Slashdot Mirror


User: mpe

mpe's activity in the archive.

Stories
0
Comments
14,499
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 14,499

  1. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 1

    I swear. the only way this is going to go away is if the Mythbusters bust it.
    IE doesn't and never ran in kernel space.


    How could you do this in a way which involved Buster getting either blown up or shot? Even then it could pop up on a "Myths Revisited" episode. With a lot more credibility than some of the daft things which have.

  2. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 1

    My comment was not an evaluation of the current state of Unix security but rather the statement that "security cannot be retro-fitted to a system". Security was retro-fitted to Unix - from the original crude rwx user/group/world system to later ACLs, role-based access controls, BSD's kernel params, etc.

    It's only fairly recently that Windows has had any security system, there is still plenty of Windows software (not just old software either) written for computers with no security system. Even though Windows XP actually has quite a good security system too many developers have no clue that it's even there, let alone how to use it.
    Whereas unix type systems have had user based security for decades. It is fairly difficult to find anything on such systems which would simply ignore the security system without a very good reason.

    I wouldn't celebrate Unix as a great example of secure computing design...several other operating systems come to mind as systems that were more secure from the start.

    More complex, even more featureful, does not always equate to "better". Unix is somewhat based on Multics, which had a far more featured system for permissions. Yet many people have never even heard of Multics, let alone used it.

  3. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 2, Informative

    Major portions of the Windows GUI run at Ring 0 -- basically the same level as the kernel. That code has virtually no restrictions on what it can do.

    An OS running privileged code is not a problem. The problem comes when that privileged code can execute arbitary code with the same privileges without any form of control or even indication that this is happening. A well engineered OS will be written to minimise the amount of code running with privs because of the amount of damage even a bug, let alone malware, can cause.

    Any exploit that attacks the OS at the GUI level (which isn't hard to do with ActiveX) can pwn the system.

    This makes ActiveX a design flaw.

    Rewrite the OS to run as much of the GUI in userland as possible and take the performance hit and/or 'ease of use' hit.

    The performance issue is not clear cut, moving code which handles arbitary input into "userland" means less of a need to check the input it also may be possible to get around any perfomance issues by writing more efficent code and having the core OS automatically load alternative binaries depending on the hardware type. Indeed considering the performance of modern hardware the code involved must be horribly inefficent in the first place...
    I also don't understand how issues of structured codeing and good software engineering are directly relevent to how good the user interface is or is not.

  4. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 1

    If you run ANY process, not just IE, as Administrator (or root in linux/OSX/unix terms) you can change system binaries. Take your user out of the Administrators group, and no IE exploit can root your system.

    There are plenty of Windows applications where giving the user elevated privileges is the recomendation of the vendor/supplier/support/etc. In all probability the vast majority of such applications are badly written and don't actually really need any privileges to perform their function. But trying to get that over to some "helpdesk" person who is only capable of reading a script is an exercise in frustration. They simply don't understand a question like "How do I get your software to work without making Windows XP emulate the security model of Windows 3.0?" Nor do many of the people who do understand the issues have the time to reverse engineer applications to find out if they really do need to run as "Administrator" or if running ones as "Administrator" then changing the permissions on some files and/or registry keys will mean that they will work for any user.
    Whereas in a unix type environment you'd raise the privilege of a program (which you can do in Windows, but is virtually never attempted). Just about any unix developer knows that you don't write software which needs to be setuid root unless it absolutly has to be. Also that you either drop root privs ASAP or fork off a minimally functional process using some form of IPC if you need privs throughout execution and attempt to make sure that the bits which run as root can't do things like execute arbitary commands.

  5. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 1

    The issue is that for 'ease of use' MS chose to have everyone run as root, which is probably one of the most boneheaded decisions ever.

    It's more a case of providing "backward compatability", since until the NT branch of Windows came along there was simply no effective kind of file permissions available. Problem is that Windows developers picked up a lot of very bad habits when it came to writing programs which will work when they can't do anything they please. With such programs continuing to be written today.

    Vista will finally push everyone to the limited user realm

    So what will that mean for all the programs which refuse to run unless they have administrator privs? Does Vista provide some kind of volatile copy on write system to let such applications work whilst not actually really giving them privileges?

  6. Re:Mod parent up! on Why Can't Microsoft Just Patch Everything? · · Score: 2, Insightful

    By tying ActiveX so tightly into the OS, they not only succeeded in making ActiveX an almost required component of any Windows Installation, they also knee-capped themselves in regards to handling security.

    It's not just ActiveX. One of the examples linked to in the article involves a corrupted font file being able to bring the OS down.
    At least a part of the problem is Microsoft deliberatly writing "sphagetti code" in order to make applications be a part of the OS.

    Unless it is seperated from OS, ActiveX will always be a threat to the security of a Windows PC.

    A problem from Microsoft's POV is that if ActiveX was structured module or IE was just an application it would be a lot easier for a third party to replace Microsoft's bits of Windows.

  7. Re:Otis Stern is just upset because on Open Source Worse than Flying · · Score: 1

    No, the future will hold at least two separate classes of end-user machines. Limited, easy for morons to use, and something for power users. And the "for dummies" machines have not really arrived yet at all.

    I'm not sure that the "morons"/"power users" split makes that much sense. The whole "power user" concept originates from Microsoft wanting to blur the distinction between "user" and "administrator".

  8. Re:He's complaining about the wrong people. on John Seigenthaler Sr. Criticises Wikipedia · · Score: 1

    Wikipedia has become an intellectual crutch for millions of lazy visitors, and thus something of an institution. It smells authoritative and is treated that way by too many people.

    It should probably be considerdd about as accurate and authoritative as the so called "MSM" then...

  9. Re:Well Known Scam on Consumer Strikes Back at Crooked Online Retailer · · Score: 1

    It's not just camera dealers. This kind of crap has been going on with many mail-order vendors for many years, and they've gotten away with it before largely because of the shortage of law enforcement manpower to follow up on the complaints,

    Is this a shortage of law enforcement or law enforcement being too busy doing "other things"?

  10. Re:The alternative: Mutual assured destruction on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    Launched from within fifty miles or so of their target, the missiles are likely to arrive in less than ten minutes, and may not even be detectable. It is also possible that they could be delivered in automated aircraft which are indistinguishable from civilian aviation.

    Even actually be a civilian airliner. Finding a suicide pilot is unlikely to be too much of a problem for any military or paramilitary... September the 11th showed that a scheduled airliner can be way off course before alarm bells start ringing. Anyone capable of planning an attack using their own aircraft can probably file a flight plan.

    I'm assuming the midwest would be safe because it would not be risky to deliver a bomb via the St. Lawrence Seaway.

    Probably not a good assumption. If you can get a bomb into a container port it probably isn't that much harder to get the container onto a truck. Where it can literally go anywhere there is a road.

  11. Re:The alternative: Mutual assured destruction on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    I think the "cruise missiles and container bombs" argument makes no sense, because these two delivery systems do not have the same potential as ICBMs. A cruise missile is basically a jet aircraft, and we already know how to shoot those down.

    The US failed to do this with some big airliners are few years back. If in someone were to use an aircraft as an improvised nuclear cruise missile they could use a light aircraft. Rather harder to spot and a small jet typically has much better performance than an airliner.

    As for container bombs, you could use them to attack a city, but you could never get one close enough to a hardened military installation to do significant damage. It would be an effective tool for terrorists, but totally worthless as a military strike. And it would be almost impossible to co-ordinate more than a few simultaneous container-bomb attacks.

    Even a few such attacks would be serious. Even many potential military targets are fairly soft. Whilst fences and guardposts may prevent people and vehicles entering they arn't going to stop a bomb going off just outside.

    By contrast, ICBMs can be used to attack any target in the world, take around 45 minutes from launch to impact,

    It has the rather big drawback of giving 45 minutes warning, not very useful if the intent is to do something like killing lots of political leaders at once.

    can be used in co-ordinated attacks of unlimited size

    Assuming to have large number of rockets to hand.

  12. Re:The alternative: Mutual assured destruction on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    Ballistic missile threats from organized militaries seem much less important to me than other delivery mechanisms potentially used by terrorists, included state-sponsored ones. The countermeasures against those include non-proliferation, securing of nuclear materials, more intelligence gathering,

    Including "Human Intelligence" even some good old fashioned "Detective Work".

    and effective action against terrorist groups.

    Which includes dealing with percieved injustices which mean willing recruits.

  13. Re:layered defence on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    The way I see it, the Federal gov't should only really be spending in vital infrastructure and Defense.

    It probaly wouldn't work if the US Government were to actually spend more on the former.

    We are in the worst possible position in this world, in that we are envied.

    Actually no, in plenty of parts of the world the US is disliked for it's foreign policy (which includes, but isn't limited to things like attacking countries which havn't any hope of being able to defend themselves) as well as being laughed at for things like the inability to cope with Hurricane Katrina (or its aftermarth).

  14. Re:layered defence on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    How many hundreds of billions of dollars are you willing to add to the defense budget to get all of those things to "work?" Even if they are never used? Or don't really work but give you a warm fuzzy feeling anyway?

    Which also means that you have several billions of dollars less to spend on other things. Including addressing more likely risks than someone launching a nuclear tipped ICBM at the US.

  15. Re:The alternative: Mutual assured destruction on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    For the newbies to missile defense, "decoys" are typically large mylar balloons which inflate in space to create radar targets as large or larger than a warhead. They are extremely cheap and light, so anybody able to make an ICBM can afford to put many decoys in their missiles. "Anti-simulation" means you put the warhead in a balloon, or in some other way make it look very similar to the cheap, plentiful decoys.

    There are also other things you can use to make seeing where the actual warheads are. e.g. strips of foil. Even lumps of concrete designed to survive reentry. The most difficult part of making a working ICBM is the rocket. Even countries with lots of experience in handling rockets cannot get them to function with the kind of reliability typical of other vehicles.

    Or that they really need a launch-phase system (before the decoys get a chance to deploy), which needs to be very near the launch site, so you need to post sailors or soldiers very near North Korea (because you can't get close enough to China or Russia's launch sites without invading their territory) whenever you think a launch is probable, and keep them ready enough to respond in minutes.

    Most likely this would equate to keeping a fleet of ships near to somewhere which might be a threat. Capable not only of shooting down an ICBM, but also able to defend itself against attack. Since any country capable of launching an ICBM undoubtedly also has the ability to carry out much shorter range attacks against land or sea.
    An ABM system is also utterly useless against the threat of someone smuggling a nuclear weapon into your country and delivering it using a truck. Which is considerably cheaper, much more stealty and has more chance of actually getting to the target than sticking it atop a large quantity of explosive.

  16. Re:Arms on Lockheed Martin Selects Linux for Missile Defense · · Score: 1

    What I meant by "defensive" is when a nation is directly attacked and under _immediate_ threat, there would be no time to hold referendums and all that.

    Which is a reason for having a standing army. However it's hard to have soldiers protecting your nation when they are elsewhere.

    Shooting planes attempting a 9/11 = defensive.

    Which is the case of the US and Canada is part of the function of NORAD. Who were utterly useless on the 11th September 2001.

    It's still better than many wars where far far more didn't want war but were dragged into it. Most people don't want war. Often politicians/leaders may want a war for their own selfish reasons.

    Having some kind of referendum would also help protect against the case where a war is being pushed to further the interests of some third party, be it a nation state, corporation or terrorist gang. Maybe reading (and understanding) "The Art of War" by Sun Tzu should be a requirement before voting too...

  17. Re:The feature that Mozilla is still missing... on Firefox 1.5 Final Now Available · · Score: 1

    As others have pointed out, the website could *still* lie. If the website said it was a torrent, and I told my browser to automatically launch torrents and the file was in fact a trojan disguised as a torrent, I'd *still* be boned.

    On a sensibly configured system this would only be an issue if your application for processing bittorrent files could be persuaded to actually execute file, as opposed to returning an error of the form "this file is corrupt".

    Plus, as I indicated, I have no intention of verifying that a file that claims to be a torrent file is actually a torrent.

    You shouldn't need to in the first place. Once your browser has decided, by whatever means, that it is dealing with a bittorrent file it's up to whatever is ment to handle bittorrent files to make sense of it. Be that apart of the browser, a plugin or an exeternal program.
    There are 3 methods of determining what a file is on a website. The MIMEtype, the filename or the contents of the file. Problems come when these are used inconsistently. Which has lead to all sorts of problems, mostly with MS Windows, involving malicious files which are not what they appear to be. If things are done consistently then tricks renaming a .EXE file to appear to be a .WAV file simply won't work. Either it will get treated as though it is audio data (giving either an error or making a nasty noise) or it will be obvious that it's an MS executable all the time.

  18. Re:tax software on Desktop Linux Survey Results Published · · Score: 1

    i live in a VERY small contry, that's not all, we've 26 TAX systems, one for each cantons, now you know what ?
    we have for 4 years now a JAVA based TAX software. (and no it's not the same Company that does the 26 variants)


    The ironic thing is that small countries often have more dynamic (and more resistant to lobbying) political systems than large countries.

  19. Re:Built for Linux on Desktop Linux Survey Results Published · · Score: 1

    It see it as more of a mind-set thing, some people buy a car, and take it to the dealership every 2000 miles to be taken care of. Some people want a car that they can wrench on and get it tricked out, some are happy with 18 inch wheels and spinners, some end up with a car with a different engine, tranny, and body pannels.

    Here you are only considering one part of the car market. Other parts include companies buying cars and issuing them to employees (known as "company cars") together with companies buying cars and renting them to people.
    Things are much the same with computers, except that a greater proportion of computers than cars are likely to be corporatly (as opposed to privatly) owned.

  20. Re:Built for Linux on Desktop Linux Survey Results Published · · Score: 1

    Similarly, I think that what Linux needs to be considered desktop ready is being likewise constantly redefined. I mean the guys who were interested in Linux when Slackware was frst released saw "desktop readiness" happen years ago. The trouble is that each such milestone brings Linux to the attention of a larger, less technically adept group who look at the OS and say "Nice ideas, but it's not ready for the desktop..."

    How well would Microsoft's products do if they were evaluated for "desktop readyness" using exactly the same criteria? It's also perfectly possible to draw up a set of criteria which Linux would fulfil much better than anything else.

  21. Re:Not to mention.... on A Look at Windows Server Outselling Linux · · Score: 1

    Why would a company purchase a server with Windows server installed on it then wipe it?

    IME this happens to a lot of OEM preinstalls. Even if the machine will be running Windows. It just isn't worth people's time to configure several machines from scratch, especially if they are all intended to be similar.

    Wouldnt they just purchase a server without an OS installed on it and save the OS cost?

    This may not be an option. In some cases this can be a more expensive option that buying one with Windows on.
    Remember that part of the point of Microsoft's OEM deals is to make it hard for them not to sell Windows with every machine.

  22. Re:Not to mention.... on A Look at Windows Server Outselling Linux · · Score: 1

    Slight correction: those short-lived preinstalls aren't just counted as Windows profits, they are Windows profits. In fact it's a very profitable sale of Windows, as there are no support issues whatsoever. Pretty sweet for Microsoft, I'd say.

    If these machines were pre-installed by Dell it would be Dell, not Microsoft, who would have to provide any support for Windows.

  23. Re:Hmm... on A Look at Windows Server Outselling Linux · · Score: 1

    It means Windows is selling more than Linux.

    It may not even mean that. Since the metric involved appears to be more "money spent" than "units sold".
    Even if it was the latter you'd be comparing a per machine cost with that of a set of disks (or a set of disks plus support for one machine. If you have a cluster of identical machines you probably only need software support for one anyway.)

  24. Re:Human energy use linked to global warming on Breakthrough in Biodiesel Production · · Score: 1

    The *real question* is, how much energy from fertilizer does it take to make this biodiesel?

    Depends very much on what you are growing and where you are growing it.

  25. Re:key word is catalyst on Breakthrough in Biodiesel Production · · Score: 1

    In the 2 stage reaction, which is the only time an acid is used as a catalyst for biodiesel, the ingredients are as follows per liter of vegetable oil:
    200 ml methanol. I'm currently paying $2.50/gallon for methanol. Which puts my cost per gallon of biodiesel at about $.50
    1 ml Sulfuric Acid. I'm currently getting this for a little over $1/oz Technically that's expensive, but so little is needed that it works out to only $.15/gallon biodD.
    31-37g Sodium Hydroxide (depending on pH of oil) Lye is what's expensive. Hopefully, this is the catalyst the Nature article is replacing. Every so often a good price on lye will show up, but it is usually between $.20-$1/gallon biodiesel. If this article talks about replacing the lye, I'll definately try it.


    I can't see what you could replace it with other than the hydroxide of another alkali metal.
    What appears to be going on here is that the hydroxide reacts with the original ester to form a salt of the carboxylic acid (a reaction called saponification) plus the alcohol component (complicated by this alcohol having 3 OH groups and thus able to form exters with 1, 2 or 3 acids). So far you'd actually be making soap :). The "clever" bit comes with the carboxylic salt being reacted with a mono alcohol to form a new ester, in the process regenerating the hydroxide.