I'm gonna be a bit unashamably US-centric here for a sec, so feel free to scoff and feel superior.;)
The US likes to bandy about its ideals of freedom. They're right there in our Constitution. Its part of the propoganda that politicians use to rally the populas during times of crisis and drives our military volunteers to shoulder great risks. It is part of our history. It is the foundation of our identity as a nation.
And it is slowly being chipped away by special interest groups; in this case big business.
One has to wonder how other nations and their governments fare under this onslaught. Especially if "freedom" is not as prominent in the nation's identity.
In this example, it seems that the UK may not be doing any better than the US.
I worked on F-4G Wild Weasels in Saudi Arabia. The F-4G aircraft (or at least, their origional F-4E airframe) were produced in 1969 (which makes them older than I am). Yet the F-4G squadron had better numbers meeting their sorties than squadrons equiped with later (F-16 and F-15) aircraft.
I would suppose there's something to be said for years of experience maintaining a system and dealing with its oddities.
Scott Kurtz of PvP fame write a nice rant followed by his own parody of this infamous work. I find it interesting considering Kurtz mentions his Christian beliefs on occasion (while still supporting gaming, including the dice-and-paper variety... or at least he did at the time - his roleplay link is no longer advertised). Its a nice counterpoint to Chick and the individuals he links to.
I'm sure I'm not the only one to think the following:
When I first heard of "Magic Lantern", I thought "wow... what a cushy development contract." Audit BO2K code. Add some stern boilerplate text and a FBI logo or two. Package it up and ship it out. Voila - Magic Lantern.
Now - this might sound a bit dishonest. But whoever had the chance to do this would be providing an important service.
It has been my experience with a couple of US gov't agencies that often (but not always, of course) senior IT officials have a strong suspicion of "freeware". And, of course, anything "open source" is "freeware" in their eyes. Nevertheless, if open source projects make it in to the IT environment under a contract or commercial product, these same managers do not bat an eyelash.
So the valuable service I mentioned is, in effect, converting BO2K Open Source / "freeware" to "commercial" status.
AV companies provide more than just the scanning software - there's weekly updates, rapid response updates if a nasty virus gets loose (detection is often available within the hour in the case of something like Nimda)
I generally agree with your statement. But just for clarity - I believe it took a matter of days to get accurate nimda signatures out. That's not to say the AV industry doesn't do good work. But rather, they're not impervious.
The security community itself does a wonderful job at producing information. Free information. Although there's considerable difference between a writeup of a worm/virus and a virus signature.
A long time ago USArmy decided that biological harzadous weapons would be a great idea. Then they developed a deadly biological weapon, they called A-n-t-h-r-a-x.
There is one implied point that I can agree with - development of offensive techniques can come back to bite one. However, the example of anthrax is increadably lax in fact.
Others have already pointed out that anthrax is a natural agent. It is one of few agents known that could be deadly enough to be used as a weapon. Research in this agent have been towards defense against the weapon as well as creating a more effective strain.
One thing that hasn't been pointed out is that this is not the sole realm of the US military nor Mr. Bush (either one). Anthrax research began over 80 years ago. And not just by the US. The Biological Weapons and Toxins Convention produced many signers agreeing to prohibit offensive biological weapons research and production. But it has done little good. There are numerous states and autonomous groups (ie: terrorists) continuing development of biological weapons. And two major signers of the convention, Iraq and the former Soviet Union, later acknologed continued offensive biological weapons programs. Today, there are believed to be at least 17 nations with offensive biological weapons programs.
Iraq itself has claimed to have produced "weaponized" anthrax. There are fears that former USSR scientists have been hired by external interests for their knowledge of anthrax based weapons. And of course, it is unknown how many terrorist organizations have their own biological weapons programs. One known group Aum Shinrikyo, responsible for release of sarin in a Tokyo subway station, attempted to release anthrax and botulism throughout Tokyo on 8 occasions with (thankfully) negative resaults.
The US Army and Mr. Bush may not be helping the situation with the state of biological threats in the world. But they are far from the only cause of this threat.
The threat offered by Magic Lantern is a bit different than anthrax. Defense against biological weapons are, for the most part, a resonsiblity of the State. However, security of private networks have been, and really should continue to be, the resonsibility of those who own those networks. If those in the industry who provide key solutions to private security conserns wish to hamstring their products, then those who are responsible for their benifactor's network security should know. And adjust their contracts / purchases / strategy accordingly.
If they're that smart, how come Voyager lasted seven years? Hell, if they're that smart, how come Mutant X has lasted seven episodes?
SciFi fandom is kinda odd like that. There's a whole slew of questionable works that are idolized. Even if part of that appreciation is the acknolodgement of the individual work's flaws. It would seem that sometimes there is more to a work than its obvious flaws. Or maybe there's some enjoyment in the horrid aspect of a work (MST3K!).
Or sometimes SciFi fans are so desperate for scifi that they'll support anything that comes remotely close to their interest.
"We will finally do something I can understand - less 'Star Trek' and more 'Hercules'. I'll be able to read my script without getting a headache. And I hope to be wearing tight leather pants soon."
Anyone know what it actually said? I didn't know German back then, and I still don't. I always assumed it was something like "Stop! Come here!" (sounded something like "Halt! Kommen sie!" but apparently that's not proper German:)
I seem to remember something like that when you were spotted. The one that I remember well was "kaput" when you were captured and the game was over.:)
There's some nice screen shots and audio saples at this site. Although, they mention the C=64 and Atari 800 but neglect to mention any Apple machines of the era (heck - I didn't remember an Atari version).
A lot of people seem to think Wolfenstein 3D was the game that started it all... well, maybe in terms of FPS, but not the start of the Wolfenstein series.
Castle Wolfenstein had some interesting aspects. Use of a software voice synthesizer was pretty cool, if a bit rough. Wolfenstein II added some additional stealth aspects (sneak up on a guard and knife him, find a secluded spot to reset that damn briefcase charge, etc). Both cool games. Of course - I always had a hard time seeing those two classics as linked with Wolfenstein 3D in any other way but name.
The first was Castle Wolfenstein [jollyrogers.com], a great old game originally for the Apple computer (as in II, II+, IIc kind of thing, not Mac).
Copy protection in itself I don't mind, if people want to get paid for their efforts I don't see why they shouldn't. But when you can't use the product you just paid for, something's gone awry.
Copy protection doesn't work. I watched the industry pull out an entire bag of tricks during the 80s. In each and every case, I watched an entire community who dealt in illicit data sidestep these hurdles.
And even more telling, I watched legitimate users who's purchase price had gone towards funding these copy-protection schemes turn to the underground community to remove these protections. Copy protection had become so intrusive that it interfered with the product's functionality.
Eventually the industry gave up. Copy protection schemes were expensive to develop and deploy. They were quickly circumvented. And they interfered with customers.
At least - thats what it looked like. Seems we're about to go through the cycle again.
On that note, why has the music industry not taken a tip from mints? After all, why don't more people forge money all over the place? Because it is too expensive. (i.e. Printing equipment, speical paper, etc etc.)
Quite a few years a go, I spent some time in the Middle East - Saudi Arabia and Kuwait. At the time, these countries did not honor international treaties concerning copyright. There was an entire industry of counterfeit products - some of which caught my attention were software (you paid for the floppies which were duplicated while-you-wait), software manuals, and music.
Counterfeit music stores were everywhere. Racks and racks of cheap, unlabled tapes housed in cheap covers with questionable artwork (side note: artwork blacked out "excessive" female skin in accordance with local laws but Madonna's erotica-laddened lyrics went unscathed). The recordings themselves were suitable enough. The tapes made use of extra space by including a few tracks from simular artists (kind of a bonus). And the product, while cheap, was inexpensive.
One would expect that legitimate music products couldn't exist in this environment. One would be wrong.
First - at the time, it seems that CDs were too expensive to create (CD burners weren't as inexpensive then). Legitimate CDs were sold on racks right accross from the counterfeit tapes. Which kind of makes sense - the product was too expensive to create and sell cheaply, yet there was added value in this format. There was a market for them.
I was very suprised to find legitimate tapes at a store in Kuwait City. Most of the music stores I had seen were, frankly, low-budget affairs. This particular store would have been at home in any mall in the US. It was chock full of CDs, listening stations, stereo equipment, conterfeit tapes, and a wide selection of legitimate tapes. Prominent over the legitimate tape selection was a (I believe Sony) sign extolling the high quality of legitimate tape music products.
And the legitimate tapes were selling.
The price for the legit tapes were a bit more than the conterfeit tapes. But they had obvious advantages in quality. That combination of a reasonable price and better quality tape offered a competitive product to cheap knock-offs.
Its interesting to watch the music industry now. Their control over distribution is crumbling. The market they're used to is being eroded by the free flow of data (legitimate or not). Its got to be stressful to watch your industry's business plan evaporate.
But all's not lost for them. They've competed in this kind of market with the Middle East. It all comes down to a competative product. Provide something of value at a reasonable price. The music industry has the resources to create a great product at a price point that would be difficult for conterfeiters to compete with - and may even make it worth the public's time to purchase rather than try and copy/pirate.
Actually, Netscape never made much of their money from the browser business -- they made their money from server sales. You complain about Microsoft giving away a browser, but Netscape did exactly the same thing.
Oddly enough - I remember seeing plenty of Netscape Navigator boxes on the shelves but not a single copy of Microsoft Internet Explorer for sale. Sure - you could always download free copies of the beta versions. Dance on the bleeding edge. Which was fine for me (and other techies like me). But sales were happening and Microsoft interupted that.
On Jan. 5, Netscape shocked Wall Street by disclosing that it expects to post a loss of up to $18 million in the fourth quarter because of a steep drop in Web-browser sales and fierce price competition for server-software sales from Microsoft Corp. and IBM. The Mountain View (Calif.) company says it expects revenue of $125 million to $130 million--far below earlier expectations of $165 million. That's because Netscape's browser sales fell 37%, to $17 million, in the fourth quarter, vs. $27 million in the previous quarter. A key reason: Microsoft copied Netscape's plan, giving away its Internet Explorer while the startup began charging a few dollars. And now, Netscape is down to a 60% share.
By this point, Netscape WAS very busy attempting to flesh out their server products. There was no choice.
On a side note - Netscape started the meme "the browser is the OS." Microsoft paid attention while some scoffed. They attacked the browser, made the OS the browser, and are now preparing to launch.NET.
If Breaking a monopoly up is meant to encourage competition, how will splitting Microsoft into an OS division and application division encouraging competition? Now you have two companies, one with a monopoly in OS's and the other in Internet and applications.
Do a little poking around. The concept, and the merrits of this idea, have been covered and debated rather well on Slashdot and a number of other forumns. Without going in to said merrits, I'll outline the basic concept as I understand it.
The basic idea revolves around Microsoft's using a monopoly in one area to enforce a monopoly in another area (and back). Product development is done with marketing and monopoly enforcement in mind as much as functionality. Spliting these divisions would remove the incentive to enforce another division's monopoly (or provide undue advantages to another division). The divisions would then be forced to compete with other products on a more even playing field.
Again - there's a lot more detail and a some considerable debate on the merrits of these concepts. Dig around. Its easy to find and repeated numerous times via numerous sources.
And when they seperate, what would hold the Internet/Application company from charging for Internet Explorer?
The market. Would you pay for IE after X years of getting it for free? Would you pay for it rather than use other free products? And if you had to pay for IE, would you then consider other products that also require payment (such as Opera)? Oddly enough - that's the workings of a free market.
Haven't you noticed the US trend? Everything is X-something or Something eXtreme. Its marketing. And the Star Trek franchise has noticed.
Of course - now that Star Trek: Enterprise has been launched, its time to get a few other Star Trek shows launched. Its worked before. So with the intent of going after an even younger, edgy audience there will be a new series to continue the trend established with ST:Enterprise.
By capping off uploads and killing off the divx groups @home completely negated the purpose of broadband
Subscribe to external news sources - probably put you down $10/mo. Sure, that's ANOTHER $10 a month out of your pocket. But if you're feeling squirley, consider what that costs the provider.
The traffic used to have a set cost as defined by upkeep of the internal network - call it "internal cost". Now the same traffic has that internal cost as well as the cost associated with increased traffic from the upstream provider. Its possible that the cost of this external traffic is less than the cost of providing better usenet service. Its also very possible this same traffic now has considerably higher cost.
How on earth would Microsoft kill Linux? It's not like Linux is developed by some company or individual that they can just wipe out.
That's one of the facinating things about Linux and the marketplace. Linux introduces some new ripples in the old tech industry gambit.
Usually it involves attacking the marketability of a product until it is no longer financially feasable to support it. The product slips in to the business depths as its no longer financially boyant, but its too valuable to simply put in to the public domain.
The product dies.
Linux, of course, can't die in this manner. That's one of Linux's big selling points. The investment in architecture doesn't get sacrificed to end-of-life or upgrade cycles. Linux won't be killed off.
But...
Linux is currently enjoying some generally positive industry support. Microsoft's only target is that support. While industry support isn't critical to Linux, it does help.
So - "kill" is a really debatable point. But "hurt" is at least very likely.
I'd like to know more about this case. Actually, I'd like to hear the inside scoop on what happened - but alas, we're not likely to.
I've been involved in enough IT architecture projects to understand that the technologies involved aren't always the driving factor to a project's success. Politics does a lot to aid or kill a project. And sometimes projects are labled as "wins" when those with inside technical knowledge know that it was really an utter failure.
Its very possible a Win2k solution managed to flourish where a Linux solution didn't. But its difficult to really get an honest picture of the case from an internal marketing memo from Microsoft.
This has already been labled as a troll - probably because it consists of common themes that surface and are debated. Its almost good old fashioned FUD. But enough bashing - lets hash out the issues.
Linux is not remotely a threat on the desktop - as long as it has multiple different GUI's and window managers and toolkits and all the rest, and a lack of a decent browser or office solution, it always will not be a threat.
I always enjoy these points. I might be failing to grasp the concept here - but I just don't see a problem with multiple toolkits, managers, etc. I can jump between KDE, GNOME, Winowmaker, Enlightenment, Sawfish... and still run all my apps without problems. What we're missing is tighter integration. It seems that KDE and GNOME are working on the architecture that'll provide the means for this integration in the future.
Its all personal preference, but I'm finding the browser and office apps sufficient on Linux now. And they're improving. They may or may not be the best available - but then, "best" is only one of many factors in the IT industry. The biggest challenge may very well be nailing the moving target for office automation - MS Office data formats.
On the server end, Linux is more of a threat, but Microsoft has never had a big slice of this market anyway. If anything FreeBSD is a greater threat than Linux in this arena, as it is better performing.
*BSD may be a better performer - but we've already touched on the fact that doesn't mean everything. BSD doesn't have marketing buzz around it. IBM isn't supporting and pushing for it. And that's probably a shame - BSD deserves more credit for where it is now, and where it'll be in the future. But in the end its a moot point. BSD represents the same threat to Microsoft that Linux does. They both provide a route to Intel-based hardware without Microsoft.
However, MS will always have a big place of the server market for as long as they produce a system that is easy to use. Not everyone can afford £60,000 a year for a Unix export, especially small businesses, to keep a server running. MS ensure that a boss can do such things part time - this has really driven the internet revolution, by opening access to the internet to many who would have been cut out by a skills shortage before.
There are a lot of businesses that can't afford ANY kind of dedicated IT expertise. Heck - even major governments and corporations out-source. That's why IT has a thriving consultant / out-sourcing industry.
I've found a rather nice consultant market supporting small businesses. Especially ones that started up their own internal IT and now need help. Running reliable network services requires more than finding somewhere to go clicky-clicky.
In some cases, I've helped stabalize their Windows environment. Build up missing pieces. Sometimes missing pieces include Linux (or *BSD) solutions - including web/gui admin tools. Sometimes Windows machines get replaced by Linux. In the end, its about providing a reliable infrastructure. Windows or not - that takes some knowlege.
All in all, I can see that MS are wary of Linux, but in truth they have nothing to worry about, as the two OS'es operate in different spheres, and don't really compete at all except in the minds of unthinking Linux apologists and Windows Advocates.
If we assume the leaked letter is accurate, then the whole idea of the two OS not competing is already proven to be false. And its not too great a stretch to believe the letter could be true. Both Linux and Win2k provide viable server solutions on commodity hardware (even if it might be slightly more specialized server versions of that hardware). Once you hit that hardware, a major price point is hit. All you've got left to argue is licencing and support contracts. And in the end, that gets swalled up in marketing.
Windows will always have 95% of te market, MS need have no fear of that. The only way Linux will threaten this is if they start behaving in a more proprietry fashion by gearing things at the consumer and not at the Linux Geek.
You're talking desktop. As this article is covering the server side, I'm tempted to say its missing the point (as is all the other desktop talk). But it does touch on some interesting themes.
The first is that Microsoft (like other tech giants such as Intel) know how volatile the tech industry is. They've profited by it. And they're paranoid that they'll fall victom to it. In short, current dominence does not guarentee the future. Enter.NET.
We all know Microsoft is investing heavily in.NET and there are probably many reasons for this. In short, if Microsoft is going to have a future.NET is going to be it. So.NET needs to be successful. The more Windows servers out there the better. As Linux gains ground, the more impact it will have on the success of.NET. The future is far from certain for Microsoft.
Linux could use some consumer-targeted improvements. But that doesn't have to happen at the expense of the "Linux Geek" or flocking to a proprietry stance.
Linux is usable today.
On the desktop, power users should have no problems. Complete novices should also have no problems assuming that the system is preconfigured (they would trip over either Windows or Linux if they had to do their own installs) and suitable applications exist (email, web browsing, etc). Its the desktop middle ground that will find Linux a challenge - perhapse more challenge than what they would get in return for the effort.
On the server (where this article is really focused) Linux is a viable competitor. It provides services and hardware support that makes it attractive. It has invaded the space previously held almost solely by Microsoft.
I'm not sure what the solution should be, but SOMEthing needs to be done.
...
Cmdr, since you seem to oppose stricter rules on full disclosure, what do you think could be done to make things more secure for us here in the trenches (who don't want to become security experts just so they can run a PC)?
Please allow some constructive criticism. The concept of not knowing what the situation is, what a proper solution is, but calling for something to be done is very simular to shooting blindly in to the dark. I can agree to looking for an action to take - to seeking a target. But taking blind potshots is just as likely to end up hitting an innocent bystander or your own foot.
As others have pointed out, the exchange of information is going to happen one way or another. Illicit data gets exchanged via an underground community every day. Restricting the highly visiable and open channels will not stop this. Doing so is just a wild shot in the dark.
But you still want to do something. What to do?
My advice is to educate yourself, or get help from a friend or hired professional. And there's ample history that points to this concept.
The microcomputer hit the market. Killer apps showed up that drove them in to homes and businesses. Individuals either had to learn how to set up and use these devices themselves or hire others to do it. One could argue the beginnings of IT departments and consultants.
Networking small computers begins to catch on. Now there's a new wave of technology. Existing support staff either learned the new technology or increased their ranks with already knowledable staff. The IT department takes on a whole new level of responsibility.
The Internet hits the mainstream. Smaller, private networks interconnect to a world-wide network. In many cases, this involves a whole new series of networking concepts and technology. IT picks up the pace. There is more training to be done.
Enter information security. Individuals and businesses learn that world-wide network access is a two-way street. Many products and services are woefully inadequate. There is, once again, a whole slew of new concepts and technologies to learn.
Each step involves a minimum level of knowledge required to go it on your own. The huge advantage with the infosec portion is that, thanks to open disclosure, there is also a wealth of information available online. There are also some very good books on the subject. Sure - a lot of that stuff is mainly for the hobbiest or professional. But there is also a wealth of information for the beginner - the basics.
So what does the average end user do? Educate themselves. Learn the basics. Or hire / offer a beer to someone who can help you. Look at what products you're buying and using. Security reviews of products (especially security products like personal firewalls) are fairly common. Do a bit of product research. Use the best that you can find/afford.
If you've been around computers for any length of time these concepts (education, product knowledge, and expert help) shouldn't be new.
One final, parting shot. One of my favorite infosec concepts is the inverse relationship between functionality and security. The more secure something is, the harder it is to use (and vise versa). Functionality is what has been driving the IT industry for the last couple decades (at least). Its made it possible for a wide degree of products that "just work" with little knowledge from the end user. However, this has also lead to huge insecure infrastructure.
Every time the issue of insecure wireless networks come up there's always a slew of posts talking about the proper way to deploy wireless. Quite often it has to do with the wireless access point's relation to a firewall. VPNs and other similar technologies quickly follow. Good stuff. But there's one issue that seems to be missed all the time. Rogue access points.
Setting up a rogue access point in your office is simple and cheap. It will cost about $200 and setting it up is as easy as plugging it in to a spare network drop. Click. You no longer have to fight for a port on the conference room's hub. Of course, these access points tend to default in a highly functional but minimally secure configuration. So anyone within range of that access point doesn't have to fight for a port on the hub, or any physical connection, for access to the internal network either.
One has to wonder how many of these discovered networks are found via rogue access points.
This presents a serious problem for any company's network security. Rogue AP's can spring up like mushrooms. They're difficult to detect. And even if you do find one, its a game of whack-a-mole as you disable one while others pop up.
So what to do? First thing to do is remove the motivation behind rogue access points. Make the darned things available. IT should be considering an appropriate roll-out of this technology now. If the demand isn't there yet, it will be later. And if you don't provide it, your end users will provide it themselves.
Still need to hunt down rogue access points? Kirby Kuehl has a neat little project called aptools to help.
Our hero theif will have to bungie from a helicopter in to the office building's atrium, then hang from his feet while he "hacks the network" because "sideband rf degradation" will prevent access from the street.
The laptop may or may not feature transparent windows and Blue Steel decorations. But it will have an obvious Apple logo.
With the pump guns, you can hold the trigger down, and pump the gun once for every shot you want to fire.
What you're referring to is an auto-trigger. At one time, they were quite the new thing to paintguns. Now, they're pretty standard on all pumpguns.
You CAN sling some paint using one of those. But you're going to be highly erratic as pumping will move the gun around considerably. A true semi-auto will maintain a much tighter shot pattern.
Having said that - I often play with my good 'ole PMI Piranha during scenario games. And its so old, it doesn't even have an auto-trigger.
The US likes to bandy about its ideals of freedom. They're right there in our Constitution. Its part of the propoganda that politicians use to rally the populas during times of crisis and drives our military volunteers to shoulder great risks. It is part of our history. It is the foundation of our identity as a nation.
And it is slowly being chipped away by special interest groups; in this case big business.
One has to wonder how other nations and their governments fare under this onslaught. Especially if "freedom" is not as prominent in the nation's identity.
In this example, it seems that the UK may not be doing any better than the US.
I would suppose there's something to be said for years of experience maintaining a system and dealing with its oddities.
Scott Kurtz of PvP fame write a nice rant followed by his own parody of this infamous work. I find it interesting considering Kurtz mentions his Christian beliefs on occasion (while still supporting gaming, including the dice-and-paper variety... or at least he did at the time - his roleplay link is no longer advertised). Its a nice counterpoint to Chick and the individuals he links to.
When I first heard of "Magic Lantern", I thought "wow... what a cushy development contract." Audit BO2K code. Add some stern boilerplate text and a FBI logo or two. Package it up and ship it out. Voila - Magic Lantern.
Now - this might sound a bit dishonest. But whoever had the chance to do this would be providing an important service.
It has been my experience with a couple of US gov't agencies that often (but not always, of course) senior IT officials have a strong suspicion of "freeware". And, of course, anything "open source" is "freeware" in their eyes. Nevertheless, if open source projects make it in to the IT environment under a contract or commercial product, these same managers do not bat an eyelash.
So the valuable service I mentioned is, in effect, converting BO2K Open Source / "freeware" to "commercial" status.
What a cushy contract.
I generally agree with your statement. But just for clarity - I believe it took a matter of days to get accurate nimda signatures out. That's not to say the AV industry doesn't do good work. But rather, they're not impervious.
The security community itself does a wonderful job at producing information. Free information. Although there's considerable difference between a writeup of a worm/virus and a virus signature.
There is one implied point that I can agree with - development of offensive techniques can come back to bite one. However, the example of anthrax is increadably lax in fact.
Others have already pointed out that anthrax is a natural agent. It is one of few agents known that could be deadly enough to be used as a weapon. Research in this agent have been towards defense against the weapon as well as creating a more effective strain.
One thing that hasn't been pointed out is that this is not the sole realm of the US military nor Mr. Bush (either one). Anthrax research began over 80 years ago. And not just by the US. The Biological Weapons and Toxins Convention produced many signers agreeing to prohibit offensive biological weapons research and production. But it has done little good. There are numerous states and autonomous groups (ie: terrorists) continuing development of biological weapons. And two major signers of the convention, Iraq and the former Soviet Union, later acknologed continued offensive biological weapons programs. Today, there are believed to be at least 17 nations with offensive biological weapons programs.
Iraq itself has claimed to have produced "weaponized" anthrax. There are fears that former USSR scientists have been hired by external interests for their knowledge of anthrax based weapons. And of course, it is unknown how many terrorist organizations have their own biological weapons programs. One known group Aum Shinrikyo, responsible for release of sarin in a Tokyo subway station, attempted to release anthrax and botulism throughout Tokyo on 8 occasions with (thankfully) negative resaults.
The US Army and Mr. Bush may not be helping the situation with the state of biological threats in the world. But they are far from the only cause of this threat.
The threat offered by Magic Lantern is a bit different than anthrax. Defense against biological weapons are, for the most part, a resonsiblity of the State. However, security of private networks have been, and really should continue to be, the resonsibility of those who own those networks. If those in the industry who provide key solutions to private security conserns wish to hamstring their products, then those who are responsible for their benifactor's network security should know. And adjust their contracts / purchases / strategy accordingly.
SciFi fandom is kinda odd like that. There's a whole slew of questionable works that are idolized. Even if part of that appreciation is the acknolodgement of the individual work's flaws. It would seem that sometimes there is more to a work than its obvious flaws. Or maybe there's some enjoyment in the horrid aspect of a work (MST3K!).
Or sometimes SciFi fans are so desperate for scifi that they'll support anything that comes remotely close to their interest.
"We will finally do something I can understand - less 'Star Trek' and more 'Hercules'. I'll be able to read my script without getting a headache. And I hope to be wearing tight leather pants soon."
I seem to remember something like that when you were spotted. The one that I remember well was "kaput" when you were captured and the game was over.
There's some nice screen shots and audio saples at this site. Although, they mention the C=64 and Atari 800 but neglect to mention any Apple machines of the era (heck - I didn't remember an Atari version).
Castle Wolfenstein had some interesting aspects. Use of a software voice synthesizer was pretty cool, if a bit rough. Wolfenstein II added some additional stealth aspects (sneak up on a guard and knife him, find a secluded spot to reset that damn briefcase charge, etc). Both cool games. Of course - I always had a hard time seeing those two classics as linked with Wolfenstein 3D in any other way but name.
AND for the Commodore 64 (C=64) too!
I was making a little joke. Cheap quality. Inexpensive price. Yea - I know, it was lame. :)
And even more telling, I watched legitimate users who's purchase price had gone towards funding these copy-protection schemes turn to the underground community to remove these protections. Copy protection had become so intrusive that it interfered with the product's functionality.
Eventually the industry gave up. Copy protection schemes were expensive to develop and deploy. They were quickly circumvented. And they interfered with customers.
At least - thats what it looked like. Seems we're about to go through the cycle again.
Counterfeit music stores were everywhere. Racks and racks of cheap, unlabled tapes housed in cheap covers with questionable artwork (side note: artwork blacked out "excessive" female skin in accordance with local laws but Madonna's erotica-laddened lyrics went unscathed). The recordings themselves were suitable enough. The tapes made use of extra space by including a few tracks from simular artists (kind of a bonus). And the product, while cheap, was inexpensive.
One would expect that legitimate music products couldn't exist in this environment. One would be wrong.
First - at the time, it seems that CDs were too expensive to create (CD burners weren't as inexpensive then). Legitimate CDs were sold on racks right accross from the counterfeit tapes. Which kind of makes sense - the product was too expensive to create and sell cheaply, yet there was added value in this format. There was a market for them.
I was very suprised to find legitimate tapes at a store in Kuwait City. Most of the music stores I had seen were, frankly, low-budget affairs. This particular store would have been at home in any mall in the US. It was chock full of CDs, listening stations, stereo equipment, conterfeit tapes, and a wide selection of legitimate tapes. Prominent over the legitimate tape selection was a (I believe Sony) sign extolling the high quality of legitimate tape music products.
And the legitimate tapes were selling.
The price for the legit tapes were a bit more than the conterfeit tapes. But they had obvious advantages in quality. That combination of a reasonable price and better quality tape offered a competitive product to cheap knock-offs.
Its interesting to watch the music industry now. Their control over distribution is crumbling. The market they're used to is being eroded by the free flow of data (legitimate or not). Its got to be stressful to watch your industry's business plan evaporate.
But all's not lost for them. They've competed in this kind of market with the Middle East. It all comes down to a competative product. Provide something of value at a reasonable price. The music industry has the resources to create a great product at a price point that would be difficult for conterfeiters to compete with - and may even make it worth the public's time to purchase rather than try and copy/pirate.
Oddly enough - I remember seeing plenty of Netscape Navigator boxes on the shelves but not a single copy of Microsoft Internet Explorer for sale. Sure - you could always download free copies of the beta versions. Dance on the bleeding edge. Which was fine for me (and other techies like me). But sales were happening and Microsoft interupted that.
From a Business Week commentary circa 1998:
By this point, Netscape WAS very busy attempting to flesh out their server products. There was no choice.
On a side note - Netscape started the meme "the browser is the OS." Microsoft paid attention while some scoffed. They attacked the browser, made the OS the browser, and are now preparing to launch
Do a little poking around. The concept, and the merrits of this idea, have been covered and debated rather well on Slashdot and a number of other forumns. Without going in to said merrits, I'll outline the basic concept as I understand it.
The basic idea revolves around Microsoft's using a monopoly in one area to enforce a monopoly in another area (and back). Product development is done with marketing and monopoly enforcement in mind as much as functionality. Spliting these divisions would remove the incentive to enforce another division's monopoly (or provide undue advantages to another division). The divisions would then be forced to compete with other products on a more even playing field.
Again - there's a lot more detail and a some considerable debate on the merrits of these concepts. Dig around. Its easy to find and repeated numerous times via numerous sources.
The market. Would you pay for IE after X years of getting it for free? Would you pay for it rather than use other free products? And if you had to pay for IE, would you then consider other products that also require payment (such as Opera)? Oddly enough - that's the workings of a free market.
Haven't you noticed the US trend? Everything is X-something or Something eXtreme. Its marketing. And the Star Trek franchise has noticed.
Of course - now that Star Trek: Enterprise has been launched, its time to get a few other Star Trek shows launched. Its worked before. So with the intent of going after an even younger, edgy audience there will be a new series to continue the trend established with ST:Enterprise.
Star Trek eXtreme (aka Star Trek X).
Or not.
Subscribe to external news sources - probably put you down $10/mo. Sure, that's ANOTHER $10 a month out of your pocket. But if you're feeling squirley, consider what that costs the provider.
The traffic used to have a set cost as defined by upkeep of the internal network - call it "internal cost". Now the same traffic has that internal cost as well as the cost associated with increased traffic from the upstream provider. Its possible that the cost of this external traffic is less than the cost of providing better usenet service. Its also very possible this same traffic now has considerably higher cost.
In any case - you get better usenet service.
That's one of the facinating things about Linux and the marketplace. Linux introduces some new ripples in the old tech industry gambit.
Usually it involves attacking the marketability of a product until it is no longer financially feasable to support it. The product slips in to the business depths as its no longer financially boyant, but its too valuable to simply put in to the public domain.
The product dies.
Linux, of course, can't die in this manner. That's one of Linux's big selling points. The investment in architecture doesn't get sacrificed to end-of-life or upgrade cycles. Linux won't be killed off.
But...
Linux is currently enjoying some generally positive industry support. Microsoft's only target is that support. While industry support isn't critical to Linux, it does help.
So - "kill" is a really debatable point. But "hurt" is at least very likely.
I've been involved in enough IT architecture projects to understand that the technologies involved aren't always the driving factor to a project's success. Politics does a lot to aid or kill a project. And sometimes projects are labled as "wins" when those with inside technical knowledge know that it was really an utter failure.
Its very possible a Win2k solution managed to flourish where a Linux solution didn't. But its difficult to really get an honest picture of the case from an internal marketing memo from Microsoft.
Its all personal preference, but I'm finding the browser and office apps sufficient on Linux now. And they're improving. They may or may not be the best available - but then, "best" is only one of many factors in the IT industry. The biggest challenge may very well be nailing the moving target for office automation - MS Office data formats.
*BSD may be a better performer - but we've already touched on the fact that doesn't mean everything. BSD doesn't have marketing buzz around it. IBM isn't supporting and pushing for it. And that's probably a shame - BSD deserves more credit for where it is now, and where it'll be in the future. But in the end its a moot point. BSD represents the same threat to Microsoft that Linux does. They both provide a route to Intel-based hardware without Microsoft. There are a lot of businesses that can't afford ANY kind of dedicated IT expertise. Heck - even major governments and corporations out-source. That's why IT has a thriving consultant / out-sourcing industry.I've found a rather nice consultant market supporting small businesses. Especially ones that started up their own internal IT and now need help. Running reliable network services requires more than finding somewhere to go clicky-clicky.
In some cases, I've helped stabalize their Windows environment. Build up missing pieces. Sometimes missing pieces include Linux (or *BSD) solutions - including web/gui admin tools. Sometimes Windows machines get replaced by Linux. In the end, its about providing a reliable infrastructure. Windows or not - that takes some knowlege.
If we assume the leaked letter is accurate, then the whole idea of the two OS not competing is already proven to be false. And its not too great a stretch to believe the letter could be true. Both Linux and Win2k provide viable server solutions on commodity hardware (even if it might be slightly more specialized server versions of that hardware). Once you hit that hardware, a major price point is hit. All you've got left to argue is licencing and support contracts. And in the end, that gets swalled up in marketing. You're talking desktop. As this article is covering the server side, I'm tempted to say its missing the point (as is all the other desktop talk). But it does touch on some interesting themes.The first is that Microsoft (like other tech giants such as Intel) know how volatile the tech industry is. They've profited by it. And they're paranoid that they'll fall victom to it. In short, current dominence does not guarentee the future. Enter .NET.
We all know Microsoft is investing heavily in .NET and there are probably many reasons for this. In short, if Microsoft is going to have a future .NET is going to be it. So .NET needs to be successful. The more Windows servers out there the better. As Linux gains ground, the more impact it will have on the success of .NET. The future is far from certain for Microsoft.
Linux could use some consumer-targeted improvements. But that doesn't have to happen at the expense of the "Linux Geek" or flocking to a proprietry stance.
Linux is usable today.
On the desktop, power users should have no problems. Complete novices should also have no problems assuming that the system is preconfigured (they would trip over either Windows or Linux if they had to do their own installs) and suitable applications exist (email, web browsing, etc). Its the desktop middle ground that will find Linux a challenge - perhapse more challenge than what they would get in return for the effort.
On the server (where this article is really focused) Linux is a viable competitor. It provides services and hardware support that makes it attractive. It has invaded the space previously held almost solely by Microsoft.
As others have pointed out, the exchange of information is going to happen one way or another. Illicit data gets exchanged via an underground community every day. Restricting the highly visiable and open channels will not stop this. Doing so is just a wild shot in the dark.
But you still want to do something. What to do?
My advice is to educate yourself, or get help from a friend or hired professional. And there's ample history that points to this concept.
The microcomputer hit the market. Killer apps showed up that drove them in to homes and businesses. Individuals either had to learn how to set up and use these devices themselves or hire others to do it. One could argue the beginnings of IT departments and consultants.
Networking small computers begins to catch on. Now there's a new wave of technology. Existing support staff either learned the new technology or increased their ranks with already knowledable staff. The IT department takes on a whole new level of responsibility.
The Internet hits the mainstream. Smaller, private networks interconnect to a world-wide network. In many cases, this involves a whole new series of networking concepts and technology. IT picks up the pace. There is more training to be done.
Enter information security. Individuals and businesses learn that world-wide network access is a two-way street. Many products and services are woefully inadequate. There is, once again, a whole slew of new concepts and technologies to learn.
Each step involves a minimum level of knowledge required to go it on your own. The huge advantage with the infosec portion is that, thanks to open disclosure, there is also a wealth of information available online. There are also some very good books on the subject. Sure - a lot of that stuff is mainly for the hobbiest or professional. But there is also a wealth of information for the beginner - the basics.
So what does the average end user do? Educate themselves. Learn the basics. Or hire / offer a beer to someone who can help you. Look at what products you're buying and using. Security reviews of products (especially security products like personal firewalls) are fairly common. Do a bit of product research. Use the best that you can find/afford.
If you've been around computers for any length of time these concepts (education, product knowledge, and expert help) shouldn't be new.
One final, parting shot. One of my favorite infosec concepts is the inverse relationship between functionality and security. The more secure something is, the harder it is to use (and vise versa). Functionality is what has been driving the IT industry for the last couple decades (at least). Its made it possible for a wide degree of products that "just work" with little knowledge from the end user. However, this has also lead to huge insecure infrastructure.
Setting up a rogue access point in your office is simple and cheap. It will cost about $200 and setting it up is as easy as plugging it in to a spare network drop. Click. You no longer have to fight for a port on the conference room's hub. Of course, these access points tend to default in a highly functional but minimally secure configuration. So anyone within range of that access point doesn't have to fight for a port on the hub, or any physical connection, for access to the internal network either.
One has to wonder how many of these discovered networks are found via rogue access points.
This presents a serious problem for any company's network security. Rogue AP's can spring up like mushrooms. They're difficult to detect. And even if you do find one, its a game of whack-a-mole as you disable one while others pop up.
So what to do? First thing to do is remove the motivation behind rogue access points. Make the darned things available. IT should be considering an appropriate roll-out of this technology now. If the demand isn't there yet, it will be later. And if you don't provide it, your end users will provide it themselves.
Still need to hunt down rogue access points? Kirby Kuehl has a neat little project called aptools to help.
Our hero theif will have to bungie from a helicopter in to the office building's atrium, then hang from his feet while he "hacks the network" because "sideband rf degradation" will prevent access from the street.
The laptop may or may not feature transparent windows and Blue Steel decorations. But it will have an obvious Apple logo.
What you're referring to is an auto-trigger. At one time, they were quite the new thing to paintguns. Now, they're pretty standard on all pumpguns.
You CAN sling some paint using one of those. But you're going to be highly erratic as pumping will move the gun around considerably. A true semi-auto will maintain a much tighter shot pattern.
Having said that - I often play with my good 'ole PMI Piranha during scenario games. And its so old, it doesn't even have an auto-trigger.
Another great outfit is Mackz Xtreme Sportz. Viper's games are also great.