Obviously, this comment came from a man that is just as delusional and egotistical as DSK. He THINKS that all women want to have sex with him. In reality, he is garbage. I am looking forward to reading about evidence DSK's untimely death.
Yes, we need anti-virus software, mainly to keep the lawyers happy. Actually, Linux does needs good security monitoring to protect from break-in exploits. The lawyers and businessmen just don't understand the difference between that and anti-virus, so they are sort of right.
If someone can spoof DNS, why not just spoof routing? Now days, it is very common to connect through public wireless networks. You should not have to depend on the connection point not being hacked somehow. My understanding is that DNSSEC can supply host keys as well, so you can be sure that the host you actually connect to is the one defined by DNSSEC. Is it being implemented that way, or is it just being used to avoid DNS spoofing?
Also, are DNSSEC certificates designed in a way that generates profit for certificate providers? We don't want a system where the system is more oriented toward profit than security.
The important issue is not to create bug-free software. It is about designing redundancy and validation that avoids both software bugs and fraudulent data tampering. Before you leave the voting booth, your data should be transmitted to multiple locations, and you should be able to later validate that your individual vote is correctly in the system with some form of hash or validation code.
Why use a very complex system to make digital computing behave like analog computing?? It would be better just to have part of the chip or a co-processor run using analog signals. With analog, you can probably increase the clock speed and increase the noise level rather than getting intermittent total failures.
But, given that all of the analog devices are going digital, there are probably not many useful applications.
Sun/McNealy may not be a good choice to ask about making a profit, but the question is how can the Government as an end-user save money. Open Source can be bad for companies that make money selling equivalent software, but that is what we want.
Oops, my post got truncated.
Patents are even being used to cover genome sequences that have been in organisms for 100s or 1000s of years, and are obviously discoveries and not inventions.
Patents in general are a good thing to protect inventions. The big problem is that the definition of "invention" has been expanded to include just about anything. Many software patents cover things that should not be patentable because they are obvious or have plenty of "prior art" examples.
Patents are even being used to cover gene sequences that have been around for hundreds of years, are are really discoveries and nothing close to being an invention.
The main problem with software is that it is hard to define just what is patentable, especially since the lawyers have no clue about what should qualify as an invention.
The problem is that bad DNS responses should not be a source of vulnerability. Anytime there is traffic outside of your trusted domain, the identity of the remote system should not be trusted without a secure connection. There is work on Secure DNS, but I think it is better just to consider DNS unreliable, especially since wireless access points are common, and can give you whatever DNS they want. Even if you use another DNS server, it is easy enough to override it at the router.
Unencrypted traffic should always be considered untrusted and prone to hacking. We need a system of secondary (tertiary, etc?) certificate signing so that every web site doesn't have to pay for a commercially signed certificate. That is more efficient and reliable than Secure DNS. (Right?)
So, I think the conclusion is that Microsoft extensions should be avoided and that the web developer community should demand standards compliance, and just require users to install Firefox until MSIE is no longer broken and useless.
However, proprietary extensions from other companies like Adobe seem perfectly fine to use. The problem comes when the OS, browser and extensions are all from one company.
Isn't Java closer to C than Perl? In my experience, most difficulties with Javascript is not the language syntax, but inconsistent object and environments by different browsers (with MSIE being the biggest problem.)
I have always thought that we just need a standard pseudo-assembly bytecode which can be compiled from a variety of languages from existing compilers, and all be run from a standardized interpreter. I would think that even Perl could be implemented this way, along with a big run-time library.
The problem with the the current design of voting machines is not the reliability of the machines, but the general design of the voting system. A good design is needed such that even an insider that can internally modify the voting machine is unable to affect the voting outcome.
Before a voter leaves the voting booth, their votes should be recorded off-site in multiple locations, and they should get a receipt with an anonymous vote serial number with a validation hash that can be re-checked at a later time so that the voter knows their vote is not currupted.
Is that idea too simple? Are there no decent cryptographers on the team? Are the designs being managed by lawyers?
The most important feature to prevent tampering is for voters to be able to verify that their votes have not been modified AFTER all of the votes are pooled. There should be a final, public consolidated database that anyone should be able to tally to get the vote counts, and for which any indivual voter should be able to verify that their votes have not been modified.
Ideally, there would be multiple independent HTTP inquiry servers so regular voters could go home and enter their voting hash over and verify thet their actual vote is in the final pool.
The hard part is coming up with a way that the tallied vote database can be public and able to verify a voter's hash, but still prevent people from being able to determine which votes belong to which voter.
Linux autofs is missing many, many features, such as being able to specify multiple redundant servers for one mount point. I use amd, packaged in am-utils. It has almost everything you need, but no direct maps (I think it's a Linux limitation: the automounter has to take the whole directory, not just entries in it).
You can simulate this by having a real mount point, like/nfs, then putting symbolic links in root, such as/shares ->/nfs/shares. Of course, you then have to maintain those links.
You still may need different map formats. For total compatibility, you might have to make executable maps that read and reformat the real maps. I gave in and just keep two sets of maps, one for Linux and one for IRIX.
Home directory mounts have not been a problem, and I still use autofs for those, becuase it's a bit faster.
Slashdot Mirror
Obviously, this comment came from a man that is just as delusional and egotistical as DSK. He THINKS that all women want to have sex with him. In reality, he is garbage. I am looking forward to reading about evidence DSK's untimely death.
Yes, we need anti-virus software, mainly to keep the lawyers happy. Actually, Linux does needs good security monitoring to protect from break-in exploits. The lawyers and businessmen just don't understand the difference between that and anti-virus, so they are sort of right.
If someone can spoof DNS, why not just spoof routing? Now days, it is very common to connect through public wireless networks. You should not have to depend on the connection point not being hacked somehow. My understanding is that DNSSEC can supply host keys as well, so you can be sure that the host you actually connect to is the one defined by DNSSEC. Is it being implemented that way, or is it just being used to avoid DNS spoofing?
Also, are DNSSEC certificates designed in a way that generates profit for certificate providers? We don't want a system where the system is more oriented toward profit than security.
The important issue is not to create bug-free software. It is about designing redundancy and validation that avoids both software bugs and fraudulent data tampering. Before you leave the voting booth, your data should be transmitted to multiple locations, and you should be able to later
validate that your individual vote is correctly in the system with some form of hash or validation code.
Why use a very complex system to make digital computing behave like analog computing?? It would be better just to have part of the chip or a co-processor run using analog signals. With analog, you can probably increase the clock speed and increase the noise level rather than getting intermittent total failures.
But, given that all of the analog devices are going digital, there are probably not many useful applications.
Sun/McNealy may not be a good choice to ask about making a profit, but the question is how can the Government as an end-user save money. Open Source can be bad for companies that make money selling equivalent software, but that is what we want.
Apparently, cell phones are designed to transmit everything they know: phone numbers, call logs, etc. Why are cell phones designed to be so insecure?
Surely there are cell phones that are not so lame, unless the government is requiring anonymous access for snooping purposes.
Oops, my post got truncated. Patents are even being used to cover genome sequences that have been in organisms for 100s or 1000s of years, and are obviously discoveries and not inventions.
Patents in general are a good thing to protect inventions. The big problem is that the definition of "invention" has been expanded to include just about anything. Many software patents cover things that should not be patentable because they are obvious or have plenty of "prior art" examples. Patents are even being used to cover gene sequences that have been around for hundreds of years, are are really discoveries and nothing close to being an invention. The main problem with software is that it is hard to define just what is patentable, especially since the lawyers have no clue about what should qualify as an invention.
The problem is that bad DNS responses should not be a source of vulnerability. Anytime there is traffic outside of your trusted domain, the identity of the remote system should not be trusted without a secure connection. There is work on Secure DNS, but I think it is better just to consider DNS unreliable, especially since wireless access points are common, and can give you whatever DNS they want. Even if you use another DNS server, it is easy enough to override it at the router. Unencrypted traffic should always be considered untrusted and prone to hacking. We need a system of secondary (tertiary, etc?) certificate signing so that every web site doesn't have to pay for a commercially signed certificate. That is more efficient and reliable than Secure DNS. (Right?)
So, I think the conclusion is that Microsoft extensions should be avoided and that the web developer community should demand standards compliance, and just require users to install Firefox until MSIE is no longer broken and useless.
However, proprietary extensions from other companies like Adobe seem perfectly fine to use. The problem comes when the OS, browser and extensions are all from one company.
Isn't Java closer to C than Perl? In my experience, most difficulties with Javascript is not the language syntax, but inconsistent object and environments by different browsers (with MSIE being the biggest problem.)
I have always thought that we just need a standard pseudo-assembly bytecode which can be compiled from a variety of languages from existing compilers, and all be run from a standardized interpreter. I would think that even Perl could be implemented this way, along with a big run-time library.
Lawsuits are more about money, especially for the lawyers, rather than defending public rights.
The problem with the the current design of voting machines is not the reliability of the machines, but the general design of the voting system. A good design is needed such that even an insider that can internally modify the voting machine is unable to affect the voting outcome. Before a voter leaves the voting booth, their votes should be recorded off-site in multiple locations, and they should get a receipt with an anonymous vote serial number with a validation hash that can be re-checked at a later time so that the voter knows their vote is not currupted. Is that idea too simple? Are there no decent cryptographers on the team? Are the designs being managed by lawyers?
The most important feature to prevent tampering is for voters to be able to verify that their votes have not been modified AFTER all of the votes are pooled. There should be a final, public consolidated database that anyone should be able to tally to get the vote counts, and for which any indivual voter should be able to verify that their votes have not been modified.
Ideally, there would be multiple independent HTTP inquiry servers so regular voters could go home and enter their voting hash over and verify thet their actual vote is in the final pool.
The hard part is coming up with a way that the tallied vote database can be public and able to verify a voter's hash, but still prevent people from being able to determine which votes belong to which voter.
Linux autofs is missing many, many features, such as being able to specify multiple redundant servers for one mount point. I use amd, packaged in am-utils. It has almost everything you need, but no direct maps (I think it's a Linux limitation: the automounter has to take the whole directory, not just entries in it).
/nfs, then putting symbolic links in root, such as /shares -> /nfs/shares. Of course, you then have to maintain those links.
You can simulate this by having a real mount point, like
You still may need different map formats. For total compatibility, you might have to make executable maps that read and reformat the real maps. I gave in and just keep two sets of maps, one for Linux and one for IRIX.
Home directory mounts have not been a problem, and I still use autofs for those, becuase it's a bit faster.