I wonder how far I'll have to read before some self-important idiot ... defends the/. herd's POV?
First off, get a clue about the rules. 'We' don't get a say in sentencing. That is the sole purview of *judges*, subject to minimum sentences and established guidelines, so what 'we' might or might not seek in terms of settlements / enforcements is pretty much out of context.
Second, the effective arm of 'we' wrt the GPL is Eben Moglen who is quite clear in his discussion of strategy which is to have FSF work with offenders *outside of court*. That's a resource decision, as soon as you step inside a courtroom the costs go up exponentially. Moglen is also very clear on his success rate, and says he's acheived 100% compliance in the cases they've chosen to bite off without ever entering a courtroom.
Third, the point between the lines is that the/. herd by and large isn't doing crap toward anything except commenting from the sidelines, and also by and large doesn't know crap about either the details of IP law or the workings of the legal / court systems.
Lastly, you're welcome to think my points are those of a 'moron' (tho of course you've failed as far as I can see to make a substantive counter-argument.
When I say 'expect more of the same' consider that anyone in the US who does not have a locksmithing license may be arrested in most jurisdictions on either felony or misdemeanor charges for mere posession of lockpicks. -- This in spite of the objective reality that virtually no crimes/burglaries are committed using lockpicks -- burglars uniformly prefer to simply break the lock/door.
Those who have a hobby of picking locks are today in pretty much the same position of people who use software to: rip copyright material, perform network analysis/forensics/password cracking [...] (Yes, more than one sysadmin has faced criminal/felony charges for pro-actively applying password cracking tools to find weak passwords or sniffing network traffic without proper authorization.
As far as software tools are concerned today there aren't many rules in place, many that are are not all that well written and that leaves very much indeed of the law in the hands / discretion of prosecutors and judges.
I'm not real hopeful that good laws will be written, but I'm also damned well sure that the many people who indeed like to draw a (usually poorly defined) line between free software politics / law / ethics in trying to justify theft of copyright entertainment material are sure as hell not helping inform the views of legislators (or prosecutors, judges, juries). Which in turn has the tendency to make a public opinion hole the size of a mack truck for *owners* of entertainment copyright material to push their agendas.
In so far as I'm a good enough coder to not *need* to lift other people's work, (and wouldn't be caught dead dicking around with JS) and on those instances where I do use other's code I license / attribute appropriately....
The frequency instabilities of multiple free running oscillators. This approach is the basis of the VIA PadLock RNG approach. While implemented differently than the resistor based approach, ultimately, the source of randomness is the same.
Well this is *Via's statement* and sounds to me more like a 'Lorenz attractor' - based system.
From the Via-paid Cryptography Research 'preliminary evaluation' http://www.via.com.tw/en/viac3/via_c3_padlock_eval uation.pdf:
(start at section 2.2 'Sources of Randomness'):
Quantum Phenomena. Devices have been specifically designed to translate quantum-mechanical uncertainty into random digits, typically harnessing radioactive decay
...
Thermal Noise. Excluding quantum mechanics, the behavior of physical systems is
deterministic (e.g. given a complete description of a system, one can compute its future
behavior). While this appears to make random number generation impossible, the fact
that matter is composed of particles endowed with disorganized thermal motion makes it
impossible, for practical purposes, to achieve a complete description of a system.
Accordingly, the places where thermal motion affects a circuit's behavior offer sources of
effective randomness.
So we are looking at systems which fall short of the 'Qantum' methods of making RNGs - according to Via's own consultant -- The then reduces to the following approach:
Section 3.1 - Entropy Source
The RNG hardware comprises two parts: a raw-bit generator that serves as an entropy
source and digital post-processing circuitry. The raw-bit generator produces
somewhat
random bits which the design assumes will have imperfect statistical properties.my emphasis The
post-processing circuitry then uses "whitening" and bit discarding to improve the
statistical properties of the imperfect random bits.
...
Raw bits are generated by using a slow freewheeling oscillator (configured by bias inputs
to 20-68 MHz) to clock the sampling of a fast freewheeling oscillator (configured by bias
inputs to 450-810 MHz). This approach is good if the jitter in the slow oscillator (i.e.,
...
Thermal noise, manufacturing variations, temperature, software settings, and
local electrical conditions are expected to cause oscillator variations and contribute
entropy to the sampled output.
Thus, the bits are not what you'd get from a quantum technique. *And* If an attacker can influence local electrical variations, software settings.... then it might very well be possible to introduce predictable data into the trusted random bitstream.
I'm not saying it's not a good tool, I am standing by my assertion that Via's website and claims take considerable liberties with the technology as described by their own consultants.
Sure, mod me down this is unlikely to be a popular VP on/.
Last time I looked 'we' stronly believe in copyright enforcement when / as it applies to GPL or other FOSS licensed material. But when the shoe's on the other foot, suddenly people who go to a fair bit of trouble to steal a copyright work are *victims*? I think not.
Many of the comments here run along the lines of 'ohh look at those really harsh penalties, compare them to (white-collar-crime, violent crime...).
Kindly observe that this is *federal* legislation (and that are some states have enacted laws). That means that what's prosecuted under this is most likely going to be the 'theatre employee runs a showing off-hours explicitly to do a video rip' instances. *Hence* the stiffer penalties.
The pentalties for copyright theft are already out there, this isn't new - it's addressing a specific instance.
Sure we don't like DMCA, RIAA et al and I heartily agree that there are some 1st class morons in "the Industry" lobbying etc.
However in fact technology is making copyright theft easier and with the bar lowered there are going to be laws passed (DMCA etc) to try to address that.
Deal. And if the best way you can think of 'dealing' is to cry wolf about how people without respect for others property are 'victims'... well you can expect more of the same kind of legislation.
Great idea, but I'd want to see some serious validation of the claim that their RNG is 'quantum' based.
In fact, looking at the report on the RNG operation (Paid for by Via) here's how it works:
http://www.via.com.tw/en/viac3/via_c3_padlock_eval uation.pdf "3.1. Entropy Source
The RNG hardware comprises two parts: a raw-bit generator that serves as an entropy
source and digital post-processing circuitry. The raw-bit generator produces somewhat
random bits which the design assumes will have imperfect statistical properties. The
post-processing circuitry then uses.whitening. and bit discarding to improve the
statistical properties of the imperfect random bits..... "
The paper concludes that the VIA RNG is well suited, but says *nothing* about it's being 'quantum' based.
Sounds like some marketdroid really didn't talk to the engineering people before writing the ad copy for this puppy.
This isn't going to come as any surprise but he's *not* the brightest bulb on the tree. However he's far from alone in that, more's the pity.
Brown sees MS as a *miracle*, like many he looks at the phenomenal financial success, adds the fact that it's nominally 'technology' sector and draws his conclusions.
Now the place I'm working for (which has posted market performance in the same range as MS) just did a celebration of thier 25th anniversary. The founders of the company are both very well off and pretty damned bright guys. One jokingly referred to his early talks with Wall street where he said "we're in the business of being a profitable philanthropy". The other mentioned that "we're in the business of doing the right thing" (does this sound like Google's founders?).
Shortly after, the chief financial officer got up and (predictably -- he's a fan) compared us to Microsoft. The reason is he's a money guy and all he can see is the money / financial success.
In fact if we acted in our markets the way MS does, our clients would show us the door. As it is they respect our engineering, and even our sales force, which is trained very hard to serve the *clients* needs.
Iff OSS follows that model, all the ADTI's in the world won't matter. The fact is that some oss projects (see the recent article linked on/. about why users are 'wrong' in not likeing the new Nautilus 'spatial' design) *don't* think this way, and more's the pity.
No, *an* application of Bayes theorem to spam filtering was disclosed in '98.
As the patent examiner (as well as the filing patent attorney) cited this article it's fair to presume that what is written in the '98 paper is relevant to the patent ('References') and does not disclose what has been claimed in the patent.
As to who would make a better attorney, well damn, you sure got me there, but then I don't especially aspire to be an attorney. Otoh I do hold a half dozen patents and do know a little bit about the process.
Honestly it doesn't make me 'feel' one way or another
NAI might have lab notebooks going back several years on this, their patent may or may not be affected by the MS work depending on the implementation. I don't have time to read either just this moment, but given that a bunch of information is not available, it doesn't seem sensible to speculate.
If MS/Stanford can demonstrate that their paper in fact predates internal work at NAI, I'm sure they'll bring that to the uspto.
If NAI can demonstrate that they were working on a Bayes approach prior to Graham's work, then they may indeed have thougth up the idea first.
<researching>....
Clearly Graham was not the first to think of Bayes as an approach to spam This paper ca 2000 predates both and is cited by the USPTO in the patent as a reference.
Contrary to prevailing/. wisdom the patent process does actually involve research on both the Patent office and the applicants part.
I'll try to repeat what you're not following then.
LSM (and SEL) were done by teams formed from 'stakeholders' i.e. there was some interest within the kernel core team (principally ted t'so and greg K-H I think) and there were a half dozen or so groups who'd been independently patching the kernel and maintaining those patches.
Basically these people saw a strong reason to establish a baseline for improving the security of the kernel generally.
The people involved have considerable experience in security infrastructure (e.g. evaluated systems, TCSEC and Common Criteria). They know the requirements and they know particularly that the MLS systems have pretty much run their course.
In fact SEL has an MLS policy but no-one (to my knowlege) is using it or writing extensions.
LSM dropped the desire for audit early on because it was determined that 'correct' audit (complete and robust enough for evaluated-design) would inherently affect the performance of the kernel as well as being more invasive (needed 3x more hooks than the enforcement code is using). It was felt that Linus would in no way accept the changes needed to do audit *correctly*. And this pretty well cause SGI to drop out of the process.
Now *today* Redhat is implementing SEL security into RHEL and have hired a few people to work on it. Mitre and others have done extensive work on SEL policy.
In the field of security being "right" is of much more value than being popular
Err, no. 'right' in the absence of context easily becomes a matter of 'Platonic Ideals Forms'. Surely security systems ought to be theoretically well founded (see 'verified design' in TCSEC). In practice securing real-world systems involves both good design and real world compromises.
Anyhow if grsec is in fact all that useful then someone will pick it up and either fork or carry on the design work.
ok well I admit that I haven't worked extensively with this, however as a concept it's certainly not uniqe to grsec.
SEL's permissive mode can be used the same way and the same for OpenBSD's systrace.
The problem is that for this to work in a production environment, you may well need to exercise all branches of the code you're running.
What are you planning to tell the boss when your Oracle or Mysql db throw an exception that you didn't happen to hit during trial runs? How are you going to roll out linux+grsec+mozilla to secure an enterprises desktops and expect that all legitimate behaviors have been covered?
I believe you when you say grsec's tool is better than the others, however *designing* a policy (and having an environment that facilitates design e.g. Type/Domain in Flask) is a different and arguably better approach.
Lovelock is a pretty cool guy. He's a self-funded researcher which gave him exactly the sort of freedom to ask questions like 'what will CFCs do to the ozone layer'
And the 'greens' who are so predictably up in arms about this statement must never have bothered to read Lovelock and Margulis's original Gaia hypothesis book, because he wrote about nuclear energy in pretty even handed terms even back then.
I read the 'comparative to LSM/SEL' links posted above, they are hardly complete, and while they may be arguably correct pont for point I couldn't agree with them.
If GRSEC is so good why have I never heard of any fully developed policy models? SE-Linux can run pretty much out of the box on a fully-featured server. I've run it without undue difficulty on 3 different distributions.
Spender and the RSBAC people both like to get up and say tbat LSM is no good. Lots of reasons are given e.g. "it doesn't provide full Bell-LaPadula security assurance" or "parts are patented".
I would counter:
Both grsec and rsbac are piecemeal solutions, pretty much a hodgepodge of admittedly good ideas patching the kernel to implement 'security'. By comparison LSM/SEL are integrated into the mainline kernel now, and the chosen perimiter is a pretty good one for practically improving Unix (Linux) security issues.
The 'Bell-La Padula' argument basically is complaining that SEL isn't setup for MLS (Multi-level-secure) so it must be no fscking good (TM). This of course is neglecting that the *target* audience for MLS computing (CIA, NSA, DOD...) have given up on it, my understading is that most MLS implementations have been replaced with air-gapped systems to deal with the levels.
Now if the intended users if MLS (class B and A TCSEC evaluated systems) who have very deep pockets indeed have scrapped them who the hell are the targetted users?
As an amusing side story the founder of a distribution based on RSBAC not only had no idea about this when he started the project, he also had no idea what MLS was and had never read word one of the TCSEC. And when he did he was suddenly wondering how to get evaluated (for a certification that's no longer even available).
So basically I think Spender is interested in being *right*, not interested in doing collaborative work and when something better (in the sense of *practical and useful* came along he had little more to do than poke technical holes in it.
So I'm not in the least surprised that he's losing his funding. LSM/SEL is available, works now and is cost-effective to actually use on production servers.
It's the easiest thing in the world to point out that someone else's system design is not perfectly
secure. However practical security is more a matter of practice and process than design anyway. And in the final analysis if you're not willing to make something that actually works (and to work with others to achieve that) then you're gonna have a hard time finding customers.
Champagne is made using yeast, not bacteria. Bacterial agents are never good in wine. Champaign of course I'm not so sure about;-)
And it occurs to me...
on
A New Ice Age?
·
· Score: 5, Insightful
That it's far too early to call whether these studies, models etc are going to be right / wrong. 'Prediction' is a dangerous business.
Generally, in any case by no means every theory/prediction made about climate has been wrong. Case in point James Lovelock (who happens to be one of the two founders of what's generally known as the Gaia hypothesis) and co-researchers *accurately* predicted the medium-long term results of CFC release on the ozone layer.
Science is inherently wrong, because it's the art of better explaining what we don't know. Another related case in point. Up until a dozen years ago physical oceanography uniformly concluded (based on theoretical models and very limited data sets) an understanding that the deep ocean flow was uniform and slow.
A friend of mine at WHOI put some cameras on the floor of the northern Atlantic, one day they were thinking their hardware had flaked 'cause they couldn't see anything. What was happening was silt was being stirred up by a high velocity current. What they discovered was that oceans have 'weather patterns' which operate much as atmospheric weather, fronts, low&high pressure areas etc.
This completely blew away established theories of physical oceanogrpahy (and happens to be directly related research to the abrupt climate change and ocean conveyor research article referenced in this post).
I'm glad you feel safe, however concluding that you're safe because prior research has been wrong is not a great recipe for the long term. The CFC / ozone problem is one of the first instances of scientific results materially impacting environmental policy at the global/international level. If rapid-onset ice-age is a possiblity (this has been pretty well established). And if a 'lens' of low-density fresh water over the northern oceans can trigger this abrupt change we would be foolish to conclude there's no risk worth further understanding.
You did not go to the same France I did. What time of year did you go?
You could not possibly have eaten at "La Tour d'Argent", which features the best food and service I've ever seen (the only experience that has come even vaguely close in the US was "Absinthe" in San Francisco). We spoke passable french (my accent is better than my diction) and in Paris we found that once people figured out that English was our native language they would switch to that.
The only time I ever experienced rudeness was when I made the mistake of summoning a waiter in a bistro by raising my index finger -- very bad form which I knew but managed to lapse. And generally the only bad mark I'd put against service in general over there is that it can be a bit slow -- which I'll take any day over the all-too-usual US choices... either feeling rushed through every part of a meal, or over-attended to death by waitstaff who seem to think that constant interruptions will get them a better tip.
Yes 'we' (oss) care about new stuff being built into win32 that impedes compatibility. so e.g. While NTFS write capability is said by it's developers to be stable it's still not in the kernel. (And the last time I tried to use this code it indeed hosed my ntfs partitions).
So however many years later NTFS still isn't supported by Linux, I got no idea how long it'll take for thiks winfs to be reverse-engineered. And perhaps by the time it's being worked out the standards of software revers-engineering may become as stringent as they are in hardware. (I've yet to hear of any project open or closed using the 3-team method that AMD's said to have used to develop their chips.)
But:
Obviously I can't speak for all IT shops, but here's my experience of one lage one where I'm contracting:
20,000+ desktops; lab computers; production-floor computers. The most recent version of windoze used is Win2k, they strip XP off of brand-new Thinkpads and install their own version. 99% of client systems are still running Office97. They're just beginning to roll out Active Directory (and the AD test servers died flat/dead/need rebuild between converting 2 different areas of R&D).
And this is a shop that's hook, line and sinker a Microsoft shop.
Iff the clients don't use/deploy WinFS, will it be relevant?
I don't know the answer but it is gonna be interesting to see.
who's to say offhand that Triple-DES or AES are better than Blowfish or plain DES?
Jeff Schiller obviously, as an author of kerberos I would expect him to be reasonably knowlegable on this.
Anyone even reasonable familiar with the details can say that 3DES is more secure than DES. DES's keyspace is too small and has been so for several years.
That said, the algorithm behind DES and hence 3DES has withstood 3 decades of scrutiny. It is optimally strong against differential cryptanalysis because the IBM designers figured out that attack (which was already known by NSA). The linear attack is theortically, but not practically better.
Like them or not, NSA and their british counterparts are pretty good at what they do (e.g. they came up with RSA's asymmetric cypher a decade before RSA did).
Is Blowfish 'better'? I have no idea. What I do know is that more *competent* eyes have reviewed (3)DES and AES than Blowfish.
Slashdot Mirror
First off, get a clue about the rules. 'We' don't get a say in sentencing. That is the sole purview of *judges*, subject to minimum sentences and established guidelines, so what 'we' might or might not seek in terms of settlements / enforcements is pretty much out of context.
Second, the effective arm of 'we' wrt the GPL is Eben Moglen who is quite clear in his discussion of strategy which is to have FSF work with offenders *outside of court*. That's a resource decision, as soon as you step inside a courtroom the costs go up exponentially. Moglen is also very clear on his success rate, and says he's acheived 100% compliance in the cases they've chosen to bite off without ever entering a courtroom.
Third, the point between the lines is that the /. herd by and large isn't doing crap toward anything except commenting from the sidelines, and also by and large doesn't know crap about either the details of IP law or the workings of the legal / court systems.
Lastly, you're welcome to think my points are those of a 'moron' (tho of course you've failed as far as I can see to make a substantive counter-argument.
When I say 'expect more of the same' consider that anyone in the US who does not have a locksmithing license may be arrested in most jurisdictions on either felony or misdemeanor charges for mere posession of lockpicks. -- This in spite of the objective reality that virtually no crimes/burglaries are committed using lockpicks -- burglars uniformly prefer to simply break the lock/door.
Those who have a hobby of picking locks are today in pretty much the same position of people who use software to: rip copyright material, perform network analysis/forensics/password cracking [...] (Yes, more than one sysadmin has faced criminal/felony charges for pro-actively applying password cracking tools to find weak passwords or sniffing network traffic without proper authorization.
As far as software tools are concerned today there aren't many rules in place, many that are are not all that well written and that leaves very much indeed of the law in the hands / discretion of prosecutors and judges.
I'm not real hopeful that good laws will be written, but I'm also damned well sure that the many people who indeed like to draw a (usually poorly defined) line between free software politics / law / ethics in trying to justify theft of copyright entertainment material are sure as hell not helping inform the views of legislators (or prosecutors, judges, juries). Which in turn has the tendency to make a public opinion hole the size of a mack truck for *owners* of entertainment copyright material to push their agendas.
So no I'm not personally worried about this
Federal jurisdistion is an entirely different ballgame, ask the former MIT admin who's doign 33 months federal time for his DOD involvement.
So yes criminal offence was already part of coyright law.
What exactly did you think the DOD warez group was prosecuted for? (I've met MIT econ dept admin who is now doing 33months in the federal slam).
Well this is *Via's statement* and sounds to me more like a 'Lorenz attractor' - based system.
From the Via-paid Cryptography Research 'preliminary evaluation' http://www.via.com.tw/en/viac3/via_c3_padlock_eval uation.pdf:
(start at section 2.2 'Sources of Randomness'):
So we are looking at systems which fall short of the 'Qantum' methods of making RNGs - according to Via's own consultant -- The then reduces to the following approach:Section 3.1 - Entropy Source
Thus, the bits are not what you'd get from a quantum technique. *And* If an attacker can influence local electrical variations, software settingsI'm not saying it's not a good tool, I am standing by my assertion that Via's website and claims take considerable liberties with the technology as described by their own consultants.
Last time I looked 'we' stronly believe in copyright enforcement when / as it applies to GPL or other FOSS licensed material. But when the shoe's on the other foot, suddenly people who go to a fair bit of trouble to steal a copyright work are *victims*? I think not.
Many of the comments here run along the lines of 'ohh look at those really harsh penalties, compare them to (white-collar-crime, violent crime ...).
Kindly observe that this is *federal* legislation (and that are some states have enacted laws). That means that what's prosecuted under this is most likely going to be the 'theatre employee runs a showing off-hours explicitly to do a video rip' instances. *Hence* the stiffer penalties.
The pentalties for copyright theft are already out there, this isn't new - it's addressing a specific instance.
Sure we don't like DMCA, RIAA et al and I heartily agree that there are some 1st class morons in "the Industry" lobbying etc.
However in fact technology is making copyright theft easier and with the bar lowered there are going to be laws passed (DMCA etc) to try to address that.
Deal. And if the best way you can think of 'dealing' is to cry wolf about how people without respect for others property are 'victims' ... well you can expect more of the same kind of legislation.
Great idea, but I'd want to see some serious validation of the claim that their RNG is 'quantum' based.
In fact, looking at the report on the RNG operation (Paid for by Via) here's how it works:
http://www.via.com.tw/en/viac3/via_c3_padlock_eval uation.pdf "3.1. Entropy Source
The RNG hardware comprises two parts: a raw-bit generator that serves as an entropy
source and digital post-processing circuitry. The raw-bit generator produces somewhat
random bits which the design assumes will have imperfect statistical properties. The
post-processing circuitry then uses .whitening. and bit discarding to improve the
statistical properties of the imperfect random bits. .... "
The paper concludes that the VIA RNG is well suited, but says *nothing* about it's being 'quantum' based.
Sounds like some marketdroid really didn't talk to the engineering people before writing the ad copy for this puppy.
This isn't going to come as any surprise but he's *not* the brightest bulb on the tree. However he's far from alone in that, more's the pity.
Brown sees MS as a *miracle*, like many he looks at the phenomenal financial success, adds the fact that it's nominally 'technology' sector and draws his conclusions.
Now the place I'm working for (which has posted market performance in the same range as MS) just did a celebration of thier 25th anniversary. The founders of the company are both very well off and pretty damned bright guys. One jokingly referred to his early talks with Wall street where he said "we're in the business of being a profitable philanthropy". The other mentioned that "we're in the business of doing the right thing" (does this sound like Google's founders?).
Shortly after, the chief financial officer got up and (predictably -- he's a fan) compared us to Microsoft. The reason is he's a money guy and all he can see is the money / financial success.
In fact if we acted in our markets the way MS does, our clients would show us the door. As it is they respect our engineering, and even our sales force, which is trained very hard to serve the *clients* needs.
Iff OSS follows that model, all the ADTI's in the world won't matter. The fact is that some oss projects (see the recent article linked on /. about why users are 'wrong' in not likeing the new Nautilus 'spatial' design) *don't* think this way, and more's the pity.
Fortunately, those are the exceptions.
As the patent examiner (as well as the filing patent attorney) cited this article it's fair to presume that what is written in the '98 paper is relevant to the patent ('References') and does not disclose what has been claimed in the patent.
As to who would make a better attorney, well damn, you sure got me there, but then I don't especially aspire to be an attorney. Otoh I do hold a half dozen patents and do know a little bit about the process.
An invention may be closely held (US application anyway) for as long as you wish prior to filing.
I kinda thought that was implied. In fact we know neither, and yes the logic works both ways
NAI might have lab notebooks going back several years on this, their patent may or may not be affected by the MS work depending on the implementation. I don't have time to read either just this moment, but given that a bunch of information is not available, it doesn't seem sensible to speculate.
If MS/Stanford can demonstrate that their paper in fact predates internal work at NAI, I'm sure they'll bring that to the uspto.
What matters is date of invention, not filing.
If NAI can demonstrate that they were working on a Bayes approach prior to Graham's work, then they may indeed have thougth up the idea first.
<researching> ....
Clearly Graham was not the first to think of Bayes as an approach to spam This paper ca 2000 predates both and is cited by the USPTO in the patent as a reference.
Contrary to prevailing /. wisdom the patent process does actually involve research on both the Patent office and the applicants part.
I'll try to repeat what you're not following then.
LSM (and SEL) were done by teams formed from 'stakeholders' i.e. there was some interest within the kernel core team (principally ted t'so and greg K-H I think) and there were a half dozen or so groups who'd been independently patching the kernel and maintaining those patches.
Basically these people saw a strong reason to establish a baseline for improving the security of the kernel generally.
The people involved have considerable experience in security infrastructure (e.g. evaluated systems, TCSEC and Common Criteria). They know the requirements and they know particularly that the MLS systems have pretty much run their course.
In fact SEL has an MLS policy but no-one (to my knowlege) is using it or writing extensions.
LSM dropped the desire for audit early on because it was determined that 'correct' audit (complete and robust enough for evaluated-design) would inherently affect the performance of the kernel as well as being more invasive (needed 3x more hooks than the enforcement code is using). It was felt that Linus would in no way accept the changes needed to do audit *correctly*. And this pretty well cause SGI to drop out of the process.
Now *today* Redhat is implementing SEL security into RHEL and have hired a few people to work on it. Mitre and others have done extensive work on SEL policy.
In the field of security being "right" is of much more value than being popular
Err, no. 'right' in the absence of context easily becomes a matter of 'Platonic Ideals Forms'. Surely security systems ought to be theoretically well founded (see 'verified design' in TCSEC). In practice securing real-world systems involves both good design and real world compromises.
Anyhow if grsec is in fact all that useful then someone will pick it up and either fork or carry on the design work.
SEL's permissive mode can be used the same way and the same for OpenBSD's systrace.
The problem is that for this to work in a production environment, you may well need to exercise all branches of the code you're running.
What are you planning to tell the boss when your Oracle or Mysql db throw an exception that you didn't happen to hit during trial runs? How are you going to roll out linux+grsec+mozilla to secure an enterprises desktops and expect that all legitimate behaviors have been covered?
I believe you when you say grsec's tool is better than the others, however *designing* a policy (and having an environment that facilitates design e.g. Type/Domain in Flask) is a different and arguably better approach.
Lovelock is a pretty cool guy. He's a self-funded researcher which gave him exactly the sort of freedom to ask questions like 'what will CFCs do to the ozone layer'
And the 'greens' who are so predictably up in arms about this statement must never have bothered to read Lovelock and Margulis's original Gaia hypothesis book, because he wrote about nuclear energy in pretty even handed terms even back then.
I read the 'comparative to LSM/SEL' links posted above, they are hardly complete, and while they may be arguably correct pont for point I couldn't agree with them.
If GRSEC is so good why have I never heard of any fully developed policy models? SE-Linux can run pretty much out of the box on a fully-featured server. I've run it without undue difficulty on 3 different distributions.
Spender and the RSBAC people both like to get up and say tbat LSM is no good. Lots of reasons are given e.g. "it doesn't provide full Bell-LaPadula security assurance" or "parts are patented".
I would counter:
Both grsec and rsbac are piecemeal solutions, pretty much a hodgepodge of admittedly good ideas patching the kernel to implement 'security'. By comparison LSM/SEL are integrated into the mainline kernel now, and the chosen perimiter is a pretty good one for practically improving Unix (Linux) security issues.
The 'Bell-La Padula' argument basically is complaining that SEL isn't setup for MLS (Multi-level-secure) so it must be no fscking good (TM). This of course is neglecting that the *target* audience for MLS computing (CIA, NSA, DOD ...) have given up on it, my understading is that most MLS implementations have been replaced with air-gapped systems to deal with the levels.
Now if the intended users if MLS (class B and A TCSEC evaluated systems) who have very deep pockets indeed have scrapped them who the hell are the targetted users?
As an amusing side story the founder of a distribution based on RSBAC not only had no idea about this when he started the project, he also had no idea what MLS was and had never read word one of the TCSEC. And when he did he was suddenly wondering how to get evaluated (for a certification that's no longer even available).
So basically I think Spender is interested in being *right*, not interested in doing collaborative work and when something better (in the sense of *practical and useful* came along he had little more to do than poke technical holes in it.
So I'm not in the least surprised that he's losing his funding. LSM/SEL is available, works now and is cost-effective to actually use on production servers.
It's the easiest thing in the world to point out that someone else's system design is not perfectly secure. However practical security is more a matter of practice and process than design anyway. And in the final analysis if you're not willing to make something that actually works (and to work with others to achieve that) then you're gonna have a hard time finding customers.
wth, it's only bandwidth, and a worthy joke
nice go Megway!
Champagne is made using yeast, not bacteria. Bacterial agents are never good in wine. Champaign of course I'm not so sure about ;-)
Generally, in any case by no means every theory/prediction made about climate has been wrong. Case in point James Lovelock (who happens to be one of the two founders of what's generally known as the Gaia hypothesis) and co-researchers *accurately* predicted the medium-long term results of CFC release on the ozone layer.
Science is inherently wrong, because it's the art of better explaining what we don't know. Another related case in point. Up until a dozen years ago physical oceanography uniformly concluded (based on theoretical models and very limited data sets) an understanding that the deep ocean flow was uniform and slow.
A friend of mine at WHOI put some cameras on the floor of the northern Atlantic, one day they were thinking their hardware had flaked 'cause they couldn't see anything. What was happening was silt was being stirred up by a high velocity current. What they discovered was that oceans have 'weather patterns' which operate much as atmospheric weather, fronts, low&high pressure areas etc.
This completely blew away established theories of physical oceanogrpahy (and happens to be directly related research to the abrupt climate change and ocean conveyor research article referenced in this post).
I'm glad you feel safe, however concluding that you're safe because prior research has been wrong is not a great recipe for the long term. The CFC / ozone problem is one of the first instances of scientific results materially impacting environmental policy at the global/international level. If rapid-onset ice-age is a possiblity (this has been pretty well established). And if a 'lens' of low-density fresh water over the northern oceans can trigger this abrupt change we would be foolish to conclude there's no risk worth further understanding.
You could not possibly have eaten at "La Tour d'Argent", which features the best food and service I've ever seen (the only experience that has come even vaguely close in the US was "Absinthe" in San Francisco). We spoke passable french (my accent is better than my diction) and in Paris we found that once people figured out that English was our native language they would switch to that.
The only time I ever experienced rudeness was when I made the mistake of summoning a waiter in a bistro by raising my index finger -- very bad form which I knew but managed to lapse. And generally the only bad mark I'd put against service in general over there is that it can be a bit slow -- which I'll take any day over the all-too-usual US choices ... either feeling rushed through every part of a meal, or over-attended to death by waitstaff who seem to think that constant interruptions will get them a better tip.
So however many years later NTFS still isn't supported by Linux, I got no idea how long it'll take for thiks winfs to be reverse-engineered. And perhaps by the time it's being worked out the standards of software revers-engineering may become as stringent as they are in hardware. (I've yet to hear of any project open or closed using the 3-team method that AMD's said to have used to develop their chips.)
But:
Obviously I can't speak for all IT shops, but here's my experience of one lage one where I'm contracting:
20,000+ desktops; lab computers; production-floor computers. The most recent version of windoze used is Win2k, they strip XP off of brand-new Thinkpads and install their own version. 99% of client systems are still running Office97. They're just beginning to roll out Active Directory (and the AD test servers died flat/dead/need rebuild between converting 2 different areas of R&D).
And this is a shop that's hook, line and sinker a Microsoft shop.
Iff the clients don't use/deploy WinFS, will it be relevant?
I don't know the answer but it is gonna be interesting to see.
Anyone even reasonable familiar with the details can say that 3DES is more secure than DES. DES's keyspace is too small and has been so for several years.
That said, the algorithm behind DES and hence 3DES has withstood 3 decades of scrutiny. It is optimally strong against differential cryptanalysis because the IBM designers figured out that attack (which was already known by NSA). The linear attack is theortically, but not practically better.
Like them or not, NSA and their british counterparts are pretty good at what they do (e.g. they came up with RSA's asymmetric cypher a decade before RSA did).
Is Blowfish 'better'? I have no idea. What I do know is that more *competent* eyes have reviewed (3)DES and AES than Blowfish.
cygwin/xfree would be nice but I need native, if X worked on this worksite I'd jsut use bsd :-).
I'll try some older versions and maybe write the maintainer.
so close, yet so far