An additional point: I would like the cross-privilege interprocess communication system to be opt-in rather than op-out. There should be a special call for programs that expect to communicate across privilege levels. That would make it easy to write a report that would find all such programs. That way I could decide if I trusted those programs, and if they were corrupted by a hacker or not.
It seems sensible that the API for communicating across privilege levels would have special checking, and a system of reporting that could be started to resolve questions about the operation of any one system.
That seems right to me. However, in the real world can I expect all programmers to realize this and comply? If I could get it, I would like some security inside the OS.
How do Linux and BSD deal with this issue? Is there any way to achieve privilege escalation by interfering with other processes? I don't understand it well, but the answer seems to be no.
This seems very sensible. I was thinking in broader, and maybe not completely technically accurate, terms. I was thinking of message space filtering as a kind of automatic authentication. This would not break existing applications.
It has been claimed that it is possible to use the shatter attack against a clean install of Windows XP. It has been claimed that system processes are vulnerable to this attack. What do you think?
One problem is that an old application would not be prepared to deal sensibly with the denial of access. Maybe Windows could put a message on the screen.
I had a section on the shatter attack and the messaging vulnerabilities in my paper, Windows XP Shows the Direction Microsoft is Going, but I got so much hostile feedback on message boards from people who said it did not exist, or it was not the fault of Windows, that I took the section out.
Apparently only two or three exploits of Windows messaging have been published. However, it seems reasonable that there are others.
The whole question gets some people very upset. They say that it is the fault of whoever wrote a vulnerable application. But look at what's in Windows memory at any one time. There is a huge amount of stuff written by numerous people. It seems to me that it doesn't matter to the user how the vulnerability got there, a vulnerability is a vulnerability. If you use Windows, you are trusting numerous programmers to know how to pass messages because there is no authentication system.
Consider this post by Uller-RM. He says, "... he [the attacker] adjusts the size of a textbox using an outside program to 4GB. (Windows unfortunately allows this, since the message format doesn't include a "sender" field to check against the owner handle.)".
Yes, it is unfortunate. And fixing it requires a rewrite of Windows that breaks all present applications. Am I wrong about any of this?
I'm not saying I understand everything about this, but I don't have time to investigate it further. I have to go back to writing a letter to a customer.
Very, very few people, apparently, have both technical knowledge and managerial knowledge.
The problem mentioned in the Slashdot story appears to be that Bruce Chizen, Adobe president, is not prepared for the intellectual challenge of running a technical company. He's been a salesman and marketing manager all his life. Now Adobe has become dependent on Acrobat, and has a big customer for Acrobat, the IRS (U.S. Internal Revenue Service).
We live in a business climate in which a few people at the top make a huge amount of money, and other people suffer, even though they helped make the money.
There seems to be a pattern with technological companies. The people who really understand the technology get tired and go on to other things, or are forced out of the company they founded (as was Jobs at Apple). Everyone pretends that nothing has happened, and the company runs on inertia for a while. With luck, the new managers, who try to hide the fact that they really don't understand what the company does, encounter a business upturn. But inside the company is dying.
John Sculley was a sugar water salesman (Pepsi) before he came to Apple and forced Jobs out. Apple looked okay for a while, but slowly lost importance. Then Jobs came back, and Apple became very important.
Adobe's Postscript is brilliant technology. Using Postscript to make PDF files is brilliant. Knowing what photo editing tools need to go into Photoshop requires deep technical understanding. Probably Bruce Chizen understands none of this. Can a manager run something he does not understand? No.
Refill your Canon i320 printer that you bought for $40 (U.S. price) with this refill system: http://www.ims-ink.com/. It costs $17 at Costco and refills the black cartridge an estimated 24 times. The system also comes with bottles of colored ink; haven't calculated the color refills yet.
Google wasn't very helpful, I found. Mostly I saw a lot of marketing language written by people who don't really understand what they are writing and are bored by it, anyway.
I forgot to mention another ignorant Toshiba idea. Look at the URL when you are on a Toshiba laptop. There is a session ID! That means that you can give a URL to a Toshiba page to someone else, but it usually won't work. Toshiba engineers are often not very smart people.
I own two Toshiba laptops, and I think they are the best PC laptops currently available. However, my impression of Toshiba is that it is ignorant at times.
For example, there are buttons on the front of the laptops that operate with very, very little pressure. They start Windows Media Player whenever you accidentally press them.
I called Toshiba support to ask them about an error I found in the manual of each of the laptops. Toshiba technical support a) did not have a computer to test, and b) could not fix the error in the manual by calling someone in the company. Toshiba technical support seems to be VERY separate from the rest of the company, and seems to have no power to serve customers. Before I bought the laptops, I asked about the maximum resolution of the video card when used with an external monitor; Toshiba technical support could not help me, even after several calls and an acknowledgement that the manual was faulty.
On the good side, Toshiba uses nVidia video chips, and the chips use the standard nVidia drivers. They work great with an external monitor at 1600 x 1200 and 75 Hertz resolution. Very, very nice. They work with IOView KVM switches.
It seems that the U.S. government has an endless amount of money for killing people and destroying property, but not very much for making good relationships.
The least sophisticated way of relating to other people is killing them.
After XP reaches 21 programs, the programs are displayed on the taskbar using a weird algorithm. Some of the programs that are loaded don't appear at all. Apparently this is done to discourage people from running more programs. Otherwise, why?
You said, "Any organization that rolled-out Mozilla widescale obviously did it out of zeal and not from reading the release notes..."
This would be a more acceptable view in a more perfect world. However, in my opinion, organizations don't have any better choice than an imperfect Mozilla. Internet Explorer has limited features (no tabbing, for example), and many unpatched security holes. Opera is spendy, and doesn't offer HTML email formatting.
Internet page display technology is very, very imperfect. CSS doesn't have all the text formatting features, for example, so that users are required to provide their own system for some features.
Netscape is not an option for governments and large organizations that must be completely open. Netscape just lost a court case over a sneaky element of the browser, in which a user's activity was tracked by AOL. See Wired News: Netscape Settles Software Issue. Would you trust them again?
Moz isn't perfect. It crashes with too much activity. When it crashes, all instances crash. But Moz is the best of a VERY imperfect lot.
This is a deal-killer. The problem needs to be solved. People who have installed Mozilla on hundreds of machines won't mess with install problems, they will abandon Mozilla instead. The biggest problem is this: Getting the email client to work after installing into an empty directory is tricky.
Should tens of thousands of people have problems, or should a few people fix the install program? My vote is the latter. Mozilla has WORLD importance. It is the browser of choice for governments, for example, which must use open-source software.
Maybe you didn't read everything I wrote. Installing over an old version worked on one computer, and not another.
Also, Moz should handle everything for me. Moz/Firebird is the best browser in a world that needs a browser. The install problems should be fixed. Most people don't have the technical expertise to do what you say, since, as the previous comment says, it involves copying mail files and tricky setup hassles.
An additional point: I would like the cross-privilege interprocess communication system to be opt-in rather than op-out. There should be a special call for programs that expect to communicate across privilege levels. That would make it easy to write a report that would find all such programs. That way I could decide if I trusted those programs, and if they were corrupted by a hacker or not.
It seems sensible that the API for communicating across privilege levels would have special checking, and a system of reporting that could be started to resolve questions about the operation of any one system.
That seems right to me. However, in the real world can I expect all programmers to realize this and comply? If I could get it, I would like some security inside the OS.
How do Linux and BSD deal with this issue? Is there any way to achieve privilege escalation by interfering with other processes? I don't understand it well, but the answer seems to be no.
Very interesting article.
Most people don't realize how many microprocessors help them during the day.
This seems very sensible. I was thinking in broader, and maybe not completely technically accurate, terms. I was thinking of message space filtering as a kind of automatic authentication. This would not break existing applications.
It has been claimed that it is possible to use the shatter attack against a clean install of Windows XP. It has been claimed that system processes are vulnerable to this attack. What do you think?
One problem is that an old application would not be prepared to deal sensibly with the denial of access. Maybe Windows could put a message on the screen.
I had a section on the shatter attack and the messaging vulnerabilities in my paper, Windows XP Shows the Direction Microsoft is Going, but I got so much hostile feedback on message boards from people who said it did not exist, or it was not the fault of Windows, that I took the section out.
The shatter attack is a local attack only, that allows a logged-on user to elevate to administrator. Microsoft has recently (July 9, 2003) documented one messaging exploit: Flaw in Windows Message Handling through Utility Manager Could Enable Privilege Elevation (822679). But what does Microsoft know, right?
Apparently only two or three exploits of Windows messaging have been published. However, it seems reasonable that there are others.
The whole question gets some people very upset. They say that it is the fault of whoever wrote a vulnerable application. But look at what's in Windows memory at any one time. There is a huge amount of stuff written by numerous people. It seems to me that it doesn't matter to the user how the vulnerability got there, a vulnerability is a vulnerability. If you use Windows, you are trusting numerous programmers to know how to pass messages because there is no authentication system.
Consider this post by Uller-RM. He says, "... he [the attacker] adjusts the size of a textbox using an outside program to 4GB. (Windows unfortunately allows this, since the message format doesn't include a "sender" field to check against the owner handle.)".
Yes, it is unfortunate. And fixing it requires a rewrite of Windows that breaks all present applications. Am I wrong about any of this?
I'm not saying I understand everything about this, but I don't have time to investigate it further. I have to go back to writing a letter to a customer.
It's another top management scheme at Sun to buy a lot of bad publicity cheaply.
Once in a while I try to do something in Word 2000. I find lots of quirks. It seems to me that there is a lot of pain in other areas of Word as well.
A lot of people think OSX is the best desktop OS in the world, by far. Unix and beauty, together.
Very, very few people, apparently, have both technical knowledge and managerial knowledge.
The problem mentioned in the Slashdot story appears to be that Bruce Chizen, Adobe president, is not prepared for the intellectual challenge of running a technical company. He's been a salesman and marketing manager all his life. Now Adobe has become dependent on Acrobat, and has a big customer for Acrobat, the IRS (U.S. Internal Revenue Service).
It's amazing. The job pays extremely well, even though the smart people are gone, Adobe has laid off people, and the stock is slowly sliding.
We live in a business climate in which a few people at the top make a huge amount of money, and other people suffer, even though they helped make the money.
There seems to be a pattern with technological companies. The people who really understand the technology get tired and go on to other things, or are forced out of the company they founded (as was Jobs at Apple). Everyone pretends that nothing has happened, and the company runs on inertia for a while. With luck, the new managers, who try to hide the fact that they really don't understand what the company does, encounter a business upturn. But inside the company is dying.
John Sculley was a sugar water salesman (Pepsi) before he came to Apple and forced Jobs out. Apple looked okay for a while, but slowly lost importance. Then Jobs came back, and Apple became very important.
Adobe's Postscript is brilliant technology. Using Postscript to make PDF files is brilliant. Knowing what photo editing tools need to go into Photoshop requires deep technical understanding. Probably Bruce Chizen understands none of this. Can a manager run something he does not understand? No.
Refill your Canon i320 printer that you bought for $40 (U.S. price) with this refill system: http://www.ims-ink.com/. It costs $17 at Costco and refills the black cartridge an estimated 24 times. The system also comes with bottles of colored ink; haven't calculated the color refills yet.
Google wasn't very helpful, I found. Mostly I saw a lot of marketing language written by people who don't really understand what they are writing and are bored by it, anyway.
I forgot to mention another ignorant Toshiba idea. Look at the URL when you are on a Toshiba laptop. There is a session ID! That means that you can give a URL to a Toshiba page to someone else, but it usually won't work. Toshiba engineers are often not very smart people.
I own two Toshiba laptops, and I think they are the best PC laptops currently available. However, my impression of Toshiba is that it is ignorant at times.
For example, there are buttons on the front of the laptops that operate with very, very little pressure. They start Windows Media Player whenever you accidentally press them.
I called Toshiba support to ask them about an error I found in the manual of each of the laptops. Toshiba technical support a) did not have a computer to test, and b) could not fix the error in the manual by calling someone in the company. Toshiba technical support seems to be VERY separate from the rest of the company, and seems to have no power to serve customers. Before I bought the laptops, I asked about the maximum resolution of the video card when used with an external monitor; Toshiba technical support could not help me, even after several calls and an acknowledgement that the manual was faulty.
On the good side, Toshiba uses nVidia video chips, and the chips use the standard nVidia drivers. They work great with an external monitor at 1600 x 1200 and 75 Hertz resolution. Very, very nice. They work with IOView KVM switches.
It seems that the U.S. government has an endless amount of money for killing people and destroying property, but not very much for making good relationships.
The least sophisticated way of relating to other people is killing them.
Windows 2000 is stable when only one program is running. I really liked the TeleVantage system, but have no experience with it.
California is known for having more progressive laws.
Friedman is becoming worse and worse.
AC, I've never tried crack.
After XP reaches 21 programs, the programs are displayed on the taskbar using a weird algorithm. Some of the programs that are loaded don't appear at all. Apparently this is done to discourage people from running more programs. Otherwise, why?
You said, "Any organization that rolled-out Mozilla widescale obviously did it out of zeal and not from reading the release notes..."
This would be a more acceptable view in a more perfect world. However, in my opinion, organizations don't have any better choice than an imperfect Mozilla. Internet Explorer has limited features (no tabbing, for example), and many unpatched security holes. Opera is spendy, and doesn't offer HTML email formatting.
Internet page display technology is very, very imperfect. CSS doesn't have all the text formatting features, for example, so that users are required to provide their own system for some features.
Netscape is not an option for governments and large organizations that must be completely open. Netscape just lost a court case over a sneaky element of the browser, in which a user's activity was tracked by AOL. See Wired News: Netscape Settles Software Issue. Would you trust them again?
Moz isn't perfect. It crashes with too much activity. When it crashes, all instances crash. But Moz is the best of a VERY imperfect lot.
Quote: "The open-source development community is an international treasure and should be protected as such..."
I strongly agree with that statement.
Asa, something needs to be done about the install problem. See my comment here: #6296165
People just can't go around to every machine doing a lot of hand work.
This is a deal-killer. The problem needs to be solved. People who have installed Mozilla on hundreds of machines won't mess with install problems, they will abandon Mozilla instead. The biggest problem is this: Getting the email client to work after installing into an empty directory is tricky.
Should tens of thousands of people have problems, or should a few people fix the install program? My vote is the latter. Mozilla has WORLD importance. It is the browser of choice for governments, for example, which must use open-source software.
Mod parent up!!! I didn't know that.
Maybe you didn't read everything I wrote. Installing over an old version worked on one computer, and not another.
Also, Moz should handle everything for me. Moz/Firebird is the best browser in a world that needs a browser. The install problems should be fixed. Most people don't have the technical expertise to do what you say, since, as the previous comment says, it involves copying mail files and tricky setup hassles.