The internet of things sounds so stupid. In the spirit of stupid marketing phrases that mean nothing like "the cloud" wouldn't it be cooler to call it "the swarm"?
The issue seems to be that they're doing a rewrite of busybox because the legal foundation responsible for policing the busybox license forces them into compliance for all GPL'ed works for all the products they release before they will grant the company access to use the software again under the terms of the GPL. Many of these companies are not complying with the GPL for this other software because the copyright holders are not actively pursuing infringers of the license like busybox is.
Diaspora is not peer to peer. It's a federated service like smtp or xmpp/jabber. The identity model is also that of the web which may not be rich enough to do a fine grained web-of-trust or get around despotic governments in its current form.
Given that the interserver federation in xmpp doesn't scale well ( see http://about.psyc.eu/Jabber#Scalability ), I'm guessing the thought of federation is too scary an option for facebook. 60% of the packets in an xmpp network are presence packets and xmpp uses an extremely naive way of distributing these (i.e. it sends an xmpp presence message for each user in the buddy list, even if many of the users are on the same xmpp server and the presence packet could be only sent once for all of them and exploded by the server at the other end). This probably wouldn't be too much of an issue if not many people have buddies on other xmpp servers, but could be disastrous if it becomes popular. I'm guessing they'd also be reticent to do this because it would decrease their lockin of users, if you don't need a facebook account to talk to facebook users why would you bother using facebook.
How is port knocking security through obscurity? It's putting a password on being able to connect to the ssh daemon. Admittedly upstream routers could easily grab the "password" if they know what it's for but they've just peeled back one layer of the onion.
Maybe Comcast should setup an exchange server on their ad servers so that the the exchange clients don't time out connecting to mail.company.inside. As an added bonus if the password scheme for MAPI isn't a challenge response based one they could also collect the passwords for anyone using a split VPN on their network.
I thought Ubuntu's goals were even more modest than that. A debian repository with 6 month release cycles. This was sorely needed at the time as woody had been the stable release of debian since 2002. The perception was that debian was horribly antiquated, which it was, and unusable. A lot of work has since been done and the speed of releases, although not as frequent as once every 6 months is pretty reasonable.
Virtualization doesn't help your performance if you're already using all of a particular resource. It has overheads that mean you're getting less out of your hardware in terms of raw performance. The fact that you can put 5 boxes that would otherwise be sitting idle on the same hardware is what makes virtualization attractive.
I think the point is that tcp is much more heavy weight than udp and there is a perception that busy dns resolvers or servers would be unable to deal with the load and latency of setting up and tearing down so many tcp connections.
The problem is it's really insecure. You've got two choices of delegating authority for an X server. One is host based (i.e. xhosts +somehost) which will mean that rogue clients launched by that host will have access to draw anything on your screen. The second is cookie based which can probably be controlled in a more granular manner but still allows a client with the MIT-MAGIC-COOKIE-1 to write anything to a given server. The potential for keylogging, spoofing windows and other nefarious behaviour is frightening.
Looking at the aticle it would appear that you could set up a malicious website that arranged for a number of dns queries for domains that you control. Once you had enough information then you'd be able to then arrange a query against a domain you wanted to spoof and send back many spoofed replies with guesses for the transaction id that are in the right ballpark with reasonable success. How does this require sniffing the network?
DNS uses udp as a transport, there is no connection, and the dns cache/client will keep retrying until it gets an answer for some considerable time (i.e. a second or two). This adds up to a lot of bandwidth that the now non-existant ORDB don't want to have to pay for.
Re:Get off the security high horse.
on
Gmail CAPTCHA Cracked
·
· Score: 4, Insightful
Why are there so many people compromising web hosting accounts and servers where the admin is running some dinky hosting control panel that allows them to know nothing about the operating system? I think you'll find that all modern operating systems are just as insecure as each other in that the things permitted of a program are far in excess of what is required by the program for its operation. Why does notepad need access to the internet, why does a php application need to be able to run arbitrary commands, etc.
But why do you need to maintain the older versions? Sure in the situation of IE6 and Windows 2000 et. al. being the last release of IE for that platform you have a situation where the older release needs to have security updates applied. This isn't the case for mozilla's browsers though, the latest version of firefox will run on everything since windows 98.
Depends on the OS really. But you're right if you mean any commercially available OS today. Singularity might solve a few problems if it was adopted. There are also some promising techniques being proposed by the people responsible for E.
Slashdot Mirror
The internet of things sounds so stupid. In the spirit of stupid marketing phrases that mean nothing like "the cloud" wouldn't it be cooler to call it "the swarm"?
The issue seems to be that they're doing a rewrite of busybox because the legal foundation responsible for policing the busybox license forces them into compliance for all GPL'ed works for all the products they release before they will grant the company access to use the software again under the terms of the GPL. Many of these companies are not complying with the GPL for this other software because the copyright holders are not actively pursuing infringers of the license like busybox is.
Diaspora is not peer to peer. It's a federated service like smtp or xmpp/jabber. The identity model is also that of the web which may not be rich enough to do a fine grained web-of-trust or get around despotic governments in its current form.
Given that the interserver federation in xmpp doesn't scale well ( see http://about.psyc.eu/Jabber#Scalability ), I'm guessing the thought of federation is too scary an option for facebook. 60% of the packets in an xmpp network are presence packets and xmpp uses an extremely naive way of distributing these (i.e. it sends an xmpp presence message for each user in the buddy list, even if many of the users are on the same xmpp server and the presence packet could be only sent once for all of them and exploded by the server at the other end). This probably wouldn't be too much of an issue if not many people have buddies on other xmpp servers, but could be disastrous if it becomes popular. I'm guessing they'd also be reticent to do this because it would decrease their lockin of users, if you don't need a facebook account to talk to facebook users why would you bother using facebook.
How is port knocking security through obscurity? It's putting a password on being able to connect to the ssh daemon. Admittedly upstream routers could easily grab the "password" if they know what it's for but they've just peeled back one layer of the onion.
Maybe Comcast should setup an exchange server on their ad servers so that the the exchange clients don't time out connecting to mail.company.inside. As an added bonus if the password scheme for MAPI isn't a challenge response based one they could also collect the passwords for anyone using a split VPN on their network.
I've given up on adobe acrobat reader. I'm using mozplugger and xpdf/kpdf/insert favourite pdf viewer here.
It's one of my favourite movies.
I thought Ubuntu's goals were even more modest than that. A debian repository with 6 month release cycles. This was sorely needed at the time as woody had been the stable release of debian since 2002. The perception was that debian was horribly antiquated, which it was, and unusable. A lot of work has since been done and the speed of releases, although not as frequent as once every 6 months is pretty reasonable.
Yeah, everyone knows the superior cosmetic enhancement techniques all involve acid.
This is truly the year of linux on the desktop. Even Microsoft is embracing it now.
This thread is just an achievement point circle jerk.
Virtualization doesn't help your performance if you're already using all of a particular resource. It has overheads that mean you're getting less out of your hardware in terms of raw performance. The fact that you can put 5 boxes that would otherwise be sitting idle on the same hardware is what makes virtualization attractive.
I think the point is that tcp is much more heavy weight than udp and there is a perception that busy dns resolvers or servers would be unable to deal with the load and latency of setting up and tearing down so many tcp connections.
The problem is it's really insecure. You've got two choices of delegating authority for an X server. One is host based (i.e. xhosts +somehost) which will mean that rogue clients launched by that host will have access to draw anything on your screen. The second is cookie based which can probably be controlled in a more granular manner but still allows a client with the MIT-MAGIC-COOKIE-1 to write anything to a given server. The potential for keylogging, spoofing windows and other nefarious behaviour is frightening.
Looking at the aticle it would appear that you could set up a malicious website that arranged for a number of dns queries for domains that you control. Once you had enough information then you'd be able to then arrange a query against a domain you wanted to spoof and send back many spoofed replies with guesses for the transaction id that are in the right ballpark with reasonable success. How does this require sniffing the network?
Not if the hash is salted with something like the current time. Then the replay attack will only work for one second.
DNS uses udp as a transport, there is no connection, and the dns cache/client will keep retrying until it gets an answer for some considerable time (i.e. a second or two). This adds up to a lot of bandwidth that the now non-existant ORDB don't want to have to pay for.
Why are there so many people compromising web hosting accounts and servers where the admin is running some dinky hosting control panel that allows them to know nothing about the operating system? I think you'll find that all modern operating systems are just as insecure as each other in that the things permitted of a program are far in excess of what is required by the program for its operation. Why does notepad need access to the internet, why does a php application need to be able to run arbitrary commands, etc.
But why do you need to maintain the older versions? Sure in the situation of IE6 and Windows 2000 et. al. being the last release of IE for that platform you have a situation where the older release needs to have security updates applied. This isn't the case for mozilla's browsers though, the latest version of firefox will run on everything since windows 98.
Depends on the OS really. But you're right if you mean any commercially available OS today. Singularity might solve a few problems if it was adopted. There are also some promising techniques being proposed by the people responsible for E.
I was under the impression that they'd standardized the foot at 12".
EA, where games go to die.
Or you change your name so only the lunatic fringe recognize you as the same company.
Yep, this was neither humorous or linux related. Not saying it wasn't slashdot worthy, but please.