.... Someone leaner and meaner will come along and push them aside.
That's the way this business works. We're not the car industry.
No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".
it either comes from a BIOS that doesn't support changing the boot order
This is only useful assuming that your BIOS is password protected AND/OR the person doesn't have physical entry into the case thereby allowing them to zap the BIOS parameters.
I think they should replace the root dns servers with an old fashion switchboard. I envision a large room in the bowels of VeriSign "manned" by an army of women wearing grey suits with horn rimmed glasses. A dns request will come in via pnuematic tube, the operator will pull one spring loaded ethernet cable from her console and plug it into the correct corresponding jack.
While being resistant to any port based DDOS attacks, they would be DOSable by having some hunky dude drink a pepsi outside their window.
I've worked for a large company where this type of thing occured/s too. Part of the problem however is that it's a large company. Often times dev group A in Product Group B in Location C runs off and does whatever they think is right. When the dev group and product are then integrated into the fold, you often have problems. One very common example of this is acquisitions. It is very common to have to deal with many variant platforms, languages, etc due to the acquisition of other companies.
The biggest challenge is that no matter how you got there, coming up with an effective solution for dealing with what you have. Unless a product is end of lifed, there's ongoing development which get's in the way of doing the maintenance work to get eveyone talking on the same page. Trying to juggle your resources so that you can still move forward, but at the same time trying to re-architect or refactor or rewrite is a very significant challange. One that many companies simply punt on until forced, or gets long and drawn out (all of which I've experienced).
There are so many better (from a gearhead perspective) cars than an S2000... I don't even know where to start. bleck.
Thank you for stating an opinion and totally neglecting providing any examples to substantiate it. Oh and then posting as AC just to top it off, your post was quite valuable.
I agree with your points, the issue is providing a level of security that makes it more difficult to break. We know that SSL is not 100% secure, but we use it, how is this any different. IF it can achieve a level of security high enough, then what more can we expect?
Having worked for various startups (some more secret than others) and for companies that do work for the govt, I know about marking documents etc, again, this adds an extra layer. You avoid the person forgetting by making sure you're document templates have the necessary permissions by default.
Again, not a perfect system, but will the system they release be "good enough"? And until they release it, who knows. And if it isn't, then the market will decide and nobody will use it.
Actually, cars WILL benefit from technology on the high tech cars.
Right, but if you notice the cars they chose are all geared toward the general consumer, vs 200 unit annual run more expensive than the average house (excepting Bay Area) type vehicles.
Also, what allows the S2000 to be refined? Technology and engineering.
Right, but nothing ground breaking. That's what makes the S2000 so damn cool. It doesn't rely on massive amounts of high tech "drivers aids" to get at its performance. It's just tried and true automobile engineering taken to a very high level.
We're talking about the security equivalent of putting up a sign that says "please don't rob me". It is so trivial to get around that it's going to cause more problems than it could possibly solve. The biggest problem I can see is companies that will actually BELIEVE that it will work and will trust MS to keep their documents secure instead of those pesky policies and background checks and NDAs.
I disagree, are you saying that the entire concept of encrypting documents is "the security equivalent of putting up a sign that says "please don't rob me"? If the OS and any apps prevents you from even doing screen caps of protected files, then you are left with A) installing device drivers that will do it for you B) photographing the screen C) writing everything down. Those might be fine for two paragraph memos, but obviously anyone who would go through all that trouble could not make an easy case for them "not knowing" that what they were doing was wrong. Just like locks on doors (and doors themselves). Right now with most documents, we have the equivilent of simply having a law that says "you are not allowed to enter someone elses home without their permission". DRM merely adds the lock and door. You can ignore the first and get around the second, but I know of few people who don't have locks and doors and who don't rely on them.
And OF COURSE if Microsoft can figure out a way to make more money in the process, they surely will.
Well as cool as the S2000 and Enzo are, they either are just very refined (S2000) or are priced in such a way that most people will never benefit from their hi tech (Enzo).
There really isn't anything all that groundbreaking tech wise with the S2000. Honda just paid a lot of attention to detail and applied what their extensive engine know-how to create a very highly tuned motor mated to a firm and responsive chassis. Hardly hitech, but definitely way cool from a gear head point of view.
I have an '89 750il, which for it's time was way high tech. Antilock, electric everything, fly by wire throttle. And of course, one of the most hated things about this vehicle is all the electronic doodads. When it works it's great. When it doesn't, rottsaruck. BMW is having some problems now with it's latest 7 series and their on board computers going wacko. There was a funny post about it, can't remember if it was here or not, some guy even video taped his car doing strange stuff (cell phone not working, stereo acting strange, car doesn't want to accelerate, etc).
I can see the mechanics repair books now:
Replace head gaskets 2hrs
Replace starter 2.5hrs
Debug car suddenly speaking in German 40 man hours
Funny thing about the last problem is that it is one that actually occurs!
Not totally true. How about teachers who create tests in Word? Or other content creators such as ad agencies. Or ma and pa shops that use Quicken and give the files to their accountants. While I agree that the primary focus will be on the enterprise, I think that a great many people could find the functionality useful. Heck, you could even DRM your pr0n stash to keep it away from prying eyes (e.g. your wife or the feds). Of course the feds will probably just get the backdoor from M$, but that's another issue altogether...
yeah, but one problem is it will be broken (you KNOW it will), and then all these businesses that depended on it will be screwed.
Well knowing Microsofts history, yes, the chances of this working "out of the chute" is slim indeed. But my point was that the concept of DRM is not inherently evil (even if Microsoft is), but many individuals here on/. think so.
If you're perfectly fine with inventions that fix problems (but don't actually work),
Is the computer on your desk faultless? Is the software that you use faultless? How does finding holes in a system automatically make that system "not work"? By your inference, web servers should have been done away with long ago, never even attempted given all the bugs and problems. And we shouldn't even bother to have doors and locks at all, since there are ways to get around them, whether they are made of paper, wood, or steel. No system is perfect, you will always be able to find ways around it, you just have to make a determination as to whether or not that system provides the level of protection you desire. If you're only criteria is "is it perfect", then you end up doing nothing.
If you can't trust your employees to not disclose confidential info, what makes you think they won't hand-copy the contents after they try to forward or print it?
Well there is obviously no way to make a system like this 100% secure. But one of the areas that it can help a lot is in making physical the rules for handling internal documents. One example is where a worker takes a file home (copies to floppy, emails to themself, etc) to work on it. Their intention is not to divulge the contents, but by their actions, they can sometimes cause these documents to be put in compromised position. With these DRM controls, you can ensure that the document remains internal, or at the very least "remind" the user that the document is not to leave the building. There are also other issues, such as knowing what information can be released to which customers and others that have nothing to do with your employees "stealing" information.
That and your assertion is generally naive. You can never know who will or won't be trustworthy, you try your best but you'll never be 100% correct. This is just another tool, that just like any other tool, has it's place and it's limitations.
Well that's one way to think about it. The big deal of all this of course is the OS and app support needed to make all this fly. The actual physical representation (encryption, access control structures, etc) are no big deal.
Well we can bash any and all attempts by Microsoft to do anything, but we should be able to at least say, "hey, what they're trying to achieve is valid". Their ability to actually create a robust solution of course is fair game, but that doesn't mean that the concept is not worthwhile.
I can't imagine how many people are going to screw around with this feature and lock themselves out of their own word file
This is no different than allowing anyone to even simply password protect their files.
Although it may be good for a small percentage of people, how is this going to affect John Q. Trailertrash who likes to fiddle with new functions?
That's the point, it's not designed for JQT, it's primarily for corp. users. If little Johnny wants to add DRM to his homework then more power to him, but that is not the audience that M$ has in mind. Now Johnnie's teacher who's creating a test, now that's a different story.
I know that there'll be plenty of snide negative comments about this, but I figured, what the hell.
I think that generally this is a good thing. Every company I've worked at has created copious piles of "internal only" type documents (electronicly that is). Making sure that these documents either stay internal, or don't go beyond those people externally that you give them to is always a hassle and pretty much impossible to do currently. Right now you have to depend on the "good faith" of your employees or those you've forwarded documents to and have agreements with (e.g. non-disclosures). Having a solution that makes controlling this information a bit easier could be useful.
Now before people start getting all in a tizzy, I'm not saying that Microsofts implementation will be any good or that it won't have problems and cause more trouble than it's worth. I'm just saying that the concept is worthwhile and shouldn't just be dismissed because it's being foisted by the "Evil Empire" or you can think of a dozen ways around it.
Slashdot Mirror
.... Someone leaner and meaner will come along and push them aside.
That's the way this business works. We're not the car industry.
No we're worse than the car industry. With the auto industry one can always switch manufacturers and have an auto that drives basically the same way as any other auto does. We can buy tires, batteries, wipers, etc at the local Pep Boys (assuming a fairly "standard" auto, i.e. you don't own a Ferrari Enzo), all specific to our auto, put with common parts availability. We can do none of the above with software. This is why Microsoft was able to become Microsoft. Market share is king, and it's something that is extrememly difficult to overcome without huge resources, regardless of how "leaner and meaner" you are. In this market it's not good enough to be better, you have to be better and have deep enough pockets to fight a long and protracted battle. Either that or rely on the generous coding by those who are willing to do it for "free".
If you have an installation on which some third-party driver has hosed the registry, the Recovery Console will allow you to attempt to fix it.
Actually the way I read the statement was that if it WERE a Microsoft driver that hosed the registry, then you'd be hosed. Period.
it either comes from a BIOS that doesn't support changing the boot order
This is only useful assuming that your BIOS is password protected AND/OR the person doesn't have physical entry into the case thereby allowing them to zap the BIOS parameters.
I think they should replace the root dns servers with an old fashion switchboard. I envision a large room in the bowels of VeriSign "manned" by an army of women wearing grey suits with horn rimmed glasses. A dns request will come in via pnuematic tube, the operator will pull one spring loaded ethernet cable from her console and plug it into the correct corresponding jack.
While being resistant to any port based DDOS attacks, they would be DOSable by having some hunky dude drink a pepsi outside their window.
Doing so may have just been made easier.
How is going to a different dns server make this easier now? Are you saying that NSD somehow makes this easier? Is this a known vulnerability in NSD?
I've worked for a large company where this type of thing occured/s too. Part of the problem however is that it's a large company. Often times dev group A in Product Group B in Location C runs off and does whatever they think is right. When the dev group and product are then integrated into the fold, you often have problems. One very common example of this is acquisitions. It is very common to have to deal with many variant platforms, languages, etc due to the acquisition of other companies.
The biggest challenge is that no matter how you got there, coming up with an effective solution for dealing with what you have. Unless a product is end of lifed, there's ongoing development which get's in the way of doing the maintenance work to get eveyone talking on the same page. Trying to juggle your resources so that you can still move forward, but at the same time trying to re-architect or refactor or rewrite is a very significant challange. One that many companies simply punt on until forced, or gets long and drawn out (all of which I've experienced).
There are so many better (from a gearhead perspective) cars than an S2000... I don't even know where to start. bleck.
Thank you for stating an opinion and totally neglecting providing any examples to substantiate it. Oh and then posting as AC just to top it off, your post was quite valuable.
Actually it's just a simple matter of changing it through the on board computer. I was just using this example for effect :)
I agree with your points, the issue is providing a level of security that makes it more difficult to break. We know that SSL is not 100% secure, but we use it, how is this any different. IF it can achieve a level of security high enough, then what more can we expect?
Having worked for various startups (some more secret than others) and for companies that do work for the govt, I know about marking documents etc, again, this adds an extra layer. You avoid the person forgetting by making sure you're document templates have the necessary permissions by default.
Again, not a perfect system, but will the system they release be "good enough"? And until they release it, who knows. And if it isn't, then the market will decide and nobody will use it.
Actually, cars WILL benefit from technology on the high tech cars.
Right, but if you notice the cars they chose are all geared toward the general consumer, vs 200 unit annual run more expensive than the average house (excepting Bay Area) type vehicles.
Also, what allows the S2000 to be refined? Technology and engineering.
Right, but nothing ground breaking. That's what makes the S2000 so damn cool. It doesn't rely on massive amounts of high tech "drivers aids" to get at its performance. It's just tried and true automobile engineering taken to a very high level.
We're talking about the security equivalent of putting up a sign that says "please don't rob me". It is so trivial to get around that it's going to cause more problems than it could possibly solve. The biggest problem I can see is companies that will actually BELIEVE that it will work and will trust MS to keep their documents secure instead of those pesky policies and background checks and NDAs.
I disagree, are you saying that the entire concept of encrypting documents is "the security equivalent of putting up a sign that says "please don't rob me"? If the OS and any apps prevents you from even doing screen caps of protected files, then you are left with A) installing device drivers that will do it for you B) photographing the screen C) writing everything down. Those might be fine for two paragraph memos, but obviously anyone who would go through all that trouble could not make an easy case for them "not knowing" that what they were doing was wrong. Just like locks on doors (and doors themselves). Right now with most documents, we have the equivilent of simply having a law that says "you are not allowed to enter someone elses home without their permission". DRM merely adds the lock and door. You can ignore the first and get around the second, but I know of few people who don't have locks and doors and who don't rely on them.
And OF COURSE if Microsoft can figure out a way to make more money in the process, they surely will.
Well as cool as the S2000 and Enzo are, they either are just very refined (S2000) or are priced in such a way that most people will never benefit from their hi tech (Enzo).
There really isn't anything all that groundbreaking tech wise with the S2000. Honda just paid a lot of attention to detail and applied what their extensive engine know-how to create a very highly tuned motor mated to a firm and responsive chassis. Hardly hitech, but definitely way cool from a gear head point of view.
I have an '89 750il, which for it's time was way high tech. Antilock, electric everything, fly by wire throttle. And of course, one of the most hated things about this vehicle is all the electronic doodads. When it works it's great. When it doesn't, rottsaruck. BMW is having some problems now with it's latest 7 series and their on board computers going wacko. There was a funny post about it, can't remember if it was here or not, some guy even video taped his car doing strange stuff (cell phone not working, stereo acting strange, car doesn't want to accelerate, etc).
I can see the mechanics repair books now:
Replace head gaskets 2hrs
Replace starter 2.5hrs
Debug car suddenly speaking in German 40 man hours
Funny thing about the last problem is that it is one that actually occurs!
No one else is going to care (and not use it).
...
Not totally true. How about teachers who create tests in Word? Or other content creators such as ad agencies. Or ma and pa shops that use Quicken and give the files to their accountants. While I agree that the primary focus will be on the enterprise, I think that a great many people could find the functionality useful. Heck, you could even DRM your pr0n stash to keep it away from prying eyes (e.g. your wife or the feds). Of course the feds will probably just get the backdoor from M$, but that's another issue altogether
yeah, but one problem is it will be broken (you KNOW it will), and then all these businesses that depended on it will be screwed.
/. think so.
Well knowing Microsofts history, yes, the chances of this working "out of the chute" is slim indeed. But my point was that the concept of DRM is not inherently evil (even if Microsoft is), but many individuals here on
You're right, we *should* be able to say that. However, how long as it been since it would be correct to say that?
;) After all, Microsoft is the king at trying to do the right thing. Just as they are the kings of doing the right thing wrongly.
How about right now
Ad in the future, you'll depend on... Microsoft and PassPort. Yah.
How is this any different than any other aspect of our lives, in regards to having an increased dependance on technology?
If you're perfectly fine with inventions that fix problems (but don't actually work),
Is the computer on your desk faultless? Is the software that you use faultless? How does finding holes in a system automatically make that system "not work"? By your inference, web servers should have been done away with long ago, never even attempted given all the bugs and problems. And we shouldn't even bother to have doors and locks at all, since there are ways to get around them, whether they are made of paper, wood, or steel. No system is perfect, you will always be able to find ways around it, you just have to make a determination as to whether or not that system provides the level of protection you desire. If you're only criteria is "is it perfect", then you end up doing nothing.
If you can't trust your employees to not disclose confidential info, what makes you think they won't hand-copy the contents after they try to forward or print it?
Well there is obviously no way to make a system like this 100% secure. But one of the areas that it can help a lot is in making physical the rules for handling internal documents. One example is where a worker takes a file home (copies to floppy, emails to themself, etc) to work on it. Their intention is not to divulge the contents, but by their actions, they can sometimes cause these documents to be put in compromised position. With these DRM controls, you can ensure that the document remains internal, or at the very least "remind" the user that the document is not to leave the building. There are also other issues, such as knowing what information can be released to which customers and others that have nothing to do with your employees "stealing" information.
That and your assertion is generally naive. You can never know who will or won't be trustworthy, you try your best but you'll never be 100% correct. This is just another tool, that just like any other tool, has it's place and it's limitations.
So it's encryption, but with additional options?
Well that's one way to think about it. The big deal of all this of course is the OS and app support needed to make all this fly. The actual physical representation (encryption, access control structures, etc) are no big deal.
Well we can bash any and all attempts by Microsoft to do anything, but we should be able to at least say, "hey, what they're trying to achieve is valid". Their ability to actually create a robust solution of course is fair game, but that doesn't mean that the concept is not worthwhile.
Of course by the time that I finish posting this, I see that many of the posts are actually positive. I guess there is some hope yet ;)
I know I'm showing my ignorance here, but how is this different from traditional filesystem permissions
1 - This applies to documents and things like email messages.
2 - AC is preserved even when documents are transferred to another system.
3 - You can restrict actions such as copying or printing.
4 - You can create valid lifetimes for the items.
5 - You can limit # of actions (# of copies, # of times opened, etc)
In other words, there is a world of difference.
I can't imagine how many people are going to screw around with this feature and lock themselves out of their own word file
This is no different than allowing anyone to even simply password protect their files.
Although it may be good for a small percentage of people, how is this going to affect John Q. Trailertrash who likes to fiddle with new functions?
That's the point, it's not designed for JQT, it's primarily for corp. users. If little Johnny wants to add DRM to his homework then more power to him, but that is not the audience that M$ has in mind. Now Johnnie's teacher who's creating a test, now that's a different story.
I know that there'll be plenty of snide negative comments about this, but I figured, what the hell.
I think that generally this is a good thing. Every company I've worked at has created copious piles of "internal only" type documents (electronicly that is). Making sure that these documents either stay internal, or don't go beyond those people externally that you give them to is always a hassle and pretty much impossible to do currently. Right now you have to depend on the "good faith" of your employees or those you've forwarded documents to and have agreements with (e.g. non-disclosures). Having a solution that makes controlling this information a bit easier could be useful.
Now before people start getting all in a tizzy, I'm not saying that Microsofts implementation will be any good or that it won't have problems and cause more trouble than it's worth. I'm just saying that the concept is worthwhile and shouldn't just be dismissed because it's being foisted by the "Evil Empire" or you can think of a dozen ways around it.