Good point. A quick web search will also reveal price comparison sites showing plenty of 12/24Gb DDS3 drives at less than $1000, not the "multi-thousand-dollar" price it says in one of the linked sites (http://www.ajwm.net/backfire/).
People who already have a DV camera may be tempted, but I would worry about reliability of the backups on a device not designed to do the job.
The nice poster I got from SANS with the information about their security conferences for 2001 has several lists of interesting information. One of these is where US monitoring sites report malicious traffic coming from in the first quarter of 2000. Top is USA with 46%, second Canada on 11%, third Russia 8% and so on down. Of the three countries mentioned in the article, Israel is listed at 2%, and Ireland and India are not listed as being in the top four fifths at all (at which point we are down to 1%).
SANS has a good reputation, and I am inclined to believe that they gathered this data in a reputable way. Of course it is possible that US Military/Government sites attract a disproportionate foreign attack profile, but given the suspicion of government that seems popular in the USA, it might go the other way. In the absence of data to the contrary, I do not see any reason to expect a different attack profile. Pointing at foreigners has always been the way to bid for defence funding, so my cynical side suspects that this is on the agenda in the interview.
Many commercial OSes have some kind of evaluation of some version, and some have TCSEC (Orange Book) class B or above (or equivalent under other schemes). If you are really interested, here are some links:
The field has its own specialist jargon, so it may take some effort to make sense of all that. Also remember that resistance to penetration is not required until you get a long way up the scale although it is probably what most people expect to get, only to be disappointed. It is actually very hard to show that a system is penetration resistant, much harder than merely making it penetration resistant (which is hard enough in itself if you want to keep some functionality).
But the Central Office of Information site is terrible; it is a good example of how to confuse the visitor. It shows that the site designer thinks he is clever at scripting, but he is really totally out of touch with the needs of the visitors to the site.
Whatever else you do, don't make that mistake.
Re:I have a question...
on
New Crypto-OS
·
· Score: 1
The most dangerous child molesters are those who obtain positions of authority over vulnerable children. How better to indulge your vile desires than as a member of staff at a childrens home, or as a corrupt policeman with access to personal information that may identify target children through the mechanisms put in place to support RIP? As a corrupt policeman there should be no great problem avoiding the legal safeguards, and the worried parent will be in trouble under RIP if they try to complain that you are accessing data about their children.
The danger of RIP is that it assumes that there are no corrupt police, nor even careless police. RIP creates a compelling reason for criminals to infiltrate any organisation that handles the data, and experience shows that criminals can and will find a way.
This is like MS claiming to have invented a new technology when they came out with their "optical mouse".
Well, they did. All previous optical mice required grids. Microsoft's mouse uses a camera and software capable of comparing images very quickly to determine speed and direction. A far cry from grid-based optical mice.
Yes it was a breakthrough, but it was invented not by Microsoft, but by Gary Gordon at HP Labs. I hope Microsoft had to pay a lot for the right to not mention HP in all the publicity.
Perhaps even Multi-Level Security and Mandatory Access Control - after all, Bell and LaPadula explained their MAC/MLS model with a Multics interpretation. This is what led on to the TCSEC (Orange Book) B1 and above classes.
A journalist's report of one lawyer's interpretation of the treaty is not much to go on. The treaty itself is available, and the journalist seems to have left out a lot of the "without right", "intent" and similar issues that are in the treaty itself.
We should be concerned about this treaty, but base your arguments on the original source, not some journalist's interpretation (or the usual ill-informed speculation you see here).
The lawyer's opinion would also be useful input, but I don't have a reference to that.
*HP -- Their HQ is right down the road from PARC, they have been accused of being too stodgy, they desperately want to play in the big leagues. Seems like a good fit. That's what I'm laying my bet on anyway.
PARC has a reputation for failing to transfer brilliant ideas into the business, why would HP want that? HP Labs may be less well known for revolutionary ideas, but it is respected for success in transferring its research into the product divisions. If HP wants the researchers, it can just hire them, they don't even have to relocate if they want to stay in Palo Alto. What else does PARC have to offer?
Look, SOAP is a protocol.... Try reading the w3.org SOAP proposed spec.... It is a standard way of doing functions over the Internet thru HTTP. On port 80 (i.e., through firewalls).
SOAP can be used with HTTP, but my reading of the spec is that that is just an example, not mandated. SOAP is mostly about using XML to represent data.
Anyone who knows anything about firewalls also knows that port 80 is not the real issue. Using HTTP or HTTP/SSL many, but not all, people can get out through a firewall around their organisation, to at least some sites. If it works, it usually works for ports other than 80 as well as the defaults. This is a quite separate problem from getting in through a firewall to a server that provides access to the data. For many organisations, that takes you into the world of bastion hosts, perimiter networks, and firewall configurations that explicitly cater for the access to that host from outside.
In my opinion, the bottom line is that SOAP will work for simple stuff, but if you care about security you are on your own. The people griping about firewall problems with CORBA, RMI, DCOM etc. will be disappointed if they adopt SOAP as a 'solution'.
As for the rest of.NET, it is a very mixed bag; some is good, some is bad, and some is just ugly. Microsoft will make it happen, we will have to live with it, it will be change, but no guarantee of progress.
austad: I've been using mod_ssl. Much easier to set up, and when I tried Apache-SSL, apache would die unexpectedly and it was SLOW. No problems at all with mod_ssl.
boy case: We use Apache-SSL. We got Apache 1.3.12, iirc, on a pretty standard Redhat 6.1 (yeah I much prefer 6.2 too *g*) and it's never died. It seems plenty fast. I had no problems setting it up either, and Verisign's certificate installed fine.
I tried Apache-SSL first, then switched to mod_ssl; I did not think there was much difference in the difficulty setting them up, both seem quite stable, and speed was not an issue for me - both were fast enough - so I never measured it.
boy case: Have to admit to not trying mod_ssl but I think the tone of the documentation was the deciding factor for me....
The documentation was a factor in my decision to change - I found the mod_ssl documentation much more comprehensive and easier to understand so I did not let the tone bother me.
One particular reason for the switch was that I wanted to use client certificate authentication and mod_ssl seems to be much more flexible in that area. I have set up part of my secure web hierarchy to require CCA with mod_ssl, Apache-SSL seemed to be an all or nothing for the whole site proposition.
Although I find mod_ssl better for CCA, neither is particularly good. I would really like something better than the "fake basic auth" method of access control which both seem to offer in the same way. I would also like to be able to check the revocation list via an LDAP query rather than a file. Unfortunately, I have not had enough spare time to look into this in any detail; this is at-work stuff but not part of my real job unfortunately.
This appears to be a way to get cross-language call compatibility without resorting to RPC ugliness like CORBA or COM/DCOM. Despite RPC protocol's attractiveness, they are bad solutions to the problems they purport to solve.
The 'R' in RPC stands for REMOTE it purports to solve the problem of calling a function in a different machine. Back in the early days of things like Xerox Courier, you would usually be using the same language at both ends.
CORBA is about DISTRIBUTED Object Based Computing. It purports to sove the problem of invoking methods in a different machine. They did this in a way that explicitly caters for different languages at each end, but that is not the primary objective.
The 'D' in DCOM stands for DISTRIBUTED, it is about doing COM between machines, and I would prefer not to talk about that.
RPC is inherently slow. It forces a process context switch, and it forces data to be mangled into a standard streamed format, and the worse thing is that it makes all this look like an innocuous simple function call. I've felt RPC was ugly every since I first saw it.
Doing anything between machines is slow compared with a function call. One reason why CORBA was invented was because old-fashioned RPC made you rewrite your code if you wanted to change which pieces were remote. The advance was to make it possible to get back some of the performance if the thing you were calling happened to be in the same place as you.
This takes a very different approach from RPC. Instead of literally sending messages to one another, languages hand eachother datatypes that they can mutually agree on the interpretation of. Much cleaner and quicker. A function call becomes a function call again. No context switch, no data mangling.
Except that if you want to be able to do "remoting" as MS calls it, you inherit from MarshalByRefObject, and all the stuff you hate comes back again. Fields and attributes automagically become methods (get/set pairs), and a whole stack of marshalling and transport stuff kicks in as soon as the object you are calling is remote. What looks like an access to a field of some object gets mangled into a streamed format, by default using XML which is verbose and expensive compared to your average RPC, but not standardised to that so you have no guarantee of interoperability (like CORBA before the customers screamed and screamed and SCREAMED and the vendors finally gave in and implemented IIOP).
Maybe we'll get back to the nice old days of C, FORTRAN and Pascal where you could call the other languages functions in the same address space.
If you want to limit your programs to one process in one machine then that's OK, but it is not what Microsoft are doing with.NET.
BTW, this is all a guess. The article is kind of vague.
The article is just one item in a mass of data about.NET that is sloshing around the web. The difficulty is in extracting information from that mass of data, acquiring knowledge from that information, and finally achieving wisdom in the light of that knowledge. Ill-informed speculation is the stone in your shoe as you tread that long and weary road.
You're right that "trusted" systems are probably useless as webservers or whatever.
Some people don't agree. It is actually a significant product that has won awards for HP. Of course it is useless to anyone else; see patent US5903732 "secure Web platform (SWP) implementing a mandatory access control policy" etc.
It will be the dominant or best known players in these games who want to block the meta-searcher/meta-browser. If there are a lot of small players, customers will turn to a meta-search to find results if there is one that does a good job of aggregating the data. The small players win by being found through the meta-search. If eBay chooses to be outside a meta-search, but the meta-search still covers more than eBay, then customers will probably move away from eBay to the meta-searcher. If ebay is bigger, then customers will go there rather than the meata-search.
If sites that do not want to be meta-listed in some way can opt out, then it is possible that market forces will reward or punish them according to the quality of the service they provide in comparison to the cloud of meta-listed sites rather than just any individual site.
When people start measuring your neighbourhood in great detail, and refuse to explain just what it is for, I think you have a right to be suspicious and uncooperative. I hope those who have the right tools in place will just set themselves to ignore (i.e. fail to respond to) traffic from these people. If they get no answer to their pings, it will server them right for being so secretive.
I just watched the panorama programme. The NASA incident was a fairly small item near the end. Most of the show was about how easy it is to break into Microsoft programs. They interviewed Cult of the Dead Cow, had a demo of Back Orifice, interviewed the guy who runs AntiOnline, and had someone from a British computer security company say that things will remain bad while Microsoft is driven by features, not security.
On the whole it was not as bad as some of the stuff that gets broadcast.
if your doctor's clinic folded, he could sell your patient info?
There seems to be some protection of patient records in the USA - I found this ABI Testimony before Senate Judiciary Committee which seems to say that you can't just transfer the records to anyone.
I vaguely remember this situation arising a while (at least a year, probably two or more) ago, but I don't remember in which jurisdiction, or what happened. All I can remember is that there was a fuss about patient records being sold to some company that was not another doctor's practice.
Suppose I register a domain, get a server certificate for www.name-someone-will-want.com, then put the domain into the auction? I now have the ability to serve https://www.name-someone-will-want.com/ with a valid certificate when the domain belongs to someone else. The apparently trustworthy secure server for whoever bought the domain is not under their control.
Do certificates expire too quickly for this to be a problem? Is there some check with the Certification Authorities? Has anyone in the registration business bothered to think about this problem?
But does Open Source mean that there CAN'T be a design spec or any formal methods? Just because the current leading lights don't use them, doesn't mean it CAN'T be done.
There could be design specs and use of more rigorous techniques up to the use of formal methods, but would Open Source developers be prepared to submit to that discipline? There is no reason why the code produced should not be free (both senses), but are there enough developers with both the skill and the inclination to work to that model in an Open Source effort? Perhaps the problem is that those inclined to work on Open Source projects like freedom to use whatever techniques and tools they like, and this makes it hard to verify that the results meet the negative (no unexpected behaviours) as well as the positive aspects of the specification.
There's plenty of closed source stuff that doesn't have any formal methods - does that mean that it can't be done? No. Maybe it's harder to do with open source, because the development cycle tends to be more relaxed, and it's harder to impose methodologies on those working on it, but that doesn't make it impossible.
I think that only a tiny proportion of closed source software has been developed with a serious input from formal methods. I am not sure that detailed and accurate design specs are all that common either.
Being unable to impose methodologies on voluntary contributors is probably the main obstacle to having a typical Open Source project meet the view of "trusted" that Spaf was using.
Attitude to those who write specifications also plays its part. We will never get an Open Source project with a rigorous demonstration that it meets a usefully detailed specification unless the writers of the specification get at least as much respect as those who write the most difficult code.
I don't know if he said it at that infosec seminar, but Spaf has also pointed out that not enough people are being educated in computer security, and how to build more trustworthy systems. The shortage means Universities can't keep faculty with experience in this area, and this leads to the vicious circle of less teaching and research that means the shortage continues.
If the security problem causes someone a real loss, the last thing you want is to be in any way liable for having known about a problem that was not fixed.
Send the company a written report by means of an independent courier who will get a receipt. In that report, say that there is another copy of the report on deposit with an independent holder who keeps a record of the date of deposit and really do that too.
Make sure that there is evidence that you made them aware of the fault. If they fail to act, and someone sues them, you will have some evidence that you acted in good faith, and that the company were negligent rather than just incompetent.
N.B. I Am Not A Lawyer so don't assume that this is good advice.
Interesting that the license says: HP grants you a license to Use the Software solely for the purposes of (i) teaching and training of the IA-64 architecture by non-profit educational institutions and (ii) for developing software for Open Source operating systems.
It seems you can't use it to develop for a proprietary OS without special permission from HP.
This is the top highlight on the HP site right now, and there seem to be a few download links at the HP Software Depot and the Intel Developer site. I am not going to have time to download and play with this myself just yet, so I look forward to seeing comments from people who try it out.
Thanks for the link. It certainly gives a different emphasis to the story. The Yahoo article does not even hint that the display was originally supposed to have been somewhere else. Unless we know why the display had to be moved, and who decided to put Intel's display near a lot of iMacs, we should not assume that Intel set out to disable the iMacs.
Was it a case of "Hi. We have moved your display into a room full of your competitors equipment."? You don't have to be Intel to be upset by that if that is what happened. (But perhaps you have to be Intel to have anyone care that you are upset!)
Slashdot Mirror
The <head> is optional. The three line document validates correctly at HTML 2.0 Strict Level 2 (and other versions).
Good point. A quick web search will also reveal price comparison sites showing plenty of 12/24Gb DDS3 drives at less than $1000, not the "multi-thousand-dollar" price it says in one of the linked sites (http://www.ajwm.net/backfire/).
People who already have a DV camera may be tempted, but I would worry about reliability of the backups on a device not designed to do the job.
The nice poster I got from SANS with the information about their security conferences for 2001 has several lists of interesting information. One of these is where US monitoring sites report malicious traffic coming from in the first quarter of 2000. Top is USA with 46%, second Canada on 11%, third Russia 8% and so on down. Of the three countries mentioned in the article, Israel is listed at 2%, and Ireland and India are not listed as being in the top four fifths at all (at which point we are down to 1%).
SANS has a good reputation, and I am inclined to believe that they gathered this data in a reputable way. Of course it is possible that US Military/Government sites attract a disproportionate foreign attack profile, but given the suspicion of government that seems popular in the USA, it might go the other way. In the absence of data to the contrary, I do not see any reason to expect a different attack profile. Pointing at foreigners has always been the way to bid for defence funding, so my cynical side suspects that this is on the agenda in the interview.
Many commercial OSes have some kind of evaluation of some version, and some have TCSEC (Orange Book) class B or above (or equivalent under other schemes). If you are really interested, here are some links:
The field has its own specialist jargon, so it may take some effort to make sense of all that. Also remember that resistance to penetration is not required until you get a long way up the scale although it is probably what most people expect to get, only to be disappointed. It is actually very hard to show that a system is penetration resistant, much harder than merely making it penetration resistant (which is hard enough in itself if you want to keep some functionality).
But the Central Office of Information site is terrible; it is a good example of how to confuse the visitor. It shows that the site designer thinks he is clever at scripting, but he is really totally out of touch with the needs of the visitors to the site.
Whatever else you do, don't make that mistake.
The most dangerous child molesters are those who obtain positions of authority over vulnerable children. How better to indulge your vile desires than as a member of staff at a childrens home, or as a corrupt policeman with access to personal information that may identify target children through the mechanisms put in place to support RIP? As a corrupt policeman there should be no great problem avoiding the legal safeguards, and the worried parent will be in trouble under RIP if they try to complain that you are accessing data about their children.
The danger of RIP is that it assumes that there are no corrupt police, nor even careless police. RIP creates a compelling reason for criminals to infiltrate any organisation that handles the data, and experience shows that criminals can and will find a way.
Well, they did. All previous optical mice required grids. Microsoft's mouse uses a camera and software capable of comparing images very quickly to determine speed and direction. A far cry from grid-based optical mice.
Yes it was a breakthrough, but it was invented not by Microsoft, but by Gary Gordon at HP Labs. I hope Microsoft had to pay a lot for the right to not mention HP in all the publicity.
Perhaps even Multi-Level Security and Mandatory Access Control - after all, Bell and LaPadula explained their MAC/MLS model with a Multics interpretation. This is what led on to the TCSEC (Orange Book) B1 and above classes.
A journalist's report of one lawyer's interpretation of the treaty is not much to go on. The treaty itself is available, and the journalist seems to have left out a lot of the "without right", "intent" and similar issues that are in the treaty itself.
We should be concerned about this treaty, but base your arguments on the original source, not some journalist's interpretation (or the usual ill-informed speculation you see here).
The lawyer's opinion would also be useful input, but I don't have a reference to that.
*HP -- Their HQ is right down the road from PARC, they have been accused of being too stodgy, they desperately want to play in the big leagues. Seems like a good fit. That's what I'm laying my bet on anyway.
PARC has a reputation for failing to transfer brilliant ideas into the business, why would HP want that? HP Labs may be less well known for revolutionary ideas, but it is respected for success in transferring its research into the product divisions. If HP wants the researchers, it can just hire them, they don't even have to relocate if they want to stay in Palo Alto. What else does PARC have to offer?
Look, SOAP is a protocol. ... Try reading the w3.org SOAP proposed spec. ... It is a standard way of doing functions over the Internet thru HTTP. On port 80 (i.e., through firewalls).
SOAP can be used with HTTP, but my reading of the spec is that that is just an example, not mandated. SOAP is mostly about using XML to represent data.
Anyone who knows anything about firewalls also knows that port 80 is not the real issue. Using HTTP or HTTP/SSL many, but not all, people can get out through a firewall around their organisation, to at least some sites. If it works, it usually works for ports other than 80 as well as the defaults. This is a quite separate problem from getting in through a firewall to a server that provides access to the data. For many organisations, that takes you into the world of bastion hosts, perimiter networks, and firewall configurations that explicitly cater for the access to that host from outside.
In my opinion, the bottom line is that SOAP will work for simple stuff, but if you care about security you are on your own. The people griping about firewall problems with CORBA, RMI, DCOM etc. will be disappointed if they adopt SOAP as a 'solution'.
As for the rest of .NET, it is a very mixed bag; some is good, some is bad, and some is just ugly. Microsoft will make it happen, we will have to live with it, it will be change, but no guarantee of progress.
austad: I've been using mod_ssl. Much easier to set up, and when I tried Apache-SSL, apache would die unexpectedly and it was SLOW. No problems at all with mod_ssl.
boy case: We use Apache-SSL. We got Apache 1.3.12, iirc, on a pretty standard Redhat 6.1 (yeah I much prefer 6.2 too *g*) and it's never died. It seems plenty fast. I had no problems setting it up either, and Verisign's certificate installed fine.
I tried Apache-SSL first, then switched to mod_ssl; I did not think there was much difference in the difficulty setting them up, both seem quite stable, and speed was not an issue for me - both were fast enough - so I never measured it.
boy case: Have to admit to not trying mod_ssl but I think the tone of the documentation was the deciding factor for me....
The documentation was a factor in my decision to change - I found the mod_ssl documentation much more comprehensive and easier to understand so I did not let the tone bother me.
One particular reason for the switch was that I wanted to use client certificate authentication and mod_ssl seems to be much more flexible in that area. I have set up part of my secure web hierarchy to require CCA with mod_ssl, Apache-SSL seemed to be an all or nothing for the whole site proposition.
Although I find mod_ssl better for CCA, neither is particularly good. I would really like something better than the "fake basic auth" method of access control which both seem to offer in the same way. I would also like to be able to check the revocation list via an LDAP query rather than a file. Unfortunately, I have not had enough spare time to look into this in any detail; this is at-work stuff but not part of my real job unfortunately.
This appears to be a way to get cross-language call compatibility without resorting to RPC ugliness like CORBA or COM/DCOM. Despite RPC protocol's attractiveness, they are bad solutions to the problems they purport to solve.
The 'R' in RPC stands for REMOTE it purports to solve the problem of calling a function in a different machine. Back in the early days of things like Xerox Courier, you would usually be using the same language at both ends.
CORBA is about DISTRIBUTED Object Based Computing. It purports to sove the problem of invoking methods in a different machine. They did this in a way that explicitly caters for different languages at each end, but that is not the primary objective.
The 'D' in DCOM stands for DISTRIBUTED, it is about doing COM between machines, and I would prefer not to talk about that.
RPC is inherently slow. It forces a process context switch, and it forces data to be mangled into a standard streamed format, and the worse thing is that it makes all this look like an innocuous simple function call. I've felt RPC was ugly every since I first saw it.
Doing anything between machines is slow compared with a function call. One reason why CORBA was invented was because old-fashioned RPC made you rewrite your code if you wanted to change which pieces were remote. The advance was to make it possible to get back some of the performance if the thing you were calling happened to be in the same place as you.
This takes a very different approach from RPC. Instead of literally sending messages to one another, languages hand eachother datatypes that they can mutually agree on the interpretation of. Much cleaner and quicker. A function call becomes a function call again. No context switch, no data mangling.
Except that if you want to be able to do "remoting" as MS calls it, you inherit from MarshalByRefObject, and all the stuff you hate comes back again. Fields and attributes automagically become methods (get/set pairs), and a whole stack of marshalling and transport stuff kicks in as soon as the object you are calling is remote. What looks like an access to a field of some object gets mangled into a streamed format, by default using XML which is verbose and expensive compared to your average RPC, but not standardised to that so you have no guarantee of interoperability (like CORBA before the customers screamed and screamed and SCREAMED and the vendors finally gave in and implemented IIOP).
Maybe we'll get back to the nice old days of C, FORTRAN and Pascal where you could call the other languages functions in the same address space.
If you want to limit your programs to one process in one machine then that's OK, but it is not what Microsoft are doing with .NET.
BTW, this is all a guess. The article is kind of vague.
The article is just one item in a mass of data about .NET that is sloshing around the web. The difficulty is in extracting information from that mass of data, acquiring knowledge from that information, and finally achieving wisdom in the light of that knowledge. Ill-informed speculation is the stone in your shoe as you tread that long and weary road.
You're right that "trusted" systems are probably useless as webservers or whatever.
Some people don't agree. It is actually a significant product that has won awards for HP. Of course it is useless to anyone else; see patent US5903732 "secure Web platform (SWP) implementing a mandatory access control policy" etc.
It will be the dominant or best known players in these games who want to block the meta-searcher/meta-browser. If there are a lot of small players, customers will turn to a meta-search to find results if there is one that does a good job of aggregating the data. The small players win by being found through the meta-search. If eBay chooses to be outside a meta-search, but the meta-search still covers more than eBay, then customers will probably move away from eBay to the meta-searcher. If ebay is bigger, then customers will go there rather than the meata-search.
If sites that do not want to be meta-listed in some way can opt out, then it is possible that market forces will reward or punish them according to the quality of the service they provide in comparison to the cloud of meta-listed sites rather than just any individual site.
When the "Internet Operating System Counter" scan reached the .il (israel) domain it caused some concern! At least they did give a plausible explanation, publish their results, and stop querying areas where people complained (like all of .il!).
When people start measuring your neighbourhood in great detail, and refuse to explain just what it is for, I think you have a right to be suspicious and uncooperative. I hope those who have the right tools in place will just set themselves to ignore (i.e. fail to respond to) traffic from these people. If they get no answer to their pings, it will server them right for being so secretive.
I just watched the panorama programme. The NASA incident was a fairly small item near the end. Most of the show was about how easy it is to break into Microsoft programs. They interviewed Cult of the Dead Cow, had a demo of Back Orifice, interviewed the guy who runs AntiOnline, and had someone from a British computer security company say that things will remain bad while Microsoft is driven by features, not security.
On the whole it was not as bad as some of the stuff that gets broadcast.
does this mean that:
There seems to be some protection of patient records in the USA - I found this ABI Testimony before Senate Judiciary Committee which seems to say that you can't just transfer the records to anyone.
I vaguely remember this situation arising a while (at least a year, probably two or more) ago, but I don't remember in which jurisdiction, or what happened. All I can remember is that there was a fuss about patient records being sold to some company that was not another doctor's practice.
Suppose I register a domain, get a server certificate for www.name-someone-will-want.com, then put the domain into the auction? I now have the ability to serve https://www.name-someone-will-want.com/ with a valid certificate when the domain belongs to someone else. The apparently trustworthy secure server for whoever bought the domain is not under their control.
Do certificates expire too quickly for this to be a problem? Is there some check with the Certification Authorities? Has anyone in the registration business bothered to think about this problem?
But does Open Source mean that there CAN'T be a design spec or any formal methods? Just because the current leading lights don't use them, doesn't mean it CAN'T be done.
There could be design specs and use of more rigorous techniques up to the use of formal methods, but would Open Source developers be prepared to submit to that discipline? There is no reason why the code produced should not be free (both senses), but are there enough developers with both the skill and the inclination to work to that model in an Open Source effort? Perhaps the problem is that those inclined to work on Open Source projects like freedom to use whatever techniques and tools they like, and this makes it hard to verify that the results meet the negative (no unexpected behaviours) as well as the positive aspects of the specification.
There's plenty of closed source stuff that doesn't have any formal methods - does that mean that it can't be done? No. Maybe it's harder to do with open source, because the development cycle tends to be more relaxed, and it's harder to impose methodologies on those working on it, but that doesn't make it impossible.
I think that only a tiny proportion of closed source software has been developed with a serious input from formal methods. I am not sure that detailed and accurate design specs are all that common either.
Being unable to impose methodologies on voluntary contributors is probably the main obstacle to having a typical Open Source project meet the view of "trusted" that Spaf was using.
Attitude to those who write specifications also plays its part. We will never get an Open Source project with a rigorous demonstration that it meets a usefully detailed specification unless the writers of the specification get at least as much respect as those who write the most difficult code.
I don't know if he said it at that infosec seminar, but Spaf has also pointed out that not enough people are being educated in computer security, and how to build more trustworthy systems. The shortage means Universities can't keep faculty with experience in this area, and this leads to the vicious circle of less teaching and research that means the shortage continues.
If the security problem causes someone a real loss, the last thing you want is to be in any way liable for having known about a problem that was not fixed.
Send the company a written report by means of an independent courier who will get a receipt. In that report, say that there is another copy of the report on deposit with an independent holder who keeps a record of the date of deposit and really do that too.
Make sure that there is evidence that you made them aware of the fault. If they fail to act, and someone sues them, you will have some evidence that you acted in good faith, and that the company were negligent rather than just incompetent.
N.B. I Am Not A Lawyer so don't assume that this is good advice.
Interesting that the license says:
HP grants you a license to Use the Software solely for the purposes of (i) teaching and training of the IA-64 architecture by non-profit educational institutions and (ii) for developing software for Open Source operating systems.
It seems you can't use it to develop for a proprietary OS without special permission from HP.
This is the top highlight on the HP site right now, and there seem to be a few download links at the HP Software Depot and the Intel Developer site. I am not going to have time to download and play with this myself just yet, so I look forward to seeing comments from people who try it out.
Thanks for the link. It certainly gives a different emphasis to the story. The Yahoo article does not even hint that the display was originally supposed to have been somewhere else. Unless we know why the display had to be moved, and who decided to put Intel's display near a lot of iMacs, we should not assume that Intel set out to disable the iMacs.
Was it a case of "Hi. We have moved your display into a room full of your competitors equipment."? You don't have to be Intel to be upset by that if that is what happened. (But perhaps you have to be Intel to have anyone care that you are upset!)
CNN also has a later version of the story which reports Network Associates and Symantec assessing this as "low risk". CNN still don't name the files, but Symantec have some details under the name Serbian.Trojan, but not really clear on how to remove it. They say it is also known as "downloader" and Network Associates (McAfee) have more details.