But I'll tell you what - after seeing slashdot, and this here story I'm about to unfold, well, I guess I seen somethin' every bit as stupefyin' as you'd seen in any of them other places. So I can die with a smile on my face, without feelin' like the good Lord gypped me. Now this here story I'm about to unfold took place in the late '90s - just about the time of our conflict with Milo and the Kosovars. I only mention it because sometimes there's a man... I won't say a hero, 'cause, what's a hero? Sometimes, there's a man. And I'm talkin' about ESR here - ESR from slashdot. Sometimes, there's a man, well, he's the man for his time and place. He fits right in there. And that's ESR. ESR, from slashdot. And even if he's a drama queeen - and ESR was most certainly that. Quite possibly the drama queeniest in all of slashdot, which would place him high in the runnin' for drama queeniest worldwide. Sometimes there's a man, sometimes, there's a man. Well, I lost my train of thought here. But... aw, hell. I've done introduced it enough...
... When I have a spare moment, I'll go over the admin-view forum page (where the deleted post still lives, along with an internal reply mentioning to other admins why it was deleted) _absolutely sure_ I've scrubbed it of anything personally identifying...
I'm sure that some Apple customers would feel reassured to have proof of someone inside who's watching out for their (customer) interests and keeping them (customers) informed. However, if you're concern is about your job, don't get too cocky about your ability to scrub details.
Unfortunately, the task of scrubbing became very difficult when you posted the previous message. If I were a hypothetical security investigator tracking down a hypothetical leak, I would (a) look at the content of the leaked document and (b) look at when/who/how that content was accessed. In this case, that content is on "the admin-view forum page" (individual web page accesses are probably logged for statistical and debugging purposes), and I know that you accessed around 3-72 hours after 2007-01-14 20:38 EST. That'll probably narrow it down to 1-10 people. Add in other factors (e.g. previous patterns of dissent), and your anonymity might not last long.
I don't know anything about Apple's culture or internal security or about your role in Apple. Maybe leaking such info would be viewed as good PR move; maybe it's a fireable offense. Only you can judge. I'm just saying... I'd hate for you to do something you regret because you underestimated security techniques.
The stage was set. Congress had received a copy of the law. The Congress leaders had discussed it:
"This could end our democracy."
"It's a bad idea!"
"We cannot let Bush sign it! Such dangerous things must be locked away in the deepest dungeon of the backest backroom of the Congress!"
And so they agreed to lock it safely away in Mark Foley's closet, where no one could acknowledge its existence, let alone sign it. Or so they thought.
Little did they know that Double-O Bush was on the case. During the State of the Union, while the President distracted all of the Congressers, Double-O Bush snuck in to the closet, found (amid the bodies of various dead girls and living boys) a copy of the law. His hand shot fluidly to his ankle, and -- in a well-practiced maneuver -- pulled a pen from his ankle holster. Then he... signed the law!
And so it happened that Bush signed an evil law without any assistance from an inept Congress.
"War is hell." That famous statement deserves its less famous context:
"I am tired and sick of war. Its glory is all moonshine. It is only those who have neither fired a shot nor heard the shrieks and groans of the wounded who cry aloud for blood, for vengeance, for desolation. War is hell."
The man also said:
"I know I had no hand in making this war, and I know I will make more sacrifices to-day than any of you to secure peace."
You would be correct to observe that people in war often behave immorally, but reviewing the meaning of the word "war" will not save you from your readers' indignation. The observation of immoral behavior is not a justification of immoral behavior, and it does not obviate our imperative to behave morally.
This "observe vs justify/describe vs proscribe" issue applies equally to your posts and to "The Quest for Bush." You are correct that war is hell; the game makers are correct that the US and Israeli militaries destroy property and commit murder. You are correct that the American military can execute spies, and the game makers are correct that Islamic terrorists murder Americans and Israelis. The problem with the game is that it encourages players to kill Americans and Israelis, and I do not respect the theme or content of the game. Similarly, the problem with your posts in this thread is that you encourage readers to kill Iraqi and Palestinian civilians, and I do not respect the theme or content of your posts.
James Bond is an elite MI-6 agent who reads "top secret" documents over lunch. He drives expensive European sports cars. Terrorists and KGB agents shoot rocket-powered grenades at his cars, and he doesn't mind.
James Bamford plays with his own sort of fire: he pursues FOIA requests. Terrorists and KGB agents don't shoot rocket-powered grenades at his car, but then again... Mr. Bamford drives a Pinto.
Oh, sure, column view is old hat. But a column-view MP3 player? Now that's original thinking.
And it's genius, too. I was riding on the subway the other day, listening to some tunes, bopping my head -- I had my headphones on, and I was carrying my NeXTstation under my right arm. (The monitor goes in my backpack.) Perfectly normal, right? Well, everyone was staring at my NeXTstation. Those things are hot and heavy. Anyway, it felt awkward (though a little kinky) to have everyone staring at my NeXTstation. The genius of Creative's MP3 player is that it gives you that great column view, but it fits in your pocket, so you don't have to deal with the awkwardness of people jealously eying your NeXTstation.
No, no, no. This would let the Chinese government impersonate a server that has an SSL certificate that's signed by the Chinese government's CA.
I suspect that you and the parent are making different assumptions about how the client end is implemented.
In a simple implementation, you might login onto your computer in China and open the Goodole Autoproxy Program. GAP updates, say, your Firefox preferences and configures Firefox to route all requests through the HTTPS-based proxy, goolole.canada.org. When you try to open a web page, Firefox tries to connect to the proxy with HTTP/SSL. The Great Firewall intercepts the request and relays it to cryptodemon.china.bad. cryptodemon automatically generates a phony certificate and signs it using the Chinese government CA. The phony certificate is returned to Firefox, which tries to validate it. Firefox finds that the Chinese government CA is in its database of trusted CA's, so the certificate is accepted.
However, the article doesn't provide any details about Psiphon's implementation, and it's not rational to say that their system is or isn't well-designed.
Let me see if I understand. You're suggesting that queue systems are innately flawed, and that market forces are better. To demonstrate this flaw, we should consider an example -- oh, say, the case of using a queue to allocate subsidized housing at Foo University in the year 19xy. Oh, my! Those students did misbehave! Queues are bad, so we should use the proposed alternative: market forces.
Market forces are a patently ludicrous solution for the example. If students could afford housing at market rates, then they wouldn't need subsidies. If the University felt that market forces provided fair and socially desirable outcomes, then it wouldn't provide subsidies. The example doesn't help the argument.
If anything, it hurts: as a reader, I'm no longer thinking about European companies trying to build online brands (something for which pure market forces might be good) -- I'm thinking about college students, education, and social darwinism. The parent has created a rhetorical knot which I must undo before I can accept that auctions would improve the allocation of.eu domains.
There have been several good comments in this article, but I just wanted to add a few more... esoteric suggestions.:)
* For the back-to-basics approach... the power-switch is a very effective access control mechanism (both literally -- cutting electricity -- and figuratively -- stopping/starting daemon processes). You could, for example, put one set of users in the realm "dayworkers.example.com" on one KDC, and then put another set of users in the realm "nightworkers.example.com" on another KDC. To ensure that dayworkers can only login between 9am and 5pm, you use cron to start their KDC at 9am and stop it at 5pm.
* Implementing time-based constraints in the Kerberos layer kind of sucks -- you're only going to check the time constraints at session startup. Sessions that start before the cut-off can stay online after the cutoff. Ex: Suppose our rule is "members of group A can login between 9am and 5pm". A member of group A logs in to the SSH server at 4:30 pm -- he can stay online indefinitely because SSH won't try to re-authenticate or re-authorize him.
* It's most effective to implement the time-based constraint in each of your applications. The former is ideal in that each application can cope with the time change in an intelligent fashion. (One app might prompt a user to save before he gets cut off, another might issue a warning 5 min ahead, etc.) But this approach is also the most difficult, and that seems to be an important concern.
* It's also effective to implement this at the network layer -- only route packets from specific users at specific times. This could be easy to implement with a VPN-style system. Non-VPN solutions may be possible but, ehm, tricky.
I agree that the questioner has ruled out MS a bit too obliquely, and it's a good point that one could use just the KDC functions in AD. However, I doubt that "just the one Windows server" will be enough. We're talking about a critical piece of infrastructure in an organization that is evidentally large enough to justify the use of Kerberos and LDAP. They'll need redundant servers, and (if their sysadmins have only been managing Unix systems) they may need to train their sysadmins in proper Windows management (backup, restore, security policies, registry manipulation, and so on).
CEO DeWolfe is careful not to dismiss parents' safety concerns, and he says the company has plans to hire a full safety director -- "somebody to think about safety and security 24 hours a day, seven days a week"
The dude won't think well if you don't let him sleep.
I noticed the same thing. A few other inconsistencies:
* In image018, XFS is clearly the performance loser in all tests. But in the other charts, we see a more divided picture -- with XFS, Resier4, and Resier3 each taking the "performance loser" position in a few tests.
* It's not just a matter of labeling or confusing datapoints -- the datapoints for the last test are entirely different in image017 and image018. Note that, in image017, the times go as high as ~38 sec. In image018, they go as high as ~140sec.
These kinds of inconsistencies make one wonder about the credibility of the results.
Setting aside the hypocrisy and the almost-plagiarism[*], I'd like to point out that the original was a bit incongruous -- China and Vietnam aren't very far apart. The edited version is less grating.
[*] The Xinhua article does include the word "(Agencies)" at the bottom... maybe that's an attribution...
The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught.
It wouldn't be so hard to get a peer to collude with you on fudging statistics. A few scenarios:
* I install one client at home and one at work. The one at work is a shill for the one at home -- the two never exchange real data, but they report that the client at home has uploaded to the one at work.
* A small group of people agree to scratch each other's backs by shilling for each other.
* An auxiliary protocol provides automated shilling among peers that are otherwise unaffiliated. Such a protocol can use tit-for-tat behavior (if you shill for me, then I'll shill for you).
Well, if they go out of business, will they still be able to afford web hosting for all those web pages and images and such? Or will their entire web site get replaced with a cryptic message?
Recompiling regular high-level (C, Obj-C, etc) for x86 or x86-64 is (relatively) freaking easy. Rewriting hand-tuned Altivec code to run on Intels SSE-2 or SSE-3 is a major, major issue
A little conventional wisdom: The main OS interfaces don't benefit much from Altivec/SSE/MMX. The real concern comes from audio-video processing.
If you survey other AV projects, you'll find that's it's possible to maintain multiplatform AV code (e.g. the xvidcore builds with optimizations on Linux/x86, Linux/PPC, Windows/x86, and Mac OS/PPC). And QuickTime is already a multiplatform product, supporting Mac OS/PPC and Windows/x86. The big question -- what design techniques did Apple use to implement multiplatform support?
...Kuo also made a call to deal with the underlying problem that allows e-mail to serve as an attack vector for hackers and thieves.
"The mechanism of mass-mailing viruses relies on spoofing the From: address, and that aspect has been taken over by the phishers. This spoofing is the singular point for mass-mailing viruses and worms, for spam, for all phishing attacks.
For phishing attacks: maybe. For everything else: no. Once you have a process running with user privileges, you can impersonate that user without forging any heaers.
Slashdot Mirror
But I'll tell you what - after seeing slashdot, and this here story I'm about to unfold, well, I guess I seen somethin' every bit as stupefyin' as you'd seen in any of them other places. So I can die with a smile on my face, without feelin' like the good Lord gypped me. Now this here story I'm about to unfold took place in the late '90s - just about the time of our conflict with Milo and the Kosovars. I only mention it because sometimes there's a man... I won't say a hero, 'cause, what's a hero? Sometimes, there's a man. And I'm talkin' about ESR here - ESR from slashdot. Sometimes, there's a man, well, he's the man for his time and place. He fits right in there. And that's ESR. ESR, from slashdot. And even if he's a drama queeen - and ESR was most certainly that. Quite possibly the drama queeniest in all of slashdot, which would place him high in the runnin' for drama queeniest worldwide. Sometimes there's a man, sometimes, there's a man. Well, I lost my train of thought here. But... aw, hell. I've done introduced it enough...
I heard Google doesn't just buy crap... they buy custom-designed crap.
... When I have a spare moment, I'll go over the admin-view forum page (where the deleted post still lives, along with an internal reply mentioning to other admins why it was deleted) _absolutely sure_ I've scrubbed it of anything personally identifying...
I'm sure that some Apple customers would feel reassured to have proof of someone inside who's watching out for their (customer) interests and keeping them (customers) informed. However, if you're concern is about your job, don't get too cocky about your ability to scrub details.
Unfortunately, the task of scrubbing became very difficult when you posted the previous message. If I were a hypothetical security investigator tracking down a hypothetical leak, I would (a) look at the content of the leaked document and (b) look at when/who/how that content was accessed. In this case, that content is on "the admin-view forum page" (individual web page accesses are probably logged for statistical and debugging purposes), and I know that you accessed around 3-72 hours after 2007-01-14 20:38 EST. That'll probably narrow it down to 1-10 people. Add in other factors (e.g. previous patterns of dissent), and your anonymity might not last long.
I don't know anything about Apple's culture or internal security or about your role in Apple. Maybe leaking such info would be viewed as good PR move; maybe it's a fireable offense. Only you can judge. I'm just saying... I'd hate for you to do something you regret because you underestimated security techniques.
I think someone at KFC marketing misread a coordinate while reviewing the plans for the Vogon's new hyperspace highway.
The stage was set. Congress had received a copy of the law. The Congress leaders had discussed it:
"This could end our democracy."
"It's a bad idea!"
"We cannot let Bush sign it! Such dangerous things must be locked away in the deepest dungeon of the backest backroom of the Congress!"
And so they agreed to lock it safely away in Mark Foley's closet, where no one could acknowledge its existence, let alone sign it. Or so they thought.
Little did they know that Double-O Bush was on the case. During the State of the Union, while the President distracted all of the Congressers, Double-O Bush snuck in to the closet, found (amid the bodies of various dead girls and living boys) a copy of the law. His hand shot fluidly to his ankle, and -- in a well-practiced maneuver -- pulled a pen from his ankle holster. Then he... signed the law!
And so it happened that Bush signed an evil law without any assistance from an inept Congress.
"War is hell." That famous statement deserves its less famous context:
"I am tired and sick of war. Its glory is all moonshine. It is only those who have neither fired a shot nor heard the shrieks and groans of the wounded who cry aloud for blood, for vengeance, for desolation. War is hell."
The man also said:
"I know I had no hand in making this war, and I know I will make more sacrifices to-day than any of you to secure peace."
You would be correct to observe that people in war often behave immorally, but reviewing the meaning of the word "war" will not save you from your readers' indignation. The observation of immoral behavior is not a justification of immoral behavior, and it does not obviate our imperative to behave morally.
This "observe vs justify/describe vs proscribe" issue applies equally to your posts and to "The Quest for Bush." You are correct that war is hell; the game makers are correct that the US and Israeli militaries destroy property and commit murder. You are correct that the American military can execute spies, and the game makers are correct that Islamic terrorists murder Americans and Israelis. The problem with the game is that it encourages players to kill Americans and Israelis, and I do not respect the theme or content of the game. Similarly, the problem with your posts in this thread is that you encourage readers to kill Iraqi and Palestinian civilians, and I do not respect the theme or content of your posts.
"[U]nwashed hordes of pro PLO slashdot kids"? "[H]unted down and exterminated, period full stop"? This post smacks of propaganda, doesn't it?
Incidentally, if you believe everything in your post, then the odds are that you shouldn't answer that question.
James Bond is an elite MI-6 agent who reads "top secret" documents over lunch. He drives expensive European sports cars. Terrorists and KGB agents shoot rocket-powered grenades at his cars, and he doesn't mind.
James Bamford plays with his own sort of fire: he pursues FOIA requests. Terrorists and KGB agents don't shoot rocket-powered grenades at his car, but then again... Mr. Bamford drives a Pinto.
My favorite part of this story is the implication that the good, clean, family-values, Christian types are the ones turning to piracy.
Oh, sure, column view is old hat. But a column-view MP3 player? Now that's original thinking.
And it's genius, too. I was riding on the subway the other day, listening to some tunes, bopping my head -- I had my headphones on, and I was carrying my NeXTstation under my right arm. (The monitor goes in my backpack.) Perfectly normal, right? Well, everyone was staring at my NeXTstation. Those things are hot and heavy. Anyway, it felt awkward (though a little kinky) to have everyone staring at my NeXTstation. The genius of Creative's MP3 player is that it gives you that great column view, but it fits in your pocket, so you don't have to deal with the awkwardness of people jealously eying your NeXTstation.
No, no, no. This would let the Chinese government impersonate a server that has an SSL certificate that's signed by the Chinese government's CA.
I suspect that you and the parent are making different assumptions about how the client end is implemented.
In a simple implementation, you might login onto your computer in China and open the Goodole Autoproxy Program. GAP updates, say, your Firefox preferences and configures Firefox to route all requests through the HTTPS-based proxy, goolole.canada.org. When you try to open a web page, Firefox tries to connect to the proxy with HTTP/SSL. The Great Firewall intercepts the request and relays it to cryptodemon.china.bad. cryptodemon automatically generates a phony certificate and signs it using the Chinese government CA. The phony certificate is returned to Firefox, which tries to validate it. Firefox finds that the Chinese government CA is in its database of trusted CA's, so the certificate is accepted.
However, the article doesn't provide any details about Psiphon's implementation, and it's not rational to say that their system is or isn't well-designed.
Let me see if I understand. You're suggesting that queue systems are innately flawed, and that market forces are better. To demonstrate this flaw, we should consider an example -- oh, say, the case of using a queue to allocate subsidized housing at Foo University in the year 19xy. Oh, my! Those students did misbehave! Queues are bad, so we should use the proposed alternative: market forces.
.eu domains.
Market forces are a patently ludicrous solution for the example. If students could afford housing at market rates, then they wouldn't need subsidies. If the University felt that market forces provided fair and socially desirable outcomes, then it wouldn't provide subsidies. The example doesn't help the argument.
If anything, it hurts: as a reader, I'm no longer thinking about European companies trying to build online brands (something for which pure market forces might be good) -- I'm thinking about college students, education, and social darwinism. The parent has created a rhetorical knot which I must undo before I can accept that auctions would improve the allocation of
There have been several good comments in this article, but I just wanted to add a few more... esoteric suggestions. :)
* For the back-to-basics approach... the power-switch is a very effective access control mechanism (both literally -- cutting electricity -- and figuratively -- stopping/starting daemon processes). You could, for example, put one set of users in the realm "dayworkers.example.com" on one KDC, and then put another set of users in the realm "nightworkers.example.com" on another KDC. To ensure that dayworkers can only login between 9am and 5pm, you use cron to start their KDC at 9am and stop it at 5pm.
* Implementing time-based constraints in the Kerberos layer kind of sucks -- you're only going to check the time constraints at session startup. Sessions that start before the cut-off can stay online after the cutoff. Ex: Suppose our rule is "members of group A can login between 9am and 5pm". A member of group A logs in to the SSH server at 4:30 pm -- he can stay online indefinitely because SSH won't try to re-authenticate or re-authorize him.
* It's most effective to implement the time-based constraint in each of your applications. The former is ideal in that each application can cope with the time change in an intelligent fashion. (One app might prompt a user to save before he gets cut off, another might issue a warning 5 min ahead, etc.) But this approach is also the most difficult, and that seems to be an important concern.
* It's also effective to implement this at the network layer -- only route packets from specific users at specific times. This could be easy to implement with a VPN-style system. Non-VPN solutions may be possible but, ehm, tricky.
I agree that the questioner has ruled out MS a bit too obliquely, and it's a good point that one could use just the KDC functions in AD. However, I doubt that "just the one Windows server" will be enough. We're talking about a critical piece of infrastructure in an organization that is evidentally large enough to justify the use of Kerberos and LDAP. They'll need redundant servers, and (if their sysadmins have only been managing Unix systems) they may need to train their sysadmins in proper Windows management (backup, restore, security policies, registry manipulation, and so on).
CEO DeWolfe is careful not to dismiss parents' safety concerns, and he says the company has plans to hire a full safety director -- "somebody to think about safety and security 24 hours a day, seven days a week"
The dude won't think well if you don't let him sleep.
I noticed the same thing. A few other inconsistencies:
* In image018, XFS is clearly the performance loser in all tests. But in the other charts, we see a more divided picture -- with XFS, Resier4, and Resier3 each taking the "performance loser" position in a few tests.
* It's not just a matter of labeling or confusing datapoints -- the datapoints for the last test are entirely different in image017 and image018. Note that, in image017, the times go as high as ~38 sec. In image018, they go as high as ~140sec.
These kinds of inconsistencies make one wonder about the credibility of the results.
Setting aside the hypocrisy and the almost-plagiarism[*], I'd like to point out that the original was a bit incongruous -- China and Vietnam aren't very far apart. The edited version is less grating.
[*] The Xinhua article does include the word "(Agencies)" at the bottom... maybe that's an attribution...
The short answer is -- you can fudge your stats all you want. But unless you can find a way to fudge someone elses stats to minus the discrepancy, you'll get caught.
It wouldn't be so hard to get a peer to collude with you on fudging statistics. A few scenarios:
* I install one client at home and one at work. The one at work is a shill for the one at home -- the two never exchange real data, but they report that the client at home has uploaded to the one at work.
* A small group of people agree to scratch each other's backs by shilling for each other.
* An auxiliary protocol provides automated shilling among peers that are otherwise unaffiliated. Such a protocol can use tit-for-tat behavior (if you shill for me, then I'll shill for you).
I'd have to get an AtomChip laptop, but I might want to add on two fold-out LCD screens and an ergonomic keyboard.
Well, if they go out of business, will they still be able to afford web hosting for all those web pages and images and such? Or will their entire web site get replaced with a cryptic message?
Recompiling regular high-level (C, Obj-C, etc) for x86 or x86-64 is (relatively) freaking easy. Rewriting hand-tuned Altivec code to run on Intels SSE-2 or SSE-3 is a major, major issue
A little conventional wisdom: The main OS interfaces don't benefit much from Altivec/SSE/MMX. The real concern comes from audio-video processing.
If you survey other AV projects, you'll find that's it's possible to maintain multiplatform AV code (e.g. the xvidcore builds with optimizations on Linux/x86, Linux/PPC, Windows/x86, and Mac OS/PPC). And QuickTime is already a multiplatform product, supporting Mac OS/PPC and Windows/x86. The big question -- what design techniques did Apple use to implement multiplatform support?
...Kuo also made a call to deal with the underlying problem that allows e-mail to serve as an attack vector for hackers and thieves.
"The mechanism of mass-mailing viruses relies on spoofing the From: address, and that aspect has been taken over by the phishers. This spoofing is the singular point for mass-mailing viruses and worms, for spam, for all phishing attacks.
For phishing attacks: maybe. For everything else: no. Once you have a process running with user privileges, you can impersonate that user without forging any heaers.
And now the politicians and their appointed lackeys think blogs need to be regulated and controlled?
There's no need to lump "the politicians" together on this issue. Some politicians are pressuring the FEC, arguing against regulation of blogs.
He wouldn't have to search for long. Just look at the headline: "Four Indicted Into SF Hall of Fame."
irreversibly encrypted garbage
Oh, I know the algorithm for that:
aim.send( md5( rand(10000) ) );