As opposed to how graphics drivers are security issue now?
Graphic cards can DMA memory and GPU can access pretty much any physical memory in the system (as long as it is visible via PCI bus). There is no simple fix for that but there are certain security features already available on graphics cards. Go read radeon Linux kernel sources, look at the command buffer parser (linux/drivers/gpu/drm/radeon/r600_cs.c for instance) that verifies that graphic card only accesses memory that belongs to it.
Also, there was some driver exploit in signed Windows graphics drivers that allowed loading unsigned code into windows kernel.
Because Motorola Backflip they have is such a lame excuse for a phone that it doesn't count. I doubt this will change significantly while they have iPhone exclusivity. And if they will ever have any good phone they will definitely spoil it with installing their AT&T crapware. If anyone thinks that preloaded software on PCs is bad, they have never seen crap that AT&T installs on their phones.
Actually, phone with a rootkit is a very serious problem. Lots of people DO BANKING on their phones, and check emails, and do all kinds of stuff. So their financial and personal information is at risk. Also, from all phone operating systems out there Android seems to be the safest choice because of the fact that all apps run in their sandboxes and they are just bytecode executed by VM. But then there is native SDK too, So I guess apps that use NDK would have it easier to root the phone. I think a real problem for phones (and PCs) is a simple question of trusting the applications you install. It does not matter whether you download it from the web, or install from app store. It does not matter whether it goes through Apple approval or more lax Google app store. The app may just do little more than what it says it does and send your important information somewhere. There is no test that would prevent it. Even though the apps could be revoked it is going to be too late. The only possible solution is to have application source code available for review and applications compiled from source. And that is why we need Gentoo for phones.
From TFA: "The rootkit could also track a victim's location or even reroute his browser to a malicious Web site." Really? And then what? The malicious website will install another worse rootkit? It has rootkit! The phone is compromised, all the information you have on it is potentially leaked and the phone doesn't belong to your carrier anymore (it never belonged to you, you realize that, right?) it belongs to the rootkit operator. The only cure is to either flash it with fresh OS or burn it with fire.
Somebody will try to switch. And he/she will feel the pain trying to unstick from Apple. Some people will stay because the pain will be too great or they will not care that much. And others will get pissed off. Very pissed off. And I bet they will never come back. My cost of rebuying my wife's music collection on Amazon was around $60, fortunately the rest was on CDs. (And no, recoding it with these programs that fake burning to a CD is not good option although she would probably not know any difference).
None of Mozilla Foundation programs are light or fast. They never were. The XPCOM architecture and Chrome JS UI make sure of that. The only things FF has going for it is some degree of portability and the fact that lots of websites support it as the "other browser" than IE, and no built in spying like Chrome Browser.
And don't get me started on Firefox mobile. The WinMo alpha releases were a joke - on 600+MHz Samsung Epix the UI was unresponsive and the only way to exit it was to reset the phone. I am afraid to install it on my Nexus One now.
My buddy has several of IBM T221/T221 and Viewsonic displays (they are sometimes available on eBay) and Electronic CAD programs look awesome on them. Google Earth (registered version) looks gorgeous. You can look at 6MP photos without any scaling, and they look better than on paper. 2 pages side by side of PDF look about right on such display and pretty much look like paper. SupCom and TA looks and plays great. UT2004 works on it as well, looks great. BTW, if you have 200dpi then FSAA is not necessary anymore, it is just a crutch for poor people with crappy monitors. They are also heap of trouble since they have 4 single link DVI inputs and some insane configurations because of that. (For instance one monitor shows as two 1920x2400 monitors etc). I am quite happy with my 30" Dell but I would be much happier if it was 200dpi. Especially that my dSLR is 14MP so I cannot even see the pictures without scaling.
Even R300 which was released in 2002 has bits to turn gamma and degamma on on textures and AA resolve. See here http://www.x.org/docs/AMD/R3xx_3D_Registers.pdf and search for gamma.
in cross-platform project is to force everyone to use spaces only. The shit that happens to code with tabs that get edited on unix and windows and different editors make the text to travel towards the right side of screen at exponentially increasing speeds. Add some retarded editors and direct copying of sources between unix and windows without going through source control system that converts line endings and you will also have empty lines being added as well. The end result is 1/100 ratio between code and whitespace. Hello from the trenches;-)
I completely agree with the guy. We need more specialized devices. Unfortunately clothing manufacturers are not keeping up with the number of pockets required for them but they will see the light. Look at my gadget bag, its perfect, cell phone, Peek, Twitterpeek, Celio Redfly, iPod touch, Epson photo viewer, Canon ELPH digital camera and EeePC. I can't wait for Peek to release Facepeek for Facebook! I am also looking for Palm Fooleo on eBay. I dont understand why they have cancelled this device. It would be great seller and would help Palm much more than stupid Pre and WebOS. I really need to buy more crappy ARM powered one function devices because my bag looks empty. Ian Drew, than you for your vision of the future, I can't wait!
http://thekelleys.org.uk/dnsmasq/doc.html You can fix the nxdomain stuff in dnsmasq config. And you can configure it to use certain dns server for specified domains so for instance everything with.mycompany.com will go directly to your internal dns server. Since it is also doing DNS caching as a bonus your subsequent dns queries will be faster. Also you can give it hosts files with advert server domain names so you can block ads at dns level too. Also, it can act as DHCP server and use DHCP lease information for DNS resolving in local network. win-win-win-win;-)
Down to crappy rescaled graphics. I actually bought it and it plays just the same as my PS1 FFT which works just fine under emulator on PSP. So there I have paid twice for FFT;-) I find FFTA on GBA Micro much more fun though.
Now what is cool on PSP is Patapon and Loco Roco.
Also the simple fix for stupid UMD and battery life is to run all the games from MS.
Also, Soul Edge (Sould Blade) is an awesome 15 minutes at a time game. (Again, PS1 game).
Not for games. But the same Win2K system I have installed in 2000 still lives on. It has been ghosted between 8GB->20GB->40GB->120GB->250GB drives, then moved into dual hardware profile vmware/real system, then real hardware profile was deleted and it only lives in VM shrunk back to 40GB virtual disk file living on my 1.5TB RAID5 linux partition. And it still works just fine, dual booting Win98 DOS 7.0 and Win2K and I could still able to run all my Turbo Pascal crap back from 1990.
Now please someone explain to me what is so special about WinXP SP3 that Firefox really needs to work correctly? This reminds me foobar2000 when they dropped Win2K suport as well because of some lame excuse about some win api function.
The way these companies are trying to find winning combinations in the market is very simple, they iterate through 2,3,4-dimensional space of gadget combinations. Righ now it seems they are at stage 3, combining 3 things together for instance usb-mouse/heater/skype handset. It is just their way of "innovation", they have almost infinite resources - money, people, factories so they try different combinations. Kind of like brute-forcing crypto key instead of finding weakness in algorithm.
Slashdot Mirror
As opposed to how graphics drivers are security issue now?
Graphic cards can DMA memory and GPU can access pretty much any physical memory in the system (as long as it is visible via PCI bus). There is no simple fix for that but there are certain security features already available on graphics cards. Go read radeon Linux kernel sources, look at the command buffer parser (linux/drivers/gpu/drm/radeon/r600_cs.c for instance) that verifies that graphic card only accesses memory that belongs to it.
Also, there was some driver exploit in signed Windows graphics drivers that allowed loading unsigned code into windows kernel.
Because Motorola Backflip they have is such a lame excuse for a phone that it doesn't count.
I doubt this will change significantly while they have iPhone exclusivity.
And if they will ever have any good phone they will definitely spoil it with installing their AT&T crapware. If anyone thinks that preloaded software on PCs is bad, they have never seen crap that AT&T installs on their phones.
Actually, phone with a rootkit is a very serious problem. Lots of people DO BANKING on their phones, and check emails, and do all kinds of stuff. So their financial and personal information is at risk.
Also, from all phone operating systems out there Android seems to be the safest choice because of the fact that all apps run in their sandboxes and they are just bytecode executed by VM.
But then there is native SDK too, So I guess apps that use NDK would have it easier to root the phone.
I think a real problem for phones (and PCs) is a simple question of trusting the applications you install. It does not matter whether you download it from the web, or install from app store. It does not matter whether it goes through Apple approval or more lax Google app store. The app may just do little more than what it says it does and send your important information somewhere. There is no test that would prevent it. Even though the apps could be revoked it is going to be too late.
The only possible solution is to have application source code available for review and applications compiled from source.
And that is why we need Gentoo for phones.
From TFA: "The rootkit could also track a victim's location or even reroute his browser to a malicious Web site."
Really? And then what? The malicious website will install another worse rootkit?
It has rootkit! The phone is compromised, all the information you have on it is potentially leaked and the phone doesn't belong to your carrier anymore (it never belonged to you, you realize that, right?) it belongs to the rootkit operator. The only cure is to either flash it with fresh OS or burn it with fire.
Somebody will try to switch.
And he/she will feel the pain trying to unstick from Apple.
Some people will stay because the pain will be too great or they will not care that much.
And others will get pissed off. Very pissed off.
And I bet they will never come back.
My cost of rebuying my wife's music collection on Amazon was around $60, fortunately the rest was on CDs. (And no, recoding it with these programs that fake burning to a CD is not good option although she would probably not know any difference).
None of Mozilla Foundation programs are light or fast. They never were. The XPCOM architecture and Chrome JS UI make sure of that. The only things FF has going for it is some degree of portability and the fact that lots of websites support it as the "other browser" than IE, and no built in spying like Chrome Browser.
And don't get me started on Firefox mobile. The WinMo alpha releases were a joke - on 600+MHz Samsung Epix the UI was unresponsive and the only way to exit it was to reset the phone. I am afraid to install it on my Nexus One now.
It's gonna be double winner this way.
That is what they mean by double down!
My buddy has several of IBM T221/T221 and Viewsonic displays (they are sometimes available on eBay) and
Electronic CAD programs look awesome on them.
Google Earth (registered version) looks gorgeous.
You can look at 6MP photos without any scaling, and they look better than on paper.
2 pages side by side of PDF look about right on such display and pretty much look like paper.
SupCom and TA looks and plays great.
UT2004 works on it as well, looks great. BTW, if you have 200dpi then FSAA is not necessary anymore, it is just a crutch for poor people with crappy monitors.
They are also heap of trouble since they have 4 single link DVI inputs and some insane configurations because of that. (For instance one monitor shows as two 1920x2400 monitors etc).
I am quite happy with my 30" Dell but I would be much happier if it was 200dpi. Especially that my dSLR is 14MP so I cannot even see the pictures without scaling.
Even R300 which was released in 2002 has bits to turn gamma and degamma on on textures and AA resolve. See here http://www.x.org/docs/AMD/R3xx_3D_Registers.pdf and search for gamma.
in cross-platform project is to force everyone to use spaces only. ;-)
The shit that happens to code with tabs that get edited on unix and windows and different editors make the text to travel towards the right side of screen at exponentially increasing speeds.
Add some retarded editors and direct copying of sources between unix and windows without going through source control system that converts line endings and you will also have empty lines being added as well.
The end result is 1/100 ratio between code and whitespace.
Hello from the trenches
I always thought it was the Engadget that made Palm shitcan Foleo http://www.engadget.com/2007/09/04/palm-kills-the-foleo-dead/
Also, dear AC, please check your TCP/IP stack, it seems that you are not getting the irony side-channel on your connection.
I completely agree with the guy. We need more specialized devices. Unfortunately clothing manufacturers are not keeping up with the number of pockets required for them but they will see the light.
Look at my gadget bag, its perfect, cell phone, Peek, Twitterpeek, Celio Redfly, iPod touch, Epson photo viewer, Canon ELPH digital camera and EeePC. I can't wait for Peek to release Facepeek for Facebook!
I am also looking for Palm Fooleo on eBay. I dont understand why they have cancelled this device. It would be great seller and would help Palm much more than stupid Pre and WebOS.
I really need to buy more crappy ARM powered one function devices because my bag looks empty. Ian Drew, than you for your vision of the future, I can't wait!
This thing is probably worse than some rootkits.
http://en.wikipedia.org/wiki/Infectious_mononucleosis
http://thekelleys.org.uk/dnsmasq/doc.html .mycompany.com will go directly to your internal dns server. ;-)
You can fix the nxdomain stuff in dnsmasq config.
And you can configure it to use certain dns server for specified domains so for instance everything with
Since it is also doing DNS caching as a bonus your subsequent dns queries will be faster.
Also you can give it hosts files with advert server domain names so you can block ads at dns level too.
Also, it can act as DHCP server and use DHCP lease information for DNS resolving in local network.
win-win-win-win
Down to crappy rescaled graphics. ;-) I find FFTA on GBA Micro much more fun though.
I actually bought it and it plays just the same as my PS1 FFT which works just fine under emulator on PSP. So there I have paid twice for FFT
Now what is cool on PSP is Patapon and Loco Roco.
Also the simple fix for stupid UMD and battery life is to run all the games from MS.
Also, Soul Edge (Sould Blade) is an awesome 15 minutes at a time game. (Again, PS1 game).
Not for games. But the same Win2K system I have installed in 2000 still lives on. It has been ghosted between 8GB->20GB->40GB->120GB->250GB drives, then moved into dual hardware profile vmware/real system, then real hardware profile was deleted and it only lives in VM shrunk back to 40GB virtual disk file living on my 1.5TB RAID5 linux partition. And it still works just fine, dual booting Win98 DOS 7.0 and Win2K and I could still able to run all my Turbo Pascal crap back from 1990.
Now please someone explain to me what is so special about WinXP SP3 that Firefox really needs to work correctly? This reminds me foobar2000 when they dropped Win2K suport as well because of some lame excuse about some win api function.
Take any linux binary compiled 10 years ago and run it today on a shipping kernel. Oh wait... you can't.
Sure I can! This is probably the oldest binary app that I have and coincidentally it was compiled more than 10 years ago.
root@damage:/usr/local/games/quake#ls -al quake.x11
-rwxr-xr-x 1 root root 427892 Feb 10 1999 quake.x11
root@damage:/usr/local/games/quake#uname -a
Linux damage 2.6.26.8 #1 SMP PREEMPT Mon Dec 22 02:52:09 PST 2008 x86_64 Dual Core AMD Opteron(tm) Processor 285 AuthenticAMD GNU/Linux
root@damage:/usr/local/games/quake#date
Tue Mar 10 22:28:41 PDT 2009
root@damage:/usr/local/games/quake#./quake.x11
Added packfile ./id1/pak0.pak (339 files) ./id1/pak1.pak (85 files) ./id1/pak1.pak : gfx/pop.lmp ./id1/pak0.pak : gfx.wad ....
Added packfile
PackFile:
Playing registered version.
PackFile:
Console initialized.
UDP Initialized
Exe: 14:08:23 Jan 25 1999
8.0 megabyte heap
and so on
http://www.dealextreme.com/
http://www.chinavasion.com/
http://www.epathchina.com/
and of course, eBay
The way these companies are trying to find winning combinations in the market is very simple, they iterate through 2,3,4-dimensional space of gadget combinations.
Righ now it seems they are at stage 3, combining 3 things together for instance usb-mouse/heater/skype handset.
It is just their way of "innovation", they have almost infinite resources - money, people, factories so they try different combinations.
Kind of like brute-forcing crypto key instead of finding weakness in algorithm.
NT
read more about it http://en.wikipedia.org/wiki/Infectious_mononucleosis
Get over it.
You real problem is that your company "IP" (designs, whatever) will show up at those every other shops,
And you will not be able to do anything about it.
So why do you want to try?
And I don't mean the shipping company.