the executable has changed, and even more warnings if the executable has 2 extensions such as .jpg.exe. Each executable should need specific permissions for reading and writing files, including the registry, which is a separate case, and executables shouldn't be able to access the hard drive until you give them explicit permission.

    So once the user has done all that, so they can see the pictures of $NAKED_CELEBRITY, what stops the malware from destroying their data ?

    Also, don't let executables trash system files, and make users log into a non-priviledged account.

    "System files" are typically the least most important files on any given system.

  8. Re:Treacherous Computing on Halo 2 Only on Vista · · Score: 1
    "Error: TPM not found. Please run Windows Vista on the bare hardware."

    Unlikely. There's _way_ too much value in developers being able to work with VMs for Microsoft to make them unusable.

  9. Re:Sure, but when on Could Linux Still Go GPL3? · · Score: 1
    NOTHING in GPLv3 disallows implementing DRM with GPLv3 code.

    Right, in much the same way the existing GPL says nothing about not being able to sell GPLed software - instead it just makes it practically impossible.

    GPL3 makes it practically impossible to use DRM. Sure, you can have it, but you need to give everyone a back door in as well.

  10. Re:How do you solve a problem like RMS? on Could Linux Still Go GPL3? · · Score: 1
    He founded a software movement that revolutionized the computer industry.

    How so ? Hasn't pretty much all of the "revolutionising" from "free software" come from software that originated out of government projects, universities and the like ?

    What GPLed software has "revolutionised" the computer industry ("revolutionised" being a pretty powerful word) ?

  11. Re:Unlikely they'll switch again on Apple Switched Chips Too Soon? · · Score: 1
    Most modern OS X apps (cocoa apps) recompile to multiple simultaneous architectures, including endian changes, with a single checkbox setting.

    Unfortunately a rather large chunk of important apps on OS X aren't "modern" yet. There's also the paltform-specific optimisations for things like Photoshop to consider, but they're a relatively tiny part of the codebase.

    My point was that all contemporary OSes are quite portable, currently run on multiple hardware platforms and take relatively little effort to switch "primary focus" from one architecture to another. Most applications - not to mention things like hardware and drivers - however, are not - and that's what most customers are interested in, rather than the OS.

  12. Re:Raised eyebrows on Possible Breakthrough for AIDS Cure · · Score: 1, Offtopic
    You forgot option 3:

    Thanks to the miracle of "Intellectual Property", it could be both fast and cheap to manufacture _and_ demand can exceed artificially restricted supply, making it "expensive as hell" (and highly profitable) !

  13. Re:Apple too soon or IBM too late? on Apple Switched Chips Too Soon? · · Score: 1
    Not that easy - Apple, if you're reading, consider GPLing the source code to OSX. You'll find it a hell of a lot easier to maintain, and you don't make that much money on software compared to your hardware (and future music/video distribution biz)

    And 2 -3 years later when your Macintosh and OS X departments are no longer viable, you'll be able to focus more on the iPod !

  14. Re:Unlikely they'll switch again on Apple Switched Chips Too Soon? · · Score: 1
    OS X is very portable. Once you solve the endian issues, bringing it up on a new CPU isn't a Herculean task.

    The porting "problem" typically isn't with the OS, it's with the applications.

  15. Re:The trouble with unmanned vehicles... on Lockheed Martin Plans Unmanned Aircraft · · Score: 1
    Put some thought into your comments.

    I did, which is why I said "unmanned vehicles" and not "unmanned aircraft".

    The easier it is for the people who decide to go to war to distance themselves from the real consequences of those decisions, the more likely - and more frequently - they are to do it. Unmanned vehicles turn war into little more than an expensive video game, from the perspective of the decision makers, removing any possibility of them taking into account the human consequences (because on their side, effectively, there aren't any).

  16. Re:The trouble with unmanned vehicles... on Lockheed Martin Plans Unmanned Aircraft · · Score: 1
    Way to advocate the pointless loss of human life in order to avoid the "evils" of war....

    Not going to war in the first place is a vastly better way of avoiding "pointless loss of human life" than being able to minimise the casualties on your own side by turning war into a video game.

    I think this dumb pacifism thing has gotten way out of hand......

    "Hating war" != "Pacifism". I've yet to meet a single veteran who doesn't hate war, nor who is a pacifist.

  17. The trouble with unmanned vehicles... on Lockheed Martin Plans Unmanned Aircraft · · Score: 2, Interesting

    ...Is that they make it easier to go to war. None of those politically inconvenient body bags to bring home.

  18. Re:Isn't that obvious? on UNIX Security: Don't Believe the Truth? · · Score: 1
    Why? Because an install of WinXP can be compromised before you finish the installation of Service Pack 2. You are required to connect to the net *before* you have secured your machine.

    Turn the firewall on before connecting.

    His whole article bypasses the issue of how a virus gets onto the computer in the first place. I think we call all agree it's more likely for a Windows box to be infected.

    Windows and Linux could be equally secure, and this would still be true.

  19. Re:Windows NT (and successors) on UNIX Security: Don't Believe the Truth? · · Score: 1
    If it were possible to comfortably run Windows as a regular user and not an administrator, most if not all of Windows' security problems would be solved.

    Maybe for a few months, but it wouldn't take long for malware to be rewritten "properly".

    The problem is that many software vendors often write their software for the least common denominator, which for the longest time was Windows 95/98/Me, which had _no_ idea of user security.

    This hasn't been an excuse since about 1997, when Windows 9x gained the ability to have per-user profiles and Registries like NT (although, obviously, it couldn't enforce any separation of them). That's how long application developers have had to rewrite their programs to not use the system areas in typical use.

    There is no excuse whatsoever for any remotely current application to needlessly require Administrator privileges. None.

  20. Re:I'll Field a Few Questions on UNIX Security: Don't Believe the Truth? · · Score: 1
    On the flip side though, I would thinkthat *nix boxes would be bigger targets because (generally speaking), stuff that's running on the average *nix box is probably more mission critical than the the stuff running on the average Windows box.

    They're also typically used by people far more likely to notice weird behaviour, and capable of fixing it quickly - making them exceptionally *un*inviting targets.

  21. Re:His objections are utterly unfounded (also stup on UNIX Security: Don't Believe the Truth? · · Score: 1
    This idiot is stating that because some users don't understand the UNIX security model, the UNIX security model is flawed.

    It is flawed. It has a class of user to which no restrictions are applied, nor ever can be.

  22. Re:Backup on UNIX Security: Don't Believe the Truth? · · Score: 1
    I'm one of the idgits that run as admin all the time. (I took no offense to your post, btw.) One of the main reasons I do this (besides the convenience) is that I'm not convinced that it'd actually spare me any security issues.

    It will protect you from three things:

    1. Your own stupidity (ie: accidentally hitting 'delete' with the wrong thing selected).

    2. At this point in time, a lot of malware, as that assumes that users are running as Administrator (this will change over time as LUA accounts become more common).

    3. The fallout of either #1 or #2, as only your own files will be damaged on a multiuser system.

    Think of running as a regular user as being like the safety on a gun. Won't stop you shooting yourself - or others - in the foot, but makes it less likely to happen accidentally.

    It might prevent my girlfriend from installing software, but do Windows permissions actually do anything beyond that that would make my machine the slightest bit more secure? To the best of my knowledge, no. But if somebody could correct me, I'd really appreciate it.

    Windows file permissions for non-Admin users are as restrictive as those on just about any unix system.

  23. Re:That's not exactly correct on UNIX Security: Don't Believe the Truth? · · Score: 1
    Windows can't do that.

    Uh, yes it can. You can easily emulate the u/g/o model of unix with Windows ACLs.

  24. Re:That's not exactly correct on UNIX Security: Don't Believe the Truth? · · Score: 1
    On thing I tried doing with the "fairly intricate permission system" is deny a user from running an application by placing the user in one group and only that group and not giving directory or file access permission for that group along with removing the psuedo group of everyone (IOW the directory and files had only specific permissions granted to a different user). Of course guess what, user could still run the application. Kinda useless to have a "fairly intricate permission system" when the OS doesn't even obey its own ACL's on directories/files.

    Firstly, Deny permissions take precedence over allow permissions, so there was no need to remove the Everyone group.

    Secondly, having just tried this (denying Read and Execute for a specific user to an executable), it works as expected - the user couldn't run the executable. So I'm guessing you stuffed it up while trying to over-complicate the situation.

  25. Re:Why Windows People Run as Admin on UNIX Security: Don't Believe the Truth? · · Score: 1
    Windows feels restrictive as a normal user, because its filesystem and registry permissions are so haphazard.

    Define "haphazard". What filesystem and Registry permissions do you find strange from the perspective of running as a regular user ?