I do a lot of modelling (mostly electromagnetics, not climate), but the first thing that pops into my head every time is 'how did they validate the model?' And as far as I can tell, they don't. At least, not to what I would consider a scientifically acceptable standard. Hell, give me a couple of days, and the data, and I'll come up with a model that predicts past climate to within 0.1C every year and predicts that next year will be the sudden start of a new ice age.
Oh wait, I can't. These researchers won't give anybody else the data.
Close, but not quite. ActiveX is a COM component that implements the IDispatch interface. IDispatch is a 'meta' interface that allows dynamic binding to COM objects, rather than the purely static binding that COM defines, allowing COM objects to be called from dynamic languages (like JavaScript). From a purely technological perspective, it's quite slick really, and if you've ever played around in Win32 Python you'll know what I mean.
The security problems with ActiveX was that Microsoft exposed these low-level interfaces to untrusted websites through JavaScript, opening up an enormous attack surface (as now many ActiveX objects on your system, which were never designed with security in mind, were being called from untrusted JavaScript and running under local user permissions). Worse, was allowing websites to request the installation of ActiveX objects themselves. So yeah.... clever technology but a TERRIBLE use.
The advantage of managed languages is they make it comparatively easy to build security boundaries. So yes, bad programmers shouldn't be encourged to write bad software, regardless of the language, but people are still going to write software with security flaws no matter what you do. Managed code like Java and.NET makes it easier to protect against flaws introduced by 3rd party extensions.
That being said, you don't HAVE to use managed code to create sandboxes, it just makes it easier. Since Vista windows has provided multiple integrity levels for this purpose (which IE uses) and Linux has chroot.
What's ironic is that since IE7, addons in IE are run inside IE's low-privilege jail.
Of course, that doesn't stop idiots (*cough*Adobe*cough*) from installing helper services to break their plugins out of the sandbox, and subverting all the added security.
Yes, as unpolitically correct as it may be, an active nuclear weapons program might be necessary. Complete disarmament is all well and good, and a slow loss of weapons and skills to age could be one way to accomplish that. But complete disarmament isn't worthwhile without permanent disarmament also, and I don't see how that's possible. The knowledge and technology exists, and as the general level of technology in this world increases it will only become easier to build nuclear weapons. Without permanent disarmament (which would be impossible without some form of world government), you have to accept one of these possibilities: 1. A hostile power is nuclear armed and you are not. 2. You are now racing a hostile power to rearm yourself... except they have a headstart, since you only found out they've been building weapons after their program has progressed considerably. And that in turn gives them an incentive to use their weapons before you finish yours... 3. Abandon disarmament and proactively maintain a deterrence force.
Look, the technology to build nuclear weapons is never going to go away. Until we find a technology to neuter these devices without playing deterrence/MAD games, then a continued nuclear weapons program is essential. Otherwise we are locked in a cycle of decay, and panicked rebuilding. I'd rather things be as boring as possible, even if that means the occasional underground bang.
At each iteration the thin client becomes smarter. First, the thin client was a dumb-term that sent and received characters. Then the thin client was the xterm and the citrix terminal, where the server sent drawing commands and the client sent input events. Now the server sends HTML and JavaScript and has access to local storage, and talks to the client with AJAX. So maybe it's the same thing... and maybe not. Look at how popular web-only apps like gmail, facebook, pandora, youtube, hulu, etc... are. It seems to me like a huge segment of the population has voluntarily adopted the thin-terminal already.
The thing to remember is a device like what Google is proposing is not a replacement for the desktop workstation. It's a supplement, and perhaps a replacement for the laptop.
When we talk about process creation being expensive, as opposed to thread creation, we're usually talking about it taking milliseconds rather than microseconds. From the perspective of the computer, process creation is expensive, and that means we can't use software design which relies on rapidly creating new processes, but if we're talking about the creation of a SINGLE process to service a new tab, it's absofuckinglutely irrelevant. From a user perspective, 1ms might as well be 1us. They both fall into the 'imperceptibly short' bin.
Technology like this is to retrofit buildings to resist bombings, not for new construction. Linings like this are expensive, but less expensive than rebuilding the wall. And if you ARE building a new wall from scratch, you wouldn't use masonry with a lining either, you'd use pretensioned concrete, which is impressively strong stuff.
Note quite right. The assurance IS the millions of other species of bacteria. All life is compromise, and a bacteria which mutates and becomes ultra-lethal to humans will probably be eaten by its neighbour bacteria, which is more suited for such mundane things as surviving in the soil where they live.
It's the same reason why the grey-goo scenario is silly. The earth may look beautiful and pristine, but in reality it's a shockingly hostile environment. You've got a corrosive atmosphere (full of nasty oxygen), soaked in a potent solvent (water) and it's infested by machines, tiny and small, which delight in consuming everything around them. You think Mars is a hostile environment? The rovers wouldn't have lasted a month in most of earth's biomes. We just don't notice, most of the time, because evolution (and our own intelligence and experience) has made us very, very, very good at survival.
I think that's the advantage of this system. You are never going to avoid leaks, but since computers are immersion cooled and in their own sealed boxes, they are no longer sensitive to environmental issues. At that point, leaks become an annoyance instead of an emergency.
I know it's a lot to ask, but you could just RTFA. I guess I'll be the enabler today...
Apparently it's a server-side vulnerability, but this puts users at risk since hijacking trusted websites makes it much easier to socially engineer malware onto people's computers. I.e., if gmail were to be compromised, and you login to gmail and there's a link to download some special gmail-improving program, a lot of people will download and install it, even though it was placed there by a hacker and not Google themselves.
These are implantable medical devices we're talking about. Forget DRM, to achieve the kind of world you're dreaming of would require a massive overhaul of the medical regulatory system. Personally, I question the wisdom of a world where patients can replace firmware on their medical devices with stuff they find on the internet. The medical profession frowns upon self medication for a reason.
I have no clue what OS X does, but gksudo does not. gksudo is just a graphical front end, it does not come up "in response to a task being prohibited based on a user's current account not having a right to permit the task." gksudo is in some instances called proactively and explicitly by certain programs (like gnome control center windows). But it does not transparently operate behind the scenes, elevating programs based on OS level privilege failures, as this patent describes. You are confusing proactive and explicit use with reactive and automatic use, as the patent covers.
Presenting a GUI when attempting to execute a task that requires higher permissions, is not in response to a task being prohibited. gksudo in Linux is used proactively and explicitly by the control panel. This patent covers reactive and automatic elevation based on software behavior.
Except, gksudo doesn't come up in response to a failed security authentication. gksudo comes up because the control panel knows it needs administrator permissions and explicitly calls gksudo. gksudo is not sitting around behind the scenes, watching for authentication failures.
Apparently the author at groklaw either doesn't understand patents, or doesn't understand the technology. Look at the very first claim:
One or more computer-readable media having computer-readable instructions therein that, when executed by a computing device, cause the computing device to present a user interface in response to a task being prohibited based on a user's current account not having a right to permit the task, the user interface comprising: information indicating the task and an entity that attempted the task; a selectable help graphic wherein responsive to receiving selection of the selectable help graphic, the computer-readable instructions further cause the computing device to present the information; identifiers, each of the identifiers identifying other accounts having a right to permit the task, wherein the identifiers presented are based on criteria comprising: frequency of use; association with the user; and indication of sufficient but not unlimited rights; one of the identifiers identifies a higher-rights account having a right to permit the task, wherein the one of the identifiers comprises: a graphic identifying the higher-rights accounts associated with the user; and a name of the higher-rights account; an authenticator region capable of receiving, from the user, an authenticator usable to authenticate the higher-rights account having the right to permit the task, wherein: the authenticator comprises a password, and the authenticator region comprises a data-entry field configured to receive the password.
Emphasis mine. Sudo does not do this. Thus, this patent does not cover sudo.
Fini.
Actually, since Vista even graphics drivers aren't all entirely in the kernel anymore. WDDM splits graphics drivers into two parts, a low-level realtime component which is responsible for direct interaction with the graphics card (scheduling DMA and stuff like that) and a higher-level component which does things like implement OpenGL and DirectX primitives. That's why graphics drivers can crash in Vista without taking down the entire OS: most of the driver is running in usermode.
And not just printer drivers and video drivers run in user mode. UMDF (User-mode Driver Framework) allows any device that operates over certain busses (like USB) to have a user-mode device driver.
Slashdot Mirror
Hear-hear.
I do a lot of modelling (mostly electromagnetics, not climate), but the first thing that pops into my head every time is 'how did they validate the model?' And as far as I can tell, they don't. At least, not to what I would consider a scientifically acceptable standard. Hell, give me a couple of days, and the data, and I'll come up with a model that predicts past climate to within 0.1C every year and predicts that next year will be the sudden start of a new ice age.
Oh wait, I can't. These researchers won't give anybody else the data.
Except the real story is '1999 climate model wrong: Global temperatures unchanged over past decade.'
And it's only on XP. Vista and Win7 run IE in a sandbox for extra protection (unless you are a silly person and turned that off).
Close, but not quite. ActiveX is a COM component that implements the IDispatch interface. IDispatch is a 'meta' interface that allows dynamic binding to COM objects, rather than the purely static binding that COM defines, allowing COM objects to be called from dynamic languages (like JavaScript). From a purely technological perspective, it's quite slick really, and if you've ever played around in Win32 Python you'll know what I mean.
The security problems with ActiveX was that Microsoft exposed these low-level interfaces to untrusted websites through JavaScript, opening up an enormous attack surface (as now many ActiveX objects on your system, which were never designed with security in mind, were being called from untrusted JavaScript and running under local user permissions). Worse, was allowing websites to request the installation of ActiveX objects themselves. So yeah.... clever technology but a TERRIBLE use.
The advantage of managed languages is they make it comparatively easy to build security boundaries. So yes, bad programmers shouldn't be encourged to write bad software, regardless of the language, but people are still going to write software with security flaws no matter what you do. Managed code like Java and .NET makes it easier to protect against flaws introduced by 3rd party extensions.
That being said, you don't HAVE to use managed code to create sandboxes, it just makes it easier. Since Vista windows has provided multiple integrity levels for this purpose (which IE uses) and Linux has chroot.
What's ironic is that since IE7, addons in IE are run inside IE's low-privilege jail.
Of course, that doesn't stop idiots (*cough*Adobe*cough*) from installing helper services to break their plugins out of the sandbox, and subverting all the added security.
Yes, as unpolitically correct as it may be, an active nuclear weapons program might be necessary. Complete disarmament is all well and good, and a slow loss of weapons and skills to age could be one way to accomplish that. But complete disarmament isn't worthwhile without permanent disarmament also, and I don't see how that's possible. The knowledge and technology exists, and as the general level of technology in this world increases it will only become easier to build nuclear weapons. Without permanent disarmament (which would be impossible without some form of world government), you have to accept one of these possibilities:
1. A hostile power is nuclear armed and you are not.
2. You are now racing a hostile power to rearm yourself... except they have a headstart, since you only found out they've been building weapons after their program has progressed considerably. And that in turn gives them an incentive to use their weapons before you finish yours...
3. Abandon disarmament and proactively maintain a deterrence force.
Look, the technology to build nuclear weapons is never going to go away. Until we find a technology to neuter these devices without playing deterrence/MAD games, then a continued nuclear weapons program is essential. Otherwise we are locked in a cycle of decay, and panicked rebuilding. I'd rather things be as boring as possible, even if that means the occasional underground bang.
Cool! Who signed your letter of marque?
At each iteration the thin client becomes smarter. First, the thin client was a dumb-term that sent and received characters. Then the thin client was the xterm and the citrix terminal, where the server sent drawing commands and the client sent input events. Now the server sends HTML and JavaScript and has access to local storage, and talks to the client with AJAX. So maybe it's the same thing... and maybe not. Look at how popular web-only apps like gmail, facebook, pandora, youtube, hulu, etc... are. It seems to me like a huge segment of the population has voluntarily adopted the thin-terminal already.
The thing to remember is a device like what Google is proposing is not a replacement for the desktop workstation. It's a supplement, and perhaps a replacement for the laptop.
Where does it say you can only use Google? I see no reason why you couldn't use Hotmail, Office Live and Bing, if you wanted to on such a device.
Irrelevant.
When we talk about process creation being expensive, as opposed to thread creation, we're usually talking about it taking milliseconds rather than microseconds. From the perspective of the computer, process creation is expensive, and that means we can't use software design which relies on rapidly creating new processes, but if we're talking about the creation of a SINGLE process to service a new tab, it's absofuckinglutely irrelevant. From a user perspective, 1ms might as well be 1us. They both fall into the 'imperceptibly short' bin.
Technology like this is to retrofit buildings to resist bombings, not for new construction. Linings like this are expensive, but less expensive than rebuilding the wall. And if you ARE building a new wall from scratch, you wouldn't use masonry with a lining either, you'd use pretensioned concrete, which is impressively strong stuff.
Photons have no rest mass; they have a very high energy:momentum ratio. So yes, there is some recoil, but it's insignificant.
Note quite right. The assurance IS the millions of other species of bacteria. All life is compromise, and a bacteria which mutates and becomes ultra-lethal to humans will probably be eaten by its neighbour bacteria, which is more suited for such mundane things as surviving in the soil where they live.
It's the same reason why the grey-goo scenario is silly. The earth may look beautiful and pristine, but in reality it's a shockingly hostile environment. You've got a corrosive atmosphere (full of nasty oxygen), soaked in a potent solvent (water) and it's infested by machines, tiny and small, which delight in consuming everything around them. You think Mars is a hostile environment? The rovers wouldn't have lasted a month in most of earth's biomes. We just don't notice, most of the time, because evolution (and our own intelligence and experience) has made us very, very, very good at survival.
I think that's the advantage of this system. You are never going to avoid leaks, but since computers are immersion cooled and in their own sealed boxes, they are no longer sensitive to environmental issues. At that point, leaks become an annoyance instead of an emergency.
The irony of this comment is how bad my example is. Had I RTFA better, I wouldn't have used that example.
I know it's a lot to ask, but you could just RTFA. I guess I'll be the enabler today...
Apparently it's a server-side vulnerability, but this puts users at risk since hijacking trusted websites makes it much easier to socially engineer malware onto people's computers. I.e., if gmail were to be compromised, and you login to gmail and there's a link to download some special gmail-improving program, a lot of people will download and install it, even though it was placed there by a hacker and not Google themselves.
These are implantable medical devices we're talking about. Forget DRM, to achieve the kind of world you're dreaming of would require a massive overhaul of the medical regulatory system. Personally, I question the wisdom of a world where patients can replace firmware on their medical devices with stuff they find on the internet. The medical profession frowns upon self medication for a reason.
Yeah, this 'article' doesn't seem to have any coherent point beyond 'Verizon sucks!' which makes me question the motives of the author.
I never said it was worthy of a patent. Whether it is or not, it does not cover sudo or gksudo.
I have no clue what OS X does, but gksudo does not. gksudo is just a graphical front end, it does not come up "in response to a task being prohibited based on a user's current account not having a right to permit the task." gksudo is in some instances called proactively and explicitly by certain programs (like gnome control center windows). But it does not transparently operate behind the scenes, elevating programs based on OS level privilege failures, as this patent describes. You are confusing proactive and explicit use with reactive and automatic use, as the patent covers.
Presenting a GUI when attempting to execute a task that requires higher permissions, is not in response to a task being prohibited. gksudo in Linux is used proactively and explicitly by the control panel. This patent covers reactive and automatic elevation based on software behavior.
Except, gksudo doesn't come up in response to a failed security authentication. gksudo comes up because the control panel knows it needs administrator permissions and explicitly calls gksudo. gksudo is not sitting around behind the scenes, watching for authentication failures.
One or more computer-readable media having computer-readable instructions therein that, when executed by a computing device, cause the computing device to present a user interface in response to a task being prohibited based on a user's current account not having a right to permit the task, the user interface comprising: information indicating the task and an entity that attempted the task; a selectable help graphic wherein responsive to receiving selection of the selectable help graphic, the computer-readable instructions further cause the computing device to present the information; identifiers, each of the identifiers identifying other accounts having a right to permit the task, wherein the identifiers presented are based on criteria comprising: frequency of use; association with the user; and indication of sufficient but not unlimited rights; one of the identifiers identifies a higher-rights account having a right to permit the task, wherein the one of the identifiers comprises: a graphic identifying the higher-rights accounts associated with the user; and a name of the higher-rights account; an authenticator region capable of receiving, from the user, an authenticator usable to authenticate the higher-rights account having the right to permit the task, wherein: the authenticator comprises a password, and the authenticator region comprises a data-entry field configured to receive the password.
Emphasis mine. Sudo does not do this. Thus, this patent does not cover sudo. Fini.
Actually, since Vista even graphics drivers aren't all entirely in the kernel anymore. WDDM splits graphics drivers into two parts, a low-level realtime component which is responsible for direct interaction with the graphics card (scheduling DMA and stuff like that) and a higher-level component which does things like implement OpenGL and DirectX primitives. That's why graphics drivers can crash in Vista without taking down the entire OS: most of the driver is running in usermode. And not just printer drivers and video drivers run in user mode. UMDF (User-mode Driver Framework) allows any device that operates over certain busses (like USB) to have a user-mode device driver.