The problem is kinetic energy. Even if we shatter an asteroid into tiny pieces, if they are all still on trajectory to impact Earth, the same kinetic energy is delivered to the planet, resulting in the same risk of a "nuclear winter"-style doomsday.
Now the people who worked HARD to make it the way it is today and free are in fact working for a big bad money hungry company. Without any reward.
Oh, come on. Every commercial company hungers after money. It's the nature of capitalism. And why is IBM "bad"? Got a specific complaint? Because without the specifics you appear to be equating capitalistic with bad.
As to the developers work being "without any reward", few open source programmers get paid for what they do, and it doesn't bother them. If they didn't want others to benefit from their code, they shouldn't have put it under and Open Source license.
one of the early unix guys (Ken Thompson if I remember right)
created a version of login with a backdoor for him to get in. Then he created a C compiler that could tell if
login was being compiled and if so insert his backdoor. Then he modified the C compiler to check if it was
compiling itself and if so insert both hacks. Soon he was able to (but claims he never did) distribute a C
compiler that looked normal, yet would give him access to any machine.
The article you speak of is Reflections on Trusting Trust by Ken Thompson. While it's a scary scenario, you can still decompile the binary and check the algorithm for security. Compiling just once with a known-to-be-safe compiler also removes the hole.
One has been found already; the hole in PGP discussed on Slashdot about two weeks ago. So it's a real problem.
An NSA-installed backdoor has not been "found already" in PGP. It was a bug. Not the first either (if you've followed PGP for the last 7 years or so). To conclude that NSA-installed backdoors are a "real problem" on the basis of that particluar bug is wrong.
The NSA backdoors may be a real problem, but don't conclude that from the occurrance of legitimate bugs in complex software.
CowboyNeal has explained (in private email to me) that articles such as this one are marked so as not to appear on the/. front page, but only in their respective sections. I'm a lot less confused now. Sorry to waste bandwidth on this.
After many days of existence, this article has only 4 comments (this is the 5th, unless someone beats me to it). Clearly, only a tiny fraction of/. readers can see this post, if any at all -- I only found it because I happened to scan the list of articles in the older stuff section.
If you click on older stuff, you'll see a scattering of articles with less than 10 or 20 comments going back as far as you can look! If you go back far enough, you'll see Cliff's article title Who is in Charge of IPv6 Packet Priority?, which has only 9 comments! There is no way an article with such a title could have resulted in only 9 comments here on Slashdot.
I'm Fran, the author of Odyssey at Andover.net (francis.litterio-at-andover-dot-net). I can confirm that it was misspelled in the original posting. Odyssey is a remote host administration and monitoring system. I'm implementing the remote administration features first. The monitoring feature will be implemented later.
The goal of Odyssey is to dispense with having each of our admins ssh into each box at Exodus and manually make changes. Instead, an admin here at Andover.net will point their Web browser at our secure server, login to Odyssey, tell it (for example) to change the MaxClients configuration parameter on the Apache servers running on boxes W, X, Y, and Z, click "Make It So", and the change is archived, validated for correctness, checked for collision with other admins making related changes, and performed. Other tasks can also be done the same way: power-cycling boxes remotely, hot-swapping a live spare for a dead box, etc. Changes can be backed out by Odyssey too: just find it in the archive and click on "Revert" -- as long as it can be reverted in a sensible way, it will be done automatically. It streamlines many administration tasks and gives an audit trail of who did what when.
As for monitoring, Odyssey will do both black-box and white-box monitoring of network services and host resources (i.e., instead of just verifying the Web server is listening on port 80, it can also send GET requests and validate the responses).
We're already seeing Linux steal mindshare from Microsoft in the Windows2000 vs. 2.4 kernel arena, but running on Intel's next generation CPU is where Linux will pull ahead of Windows. The very fact that Linux is ready for and working on IA-64 now goes a long way to impress corporate planners, all of whom currently think of 64-bit Windows as vaporware.
I'm glad to see that Dell avoided the problem that plagued IBM's Linux laptops by including a real modem in their Linux laptops. The cost of the modem may partly explain why Dell's Linux laptop costs the same as one with Windoze installed, but the extra cost of the modem can't equal the MS licensing fee for Windoze, so it's not the whole story.
rogerbo wrote: So if they don't release code morphing software for PPC, or MIPS or SPARC or ALPHA then you're SOL, you can't write it. And may also be difficult or impossible to write a native version of linux.
Linus said that they explicitly decided against doing a native version of Linux for the Crusoe. The whole idea of Crusoe is to keep you from having to recompile while still letting you take advantage of advances in the underlying CPU architecture. Nobody should want a native Crusoe application, because when a new Crusoe comes out with different instructions or whatever, you'll have to recompile. As much as I hate the phrase, this is really a paradigm shift in processor and OS technology.
The lack of a SPARC or Alpha or PPC morphing layer is probably more a pragmatic decision on Transmeta's part. They can't do it all (right away). They didn't rule out a morphing implementation for PPC, Sparc, etc., but they get the most bang for their buck from doing the x86 first.
The 2001 Internet Resource Archive reports that Warner Bros. plans a theatrical re-relase of 2001: A Space Odyssey on New Year's Eve 2000. If you have never seen 2001 in a theatre with decent sound, you are missing an almost religious experience!
Those pictures are very detailed (and this tech is only a year or two old). Expect it to show scars and moles in a few years. But what's really scary to me is this: How long before it can show people through the walls of their homes? It's the ultimate law enforcement wet dream: all houses made out of transparent material! Reminds me of Perry Metzger's privacy parable: http://www.clock.org/~fair/opinion/parable.html
Only a tiny portion of the Linux kernel code is CPU-specific. The filesystem, scheduling, IPC, networking, and terminal subsystems are all CPU-neutral. Forking the entire kernel on a CPU-by-CPU basis isn't necessary.
It runs on macintoshes, HP machines, Alphas, and god only knows what else... but those are all inferior ports.
Care to supply some evidence of that alleged inferiority? Even just saying how they're inferior would be a start. They can't all be inferior in the same way.
Dan Kaminsky writes: "Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE."
Good point. If the same reasoning should lead anyone to distrust the US version of PGP, consider using PGPi, the International version of PGP (available from http://www.pgpi.com/). It is Open Source and includes the source code to the RSA algorithm (and everything else in PGPi, of course). Being Open Source, it's very likely not RSA's implementation of the algorithm.
Slashdot Mirror
The problem is kinetic energy. Even if we shatter an asteroid into tiny pieces, if they are all still on trajectory to impact Earth, the same kinetic energy is delivered to the planet, resulting in the same risk of a "nuclear winter"-style doomsday.
bluGill wrote:
The article you speak of is Reflections on Trusting Trust by Ken Thompson. While it's a scary scenario, you can still decompile the binary and check the algorithm for security. Compiling just once with a known-to-be-safe compiler also removes the hole.
Animats wrote:
An NSA-installed backdoor has not been "found already" in PGP. It was a bug. Not the first either (if you've followed PGP for the last 7 years or so). To conclude that NSA-installed backdoors are a "real problem" on the basis of that particluar bug is wrong.
The NSA backdoors may be a real problem, but don't conclude that from the occurrance of legitimate bugs in complex software.
CowboyNeal has explained (in private email to me) that articles such as this one are marked so as not to appear on the /. front page, but only in their respective sections. I'm a lot less confused now. Sorry to waste bandwidth on this.
After many days of existence, this article has only 4 comments (this is the 5th, unless someone beats me to it). Clearly, only a tiny fraction of /. readers can see this post, if any at all -- I only found it because I happened to scan the list of articles in the older stuff section.
If you click on older stuff , you'll see a scattering of articles with less than 10 or 20 comments going back as far as you can look! If you go back far enough, you'll see Cliff's article title Who is in Charge of IPv6 Packet Priority? , which has only 9 comments! There is no way an article with such a title could have resulted in only 9 comments here on Slashdot.
What's going on?
I'm Fran, the author of Odyssey at Andover.net (francis.litterio-at-andover-dot-net). I can confirm that it was misspelled in the original posting. Odyssey is a remote host administration and monitoring system. I'm implementing the remote administration features first. The monitoring feature will be implemented later.
The goal of Odyssey is to dispense with having each of our admins ssh into each box at Exodus and manually make changes. Instead, an admin here at Andover.net will point their Web browser at our secure server, login to Odyssey, tell it (for example) to change the MaxClients configuration parameter on the Apache servers running on boxes W, X, Y, and Z, click "Make It So", and the change is archived, validated for correctness, checked for collision with other admins making related changes, and performed. Other tasks can also be done the same way: power-cycling boxes remotely, hot-swapping a live spare for a dead box, etc. Changes can be backed out by Odyssey too: just find it in the archive and click on "Revert" -- as long as it can be reverted in a sensible way, it will be done automatically. It streamlines many administration tasks and gives an audit trail of who did what when.
As for monitoring, Odyssey will do both black-box and white-box monitoring of network services and host resources (i.e., instead of just verifying the Web server is listening on port 80, it can also send GET requests and validate the responses).
It's being written in Perl.
We're already seeing Linux steal mindshare from Microsoft in the Windows2000 vs. 2.4 kernel arena, but running on Intel's next generation CPU is where Linux will pull ahead of Windows. The very fact that Linux is ready for and working on IA-64 now goes a long way to impress corporate planners, all of whom currently think of 64-bit Windows as vaporware.
I'm glad to see that Dell avoided the problem that plagued IBM's Linux laptops by including a real modem in their Linux laptops. The cost of the modem may partly explain why Dell's Linux laptop costs the same as one with Windoze installed, but the extra cost of the modem can't equal the MS licensing fee for Windoze, so it's not the whole story.
rogerbo wrote: So if they don't release code morphing software for PPC, or MIPS or SPARC or ALPHA then you're SOL, you can't write it. And may also be difficult or impossible to write a native version of linux.
Linus said that they explicitly decided against doing a native version of Linux for the Crusoe. The whole idea of Crusoe is to keep you from having to recompile while still letting you take advantage of advances in the underlying CPU architecture. Nobody should want a native Crusoe application, because when a new Crusoe comes out with different instructions or whatever, you'll have to recompile. As much as I hate the phrase, this is really a paradigm shift in processor and OS technology.
The lack of a SPARC or Alpha or PPC morphing layer is probably more a pragmatic decision on Transmeta's part. They can't do it all (right away). They didn't rule out a morphing implementation for PPC, Sparc, etc., but they get the most bang for their buck from doing the x86 first.
The 2001 Internet Resource Archive reports that Warner Bros. plans a theatrical re-relase of 2001: A Space Odyssey on New Year's Eve 2000. If you have never seen 2001 in a theatre with decent sound, you are missing an almost religious experience!
Those pictures are very detailed (and this tech is only a year or two old). Expect it to show scars and moles in a few years. But what's really scary to me is this: How long before it can show people through the walls of their homes? It's the ultimate law enforcement wet dream: all houses made out of transparent material! Reminds me of Perry Metzger's privacy parable:
http://www.clock.org/~fair/opinion/parable.html
Care to supply some evidence of that alleged inferiority? Even just saying how they're inferior would be a start. They can't all be inferior in the same way.
Dan Kaminsky writes: "Ever since RSA insisted that PGP not use its independantly developed implementations of public key technology, and rather switch to the RSA codebase, I've been unable to trust BSAFE."
Good point. If the same reasoning should lead anyone to distrust the US version of PGP, consider using PGPi, the International version of PGP (available from http://www.pgpi.com/ ). It is Open Source and includes the source code to the RSA algorithm (and everything else in PGPi, of course). Being Open Source, it's very likely not RSA's implementation of the algorithm.