It still doesn't break encryption, the encryption part is still performing exactly as it's supposed to. What's broken is the method of protecting the key, ie the means by which you "choose not to divulge the key"...
While still carrying all the legacy cruft accumulated through their various half-assed attempts to produce a "server" system by kludging up a desktop os... The latest versions may have improved, but they're still lacking in many areas and i'd rather have something thats tried, tested and well understood.
Something being crippled because it's buggy and rushed, fair enough, it happens...
Something being crippled because they went out of their way to reduce its functionality is just despicable. I never want to use software where the developers have spent their time not improving the product, but intentionally making changes which are purely detrimental to the end users. All of that development effort would have been far better spent improving the product, or fixing the bugs... Far from cost savings, they actually increase costs by intentionally spending time to develop negative functionality!
20 years is too long given modern technology... You can distribute worldwide in a matter of minutes, most media makes the vast majority of its profit in the first year and a lot stops being sold not long after that, especially if it sold on physical media as it's no longer economical to continue producing the media anymore. Unless something became massively popular, it can often be extremely difficult to obtain copies of software/movies/music/games/etc which are more than a few years old, and in some cases companies will actively pursue anyone who distributes copies even when the original distributors refuse to provide copies even to those who are willing to pay for them.
No copyright terms should be short, society should receive something in return for enforcing copyright... Why should society as a whole suffer to create an artificial market for media producers while receiving nothing in return? By the time any of today's copyrighted works fall into the public domain the vast majority of us will be dead.
Push towards fully headless servers, like virtually any unix system ever made or for that matter any os that was actually designed to be a server... Windows was not, just the fact that the entire os is named around the gui component says it all - its a workstation os first and foremost, and their "server" version is a shoddy hack job that's only now starting to even vaguely resemble a proper server os.
The luxury sandwich uses higher quality ingredients, so while it does have a higher margin it actually costs more to produce... Software on the other hand will typically have the fully featured version developed first, and then extra work is done to disable features and produce an artificially crippled version, thus the cheaper version actually cost more to produce.
I find such a practice despicable, to do extra work to make intentional changes that make the product less useful to paying customers!
Considering the install footprint of RT, and the fact the vast majority of those features will have been written in C rather than asm i'm sure they just compiled the same code and then disabled the features afterwards...
Copyright in general has become corrupted totally corrupted such that it now exists solely to benefit big copyright holders to the detriment of everyone else. When first envisaged, it was an agreement between society and content creators to allow content creators to profit in the short term while providing their work to the public domain for the benefit of society as a whole long term. A copyright term of 20 years made sense at the time, nowadays with modern distribution technology the copyright term should be shorter and yet it has been corrupted beyond belief - now it is extremely unlikely that anyone who was around when something was first released is going to still be alive when it falls into the public domain, and there might not even be any readable copies left by then either.
IMAP does have a push system, see http://en.wikipedia.org/wiki/IMAP_IDLE and there is also something called P-IMAP although that is far less widely supported.
Activesync works in much the same way, it sends a sleep request and the server then doesn't respond until it has some data to send.
Guns are illegal in most countries, and yet shootings still happen... It's possible to buy things on the black market (guns, drugs etc) almost anywhere. If you make guns illegal, then only criminals will have guns.
Well he works for Nokia, so chances are he would have been out of a job soon anyway.
On the other hand, piracy has usually been good for the underlying platform, perhaps MS/Nokia are doing this as a way to encourage piracy and thus attract more users to the platform.
Given how easy the hack was, perhaps this was their intention all along only their platform proved so unpopular that noone ever bothered trying.
There are several different hacks for the xbox 360, the most popular of which is the "jtag hack"... People wanting to copy games emulate the DVD however because its harder to detect, and thus less likely to get banned from xbox live.
If you're capable of reverse engineering the program itself, then you are also capable of reverse engineering the program that decrypts it so you can extract the keys anyway. Encryption would never be more than a minor nuisance for someone wanting to reverse engineer programs.
I think not a lot, but I suppose it's relative. I'd rather walk or use a bicycle. Both are far more peaceful, both are good exercise, both can be done on a bike path devoid of CO fumes, & etc.
Here that's not practical, I live in a relatively hilly area and often need to travel considerable distances or carry significant quantities of goods... Although i will often walk to the local grocery shop and back (1.3 miles, all downhill to the shop and up hill on the way back carrying the goods) much more than that isn't really practical and i only walk to the shop if i have relatively little to buy (which means i end up going almost daily to buy a day's worth of food).
We don't have any bike paths devoice of fumes, we have some bus and cycle lanes which are adjacent to normal traffic lanes, and the buses tend to be even more dangerous than cars while pumping out considerably more fumes... And being on a bike increases your breathing rate, causing you to inhale more of the fumes. I also suffer from asthma, which severely impacts my ability to ride a bike, especially considering the fumes from vehicles. When riding on the regular road, it's even more dangerous... You have traffic travelling at high speeds, many of the hills around here have roads with a legal speed limit of 60mph, when a bike travelling up the hill may be doing 10mph, a significant difference in speed which makes bike riders a significant hindrance to traffic.
I used to ride a lot, when i lived in areas where it was practical to do so, but i still had a car for certain journeys where riding a bike was not practical.
They aren't stopping you from using the hardware you want, they are just making available a ready made device that is guaranteed to be compatible... Buying and using a gaming PC currently requires a relatively high level of knowledge, you need to know about the hardware and different models, you need to mess around with driver installations and updates etc, and also deal with conflicts between background software and differing drm schemes. You still have the option of doing this, but for the vast majority of people who have no interest in doing this a steambox provides an easy route and should expand pc gaming to a much larger market.
What they need to do is provide control method flexibility... I generally prefer consoles, but certain classes of games are difficult to play with regular controllers, a keyboard and mouse would work much better - and there is no reason that today's consoles couldn't support USB keyboards and mice but many games seem to ignore them.
And even more things where a serial console server is a lot faster... I don't even enter the server room unless i need to fix a hardware fault, the idea of standing in a cold noisy server room operating a touchscreen or slide out keyboard is riduculous! In fact, the servers are a good hour's worth of travel away from me and i haven't been there since new year's eve last year (when we moved stuff from another location to minimise disruption).
Updates also become somewhat easier on a dedicated system, since you only have the packages you require installed there is a lot less that requires updating...
On the other hand being a linux based device it could be used for other purposes should you want to... One of the key selling points of the Amiga, especially for parents was that not only was the system able to direct boot into games like a console (which kept the kids happy), but it could also be used to learn, do your homework and write programs etc - which kept the parents happy. This was the stated reason why my parents bought me one anyway.
Too many configurations... There are literally thousands of possible configurations, and each game has its own slightly different set of system requirements . Each combination of game vs hardware can have its own set of quirks that affect gameplay.
To be fair, Hillingdon council seem to be fairly reasonable... You get 30 minutes free in all the council operated car parks, and local residents (ie those who are paying their council tax to this council) get fairly significant discounts.
Council parking enforcement in general however, is one of the biggest factors killing high streets... If parking within range of the high street shops is expensive or difficult, then people will happily drive to the out of town shopping centres who provide large free car parks.
For many cases, shopping without a car is simply impractical. You can't buy as much (since you can't carry it) so you have to go more often - which is made even worse because the journeys on public transport usually take longer (plus time waiting for bus/train to turn up), and there are certain large/heavy things you cannot buy at all. You have to buy small quantities which are generally more expensive, as buying in bulk would be too difficult to take home etc, and you are generally limited to the selection of shops that you can reach easily by direct bus/train routes, as having to change would significantly increase the journey time and render the trip even more impractical.
Wether you drive or not, those things that affect drivers also affect you...
Dangerous drivers can hit or disrupt buses, pedestrians or cyclists... Dangerous pedestrians and cyclists can also cause problems which disrupt drivers... Goods you buy are almost always delivered by trucks which travel on public roads... Goods you order will be delivered via the public roads... Contractors you employ to do work on your behalf will almost always travel by road, especially if they need to carry tools etc. Increased fuel prices will affect the goods and services you buy. Wasting life away in a freeway parking lot is no worse than wasting life away in a delayed train, bus or aircraft, infact it's usually much better because you're more comfortable.
How much do you sacrifice by not driving? Driving is not an addiction, it's a quality of life issue... I simply couldn't do half the things i do if i had to use public transport, or i would spend significantly more time sitting in discomfort or paying taxi fares etc. A particular restaurant i like eating at for instance, is 15-30 mins away by car (depending on traffic) or 2.5 hours minimum by train, and i generally like to eat at night (and the trains don't operate very late).
All my sites have ipv6 availability too, and i get a surprising number of hits from v6 users... Quite a few isps seem to provide v6 by default now, and the users are generally not even aware that they have it.
1 try on the system at all? 1 try per username? 1 try per source address?
If per user then they will just try thousands of usernames at once using the most common passwords. If per system then you cant scale to many users or legit users would have to wait a long time before they can log in.
Don't block accounts, ever... This causes inconvenience for the legitimate user of the account, and gives the attacker a trivial avenue for causing intentional disruption - if i know your username, i can lock your account out continuously causing you a major headache.
Also for any target of a significant size you don't try thousands of passwords against 1 username... You try 1 password (theregister published a list of the most common passwords a couple of days ago - start there) against thousands of usernames... If you are locking based on individual accounts then such an attack wouldnt trigger the locking, but on a system of any size is likely to yield successful results.
Instead, block and/or throttle the source of the attack!
If a windows box is trying to connect to you (ie single sign on so it tries to auth to you), you don't need to trick it into sending the lanman pass, you can just reflect it back (google: metasploit smb_relay). But your talking about the network level NTLM, not the hash stored on disk. You can indeed try to brute force the NTLM challenges, if you wanted to.
You can brute force NTLM hashes (the disk stored kind) easily, the hashing itself is very weak compared to anything used on unix for many years.
On the other hand, you can exploit a design flaw in the aforementioned network authentication protocols which let you use the hash for authentication (google: pass the hash) - that is you don't need to bother cracking it at all, just use it.
As for where you get hashes.... Backups. Local admin hashes on workstations etc (usually they are all the same on a large organisation) From memory when users are logged in which includes service accounts (google: gsecdump) or you can even extract the plaintext (google: mimikatz)
Typically you only need to find a single insecure system and you will be able to compromise an entire domain within minutes, even when most machines are fully updated and/or hardened.
Slashdot Mirror
It still doesn't break encryption, the encryption part is still performing exactly as it's supposed to.
What's broken is the method of protecting the key, ie the means by which you "choose not to divulge the key"...
While still carrying all the legacy cruft accumulated through their various half-assed attempts to produce a "server" system by kludging up a desktop os... The latest versions may have improved, but they're still lacking in many areas and i'd rather have something thats tried, tested and well understood.
Something being crippled because it's buggy and rushed, fair enough, it happens...
Something being crippled because they went out of their way to reduce its functionality is just despicable. I never want to use software where the developers have spent their time not improving the product, but intentionally making changes which are purely detrimental to the end users.
All of that development effort would have been far better spent improving the product, or fixing the bugs... Far from cost savings, they actually increase costs by intentionally spending time to develop negative functionality!
20 years is too long given modern technology... You can distribute worldwide in a matter of minutes, most media makes the vast majority of its profit in the first year and a lot stops being sold not long after that, especially if it sold on physical media as it's no longer economical to continue producing the media anymore.
Unless something became massively popular, it can often be extremely difficult to obtain copies of software/movies/music/games/etc which are more than a few years old, and in some cases companies will actively pursue anyone who distributes copies even when the original distributors refuse to provide copies even to those who are willing to pay for them.
No copyright terms should be short, society should receive something in return for enforcing copyright... Why should society as a whole suffer to create an artificial market for media producers while receiving nothing in return? By the time any of today's copyrighted works fall into the public domain the vast majority of us will be dead.
Push towards fully headless servers, like virtually any unix system ever made or for that matter any os that was actually designed to be a server... Windows was not, just the fact that the entire os is named around the gui component says it all - its a workstation os first and foremost, and their "server" version is a shoddy hack job that's only now starting to even vaguely resemble a proper server os.
The luxury sandwich uses higher quality ingredients, so while it does have a higher margin it actually costs more to produce...
Software on the other hand will typically have the fully featured version developed first, and then extra work is done to disable features and produce an artificially crippled version, thus the cheaper version actually cost more to produce.
I find such a practice despicable, to do extra work to make intentional changes that make the product less useful to paying customers!
Considering the install footprint of RT, and the fact the vast majority of those features will have been written in C rather than asm i'm sure they just compiled the same code and then disabled the features afterwards...
The law itself is disproportionate...
Copyright in general has become corrupted totally corrupted such that it now exists solely to benefit big copyright holders to the detriment of everyone else. When first envisaged, it was an agreement between society and content creators to allow content creators to profit in the short term while providing their work to the public domain for the benefit of society as a whole long term.
A copyright term of 20 years made sense at the time, nowadays with modern distribution technology the copyright term should be shorter and yet it has been corrupted beyond belief - now it is extremely unlikely that anyone who was around when something was first released is going to still be alive when it falls into the public domain, and there might not even be any readable copies left by then either.
IMAP does have a push system, see http://en.wikipedia.org/wiki/IMAP_IDLE and there is also something called P-IMAP although that is far less widely supported.
Activesync works in much the same way, it sends a sleep request and the server then doesn't respond until it has some data to send.
Guns are illegal in most countries, and yet shootings still happen... It's possible to buy things on the black market (guns, drugs etc) almost anywhere.
If you make guns illegal, then only criminals will have guns.
Well he works for Nokia, so chances are he would have been out of a job soon anyway.
On the other hand, piracy has usually been good for the underlying platform, perhaps MS/Nokia are doing this as a way to encourage piracy and thus attract more users to the platform.
Given how easy the hack was, perhaps this was their intention all along only their platform proved so unpopular that noone ever bothered trying.
There are several different hacks for the xbox 360, the most popular of which is the "jtag hack"... People wanting to copy games emulate the DVD however because its harder to detect, and thus less likely to get banned from xbox live.
If you're capable of reverse engineering the program itself, then you are also capable of reverse engineering the program that decrypts it so you can extract the keys anyway. Encryption would never be more than a minor nuisance for someone wanting to reverse engineer programs.
I think not a lot, but I suppose it's relative. I'd rather walk or use a bicycle. Both are far more peaceful, both are good exercise, both can be done on a bike path devoid of CO fumes, & etc.
Here that's not practical, I live in a relatively hilly area and often need to travel considerable distances or carry significant quantities of goods... Although i will often walk to the local grocery shop and back (1.3 miles, all downhill to the shop and up hill on the way back carrying the goods) much more than that isn't really practical and i only walk to the shop if i have relatively little to buy (which means i end up going almost daily to buy a day's worth of food).
We don't have any bike paths devoice of fumes, we have some bus and cycle lanes which are adjacent to normal traffic lanes, and the buses tend to be even more dangerous than cars while pumping out considerably more fumes... And being on a bike increases your breathing rate, causing you to inhale more of the fumes. I also suffer from asthma, which severely impacts my ability to ride a bike, especially considering the fumes from vehicles.
When riding on the regular road, it's even more dangerous... You have traffic travelling at high speeds, many of the hills around here have roads with a legal speed limit of 60mph, when a bike travelling up the hill may be doing 10mph, a significant difference in speed which makes bike riders a significant hindrance to traffic.
I used to ride a lot, when i lived in areas where it was practical to do so, but i still had a car for certain journeys where riding a bike was not practical.
They aren't stopping you from using the hardware you want, they are just making available a ready made device that is guaranteed to be compatible... Buying and using a gaming PC currently requires a relatively high level of knowledge, you need to know about the hardware and different models, you need to mess around with driver installations and updates etc, and also deal with conflicts between background software and differing drm schemes. You still have the option of doing this, but for the vast majority of people who have no interest in doing this a steambox provides an easy route and should expand pc gaming to a much larger market.
What they need to do is provide control method flexibility... I generally prefer consoles, but certain classes of games are difficult to play with regular controllers, a keyboard and mouse would work much better - and there is no reason that today's consoles couldn't support USB keyboards and mice but many games seem to ignore them.
And even more things where a serial console server is a lot faster...
I don't even enter the server room unless i need to fix a hardware fault, the idea of standing in a cold noisy server room operating a touchscreen or slide out keyboard is riduculous! In fact, the servers are a good hour's worth of travel away from me and i haven't been there since new year's eve last year (when we moved stuff from another location to minimise disruption).
Updates also become somewhat easier on a dedicated system, since you only have the packages you require installed there is a lot less that requires updating...
On the other hand being a linux based device it could be used for other purposes should you want to... One of the key selling points of the Amiga, especially for parents was that not only was the system able to direct boot into games like a console (which kept the kids happy), but it could also be used to learn, do your homework and write programs etc - which kept the parents happy. This was the stated reason why my parents bought me one anyway.
Too many configurations... There are literally thousands of possible configurations, and each game has its own slightly different set of system requirements . Each combination of game vs hardware can have its own set of quirks that affect gameplay.
To be fair, Hillingdon council seem to be fairly reasonable... You get 30 minutes free in all the council operated car parks, and local residents (ie those who are paying their council tax to this council) get fairly significant discounts.
Council parking enforcement in general however, is one of the biggest factors killing high streets... If parking within range of the high street shops is expensive or difficult, then people will happily drive to the out of town shopping centres who provide large free car parks.
For many cases, shopping without a car is simply impractical. You can't buy as much (since you can't carry it) so you have to go more often - which is made even worse because the journeys on public transport usually take longer (plus time waiting for bus/train to turn up), and there are certain large/heavy things you cannot buy at all. You have to buy small quantities which are generally more expensive, as buying in bulk would be too difficult to take home etc, and you are generally limited to the selection of shops that you can reach easily by direct bus/train routes, as having to change would significantly increase the journey time and render the trip even more impractical.
Wether you drive or not, those things that affect drivers also affect you...
Dangerous drivers can hit or disrupt buses, pedestrians or cyclists...
Dangerous pedestrians and cyclists can also cause problems which disrupt drivers...
Goods you buy are almost always delivered by trucks which travel on public roads...
Goods you order will be delivered via the public roads...
Contractors you employ to do work on your behalf will almost always travel by road, especially if they need to carry tools etc.
Increased fuel prices will affect the goods and services you buy.
Wasting life away in a freeway parking lot is no worse than wasting life away in a delayed train, bus or aircraft, infact it's usually much better because you're more comfortable.
How much do you sacrifice by not driving? Driving is not an addiction, it's a quality of life issue... I simply couldn't do half the things i do if i had to use public transport, or i would spend significantly more time sitting in discomfort or paying taxi fares etc. A particular restaurant i like eating at for instance, is 15-30 mins away by car (depending on traffic) or 2.5 hours minimum by train, and i generally like to eat at night (and the trains don't operate very late).
All my sites have ipv6 availability too, and i get a surprising number of hits from v6 users... Quite a few isps seem to provide v6 by default now, and the users are generally not even aware that they have it.
1 try on the system at all?
1 try per username?
1 try per source address?
If per user then they will just try thousands of usernames at once using the most common passwords. If per system then you cant scale to many users or legit users would have to wait a long time before they can log in.
Don't block accounts, ever...
This causes inconvenience for the legitimate user of the account, and gives the attacker a trivial avenue for causing intentional disruption - if i know your username, i can lock your account out continuously causing you a major headache.
Also for any target of a significant size you don't try thousands of passwords against 1 username... You try 1 password (theregister published a list of the most common passwords a couple of days ago - start there) against thousands of usernames... If you are locking based on individual accounts then such an attack wouldnt trigger the locking, but on a system of any size is likely to yield successful results.
Instead, block and/or throttle the source of the attack!
No and no...
If a windows box is trying to connect to you (ie single sign on so it tries to auth to you), you don't need to trick it into sending the lanman pass, you can just reflect it back (google: metasploit smb_relay). But your talking about the network level NTLM, not the hash stored on disk. You can indeed try to brute force the NTLM challenges, if you wanted to.
You can brute force NTLM hashes (the disk stored kind) easily, the hashing itself is very weak compared to anything used on unix for many years.
On the other hand, you can exploit a design flaw in the aforementioned network authentication protocols which let you use the hash for authentication (google: pass the hash) - that is you don't need to bother cracking it at all, just use it.
As for where you get hashes....
Backups.
Local admin hashes on workstations etc (usually they are all the same on a large organisation)
From memory when users are logged in which includes service accounts (google: gsecdump) or you can even extract the plaintext (google: mimikatz)
Typically you only need to find a single insecure system and you will be able to compromise an entire domain within minutes, even when most machines are fully updated and/or hardened.