Word. I live 8 miles from a major metro area. My community of ~5000 doesn't get "rural internet" grants since we're too close to a metro area, yet we also don't get high-speed internet (the cable company went under, thanks to satellite TV, before cable internet was around, and Qwest are too lazy to get enough bandwidth to put a DSLAM in the CO). The only non-DS0 based (DS0-based options are far too expensive for any normal consumer) connection faster than 56k is the worst WISP ever. This is unbridled capitalism gone wrong: when the telcos can make more profit with stupid advertising campaigns than by installing a vital service for thousands of people (which would *make them a profit*), things start to break.
I've seen a lot of contrarian posts modded up just for being contrarian. It works even better if you put a "I'm sure I'll get modded down for this" into the post, in order to make mods think that by modding down your post they're somehow being intolerant.
It's also possible to create a massive darknet using encrypted communications and tor-style routing that would be untraceable and (if the routing was done right) very difficult to detect using traffic analysis.
But that's beside the point. What I was trying to say is maybe it's not an RIAA conspiracy (like some Slashdot readers seem to think) and rather campus administrators protecting their resources. It's easier to block torrents as a summary group than to fiddle around with traffic shaping, and imposing bandwidth/transfer limits just hurts students with legit research needs.
The fact of the matter is college networks are for education, not warezed music, and the administrators are perfectly in their rights to disable a resource that's being used primarily for a non-educational purpose (blah blah legal torrents as if you really believe that's what college students are doing blah blah) in favor of everyone else's legitimate (or somewhat legit) work.
Sure, I get pissed off when my torrents go away. But I get more pissed off when my SSH to work goes away because of some idiot neighbor torrenting their terrible rap music.
Sadly, this sort of thing holds often because the prosecution can spin it into a million ways you're trying to obstruct justice. Courts somehow manage to claim that you're not upholding your right not to self-incriminate but that you must know the keys and that by refusing to give them up you're resisting the execution of a warrant.
This is happening in the US too; it's just parents and teachers trying to get students into "good" colleges instead of schools trying to boost rankings. Students here in the US are being encouraged to take fewer, lower-level courses than are offered at their schools because "an A in standard math looks better to colleges than a C in higher-level math." Sadly, this is mostly true.
This is mostly due to the grade-point-average system and due to grade inflation. Colleges often summary-reject students with a GPA lower than e.g. 3.0, without looking at what classes they took. This leads to the common scenario in U.S. education: In many US high schools, A no longer means a student is extremely bright and talented. As are average. A C is nearly failing. Students who aren't getting As complain to their teachers (and engage their parents to complain) as though they're failing the class.
This problem is compounded by the difference in a class's difficulty depending on teacher, school, and date taken. At my school, "IB Calculus I" is taught by three teachers. One doesn't teach well and gives amazingly hard tests. His students tend to have Cs and not know what they're doing (through no fault of their own). One teaches well and is a total hard-ass. His students are probably the most well-versed, but they also have Cs. One teacher gives open-note, multiple-choice tests. His students are generally clueless and have As.
A college has *no way* to tell which students are which, since the class is the same on transcripts. This Is Broken.
Colleges need to take a closer look at what classes a student took and other methods of aptitude testing before they accept or reject students.
Just use a truecrypted embedded crypto partition and don't keep a shell history or automount it anywhere. It's not discernible from random data, so you can deny it even exists with no fear of retribution.
And, of course, crypt the entire rest of your drive with a normal crypt partition and drag your feet on giving over any keys.
However, at the school district in my area, DoubleClick is automatically blocked at the edge router level. I'm not at all sure if this is legal, but it's definately been done.
I'm sure at least a few small/medium business network admins also automatically block DoubleClick due to their reputation for terribly invasive and questionably legal data-mining.
So quite a few people probably have DoubleClick blocked without even really knowing or noticing it.
It's expensive, sure, but like I said it only has to be done once. And once there's a demand for pirated high definition content in Asia there will be groups with significant cash resources looking for a way in.
LCDs *must* have the final step of running varying voltage across the crystals to allow light through, and DLPs *must* have the final step of positioning the mirrors. There is no way around this. It's physics. LCDs would be *very* difficult to obtain a signal from at this stage, but DLP devices wouldn't be terribly difficult as each mirror reposition corresponds directly with a R/G/B pixel state. Any excess "noise" introduced by visual obfuscation would be detectable mathematically once the raw mirror switch signals were gathered.
Yes, some quality would be lost in the re-encode, but at the near-lossless bitrates HD content is encoded at the re-encode quality loss isn't too significant.
I'd like to refer you to this comment where I've already pointed out that a camera (which is indeed expensive, low-quality, and easily fooled) is entirely unnecessary.
How about the video that's been re-encoded in good quality off the analog signal that *has* to exist in a monitor/projector (hell, if the DRM got bad/"good" enough well-funded groups i.e. chinese organized piracy groups could make devices that reconstructed signals off of LCD crystal drivers)? Still not optimal, sure, and sure the studios have won a tiny victory, but it's still guaranteed to be better than SD.
Then there's the fact that to make a system "secure" up to that point requires integrating the cryptography engine (which has to be fast enough to decrypt the compressed stream on one end and encrypt the uncompressed digital video stream on the other) and A/V decoder on one chip that requires no external buffer memory and runs no other tasks (takes a raw encrypted video stream in and spits digital-decompressed audio and video out without involving any other hardware), which is easy but slightly expensive and which I'm fairly certain doesn't exist yet.
The user still has to be able to *view* the content. There is no DRM for the mind (yet, hopefully ever). No matter how much fancy full-pipeline encrypted hardware you build, the user still has to see it. And our minds don't support AES.
And the update must have the new key in it! And we know how smart InterVideo have been about protecting the keys so far...
The fact of the matter is that if it can be decrypted and the user has physical access, there is *no way* to make "unbreakable" DRM. None. At all. Especially on most modern CPU architectures where memory and the bus are unencrypted. The data *has* to go through RAM and over the bus. Therefore there *is no protection* It takes *one* decrypt to defeat their supposed purpose "keeping them dirty pirates from getting it" and this decrypt will *always* happen. But yet they waste millions in R+D money making ridiculously bad systems to try to prevent something that's physically impossible to prevent.
Windows runs stuff on mounted drives automatically. Windows runs as administrator by default. Some USB key drives even have CD emulators, which bypass Windows autorun protection.
Mono, believe it or not, is actually being used (especially at Novell) to create applications in C# *designed to run on Linux* (see Beagle, which I'm fairly certain is now included in Novell's Linux distributions).
While I think.NET and Mono are annoying (I hate all memory-managed languages, though, so that's not saying much), I see nothing to "pff" at including a dependancy for increasingly-common applications.
Issues: The CPU is idle. A lot. The rootkit could quite easily only run itself when the CPU would otherwise be in nops or a delay loop. It's essentially impossible to use 100% of the CPU, because something, somewhere in a modern OS is generally going to run a few nops or go into a known loop state, at which the malware could just overwrite the nops or delay instructions and not delay the system at all. So your method isn't terribly great. Now, calling privileged instructions as you mention is a brilliant way of sensing the malware, as it's unavoidable that the malware must handle most privleged instructions acting as a virtual machine, and then it'd definitely be losing clock cycles. Unless you're listening to the samples and counting every one the rootkit could just discard enough of the calls to make the clock rate appear the same. The OS has no idea if the virtual machine is swapping for it. And unless you're filling the RAM with random data and then reading it back + timing it memtest86 style, the VM could just discard all the memory you allocate.
Yes, there is a ton of hyperbole and sensationalism. Virtualized rootkits are among the least common threats currently on the internet and all users and 99% of admins need not worry about them, as they have much more important things to be concerned about. But for the.001% of admins who run with highly sensitive data and audit every line of code going into their systems, this is a definite threat that they should be concerned about detecting. And they're pretty difficult to detect. And they're something new and special, so they're the Next Big Thing.
No. This is totally different. It's easy to verify a bug report (does it exist or not) and code (does it work or not, are there security flaws). It's very difficult to verify information on theology, and it's almost certain that a lot of questions other editors or users had were quashed by EssJay's claimed ThD (he has a PhD in that, he must be right!) Code is a field where I feel a degree doesn't mean much (it's easy to tell good code from bad code and degree is irrelevant; code is objective, either it works well and is secure or it does not work well), whereas in theology and a peer-review encyclopedia a degree very important (he gained prestige due to his degree and theology is very subjective, therefore it's highly likely his viewpoints weaseled their way in).
The article also doesn't realize that the majority of serious (aka real) pirated Windows installations use MuBlinder or another memory-patching or DLL replacement application to bypass WGA. I think that nearly 100% of the failures reported were false positives, and that the number is probably highly inflated by legit users frantically trying to get their critical security updates after WGA has randomly failed them. The real pirates are dodging WGA and aren't trackable with these stats.
Nope. Darwin, as an open source project, has code committed from outside Apple. The authors of this code still own it. Unless Apple negotiated with *every single* Darwin/xnu contributor whose code was going into the iPhone OS, they'd have to open-source it or at least portions of it.
IBM zSeries also have two execution units in each processor unit which execute in lockstep. If results are different the processor repeats the execution. If failure continues the processor will defer the instructions to another processor unit and disable the failing processor unit. This reliability, superior I/O throughput, and a tried-and-tested system is the advantage of the mainframe.
One issue. The methods that the police use to transfer data off of confiscated storage must be screened before they can be used in a manner which satisfies the court. Otherwise the defense could just question the manner in which the data was transferred, claim it was tampered with by the police, and the case is blown. I doubt googling emulators is an approved or accepted method.
I think it might just be a small, vocal group of people having problems.
The only "common issue" I have with my black MacBook is the "mooing" which isn't even noticable with headphones. It runs much, much cooler than any other laptop I own, and it's infinitly quieter.
The only quality control issues I've had are that the hinge is a bit squeaky and the power brick makes odd noises.
Slashdot Mirror
Word.
I live 8 miles from a major metro area. My community of ~5000 doesn't get "rural internet" grants since we're too close to a metro area, yet we also don't get high-speed internet (the cable company went under, thanks to satellite TV, before cable internet was around, and Qwest are too lazy to get enough bandwidth to put a DSLAM in the CO). The only non-DS0 based (DS0-based options are far too expensive for any normal consumer) connection faster than 56k is the worst WISP ever.
This is unbridled capitalism gone wrong: when the telcos can make more profit with stupid advertising campaigns than by installing a vital service for thousands of people (which would *make them a profit*), things start to break.
I've seen a lot of contrarian posts modded up just for being contrarian. It works even better if you put a "I'm sure I'll get modded down for this" into the post, in order to make mods think that by modding down your post they're somehow being intolerant.
I'm sure I'll get modded down for this.
It's also possible to create a massive darknet using encrypted communications and tor-style routing that would be untraceable and (if the routing was done right) very difficult to detect using traffic analysis.
But that's beside the point.
What I was trying to say is maybe it's not an RIAA conspiracy (like some Slashdot readers seem to think) and rather campus administrators protecting their resources. It's easier to block torrents as a summary group than to fiddle around with traffic shaping, and imposing bandwidth/transfer limits just hurts students with legit research needs.
The fact of the matter is college networks are for education, not warezed music, and the administrators are perfectly in their rights to disable a resource that's being used primarily for a non-educational purpose (blah blah legal torrents as if you really believe that's what college students are doing blah blah) in favor of everyone else's legitimate (or somewhat legit) work.
Sure, I get pissed off when my torrents go away. But I get more pissed off when my SSH to work goes away because of some idiot neighbor torrenting their terrible rap music.
Sadly, this sort of thing holds often because the prosecution can spin it into a million ways you're trying to obstruct justice. Courts somehow manage to claim that you're not upholding your right not to self-incriminate but that you must know the keys and that by refusing to give them up you're resisting the execution of a warrant.
See Ohm's piece on the "Fourth Amendment Right to Delete" for more information on the search+seizure aspect of legal data forensics.
Maybe it's not everyone's beloved P2P being "illegal" or whatever.
Maybe it's the fact that torrents take a fucking ton of bandwidth?
This is happening in the US too; it's just parents and teachers trying to get students into "good" colleges instead of schools trying to boost rankings.
Students here in the US are being encouraged to take fewer, lower-level courses than are offered at their schools because "an A in standard math looks better to colleges than a C in higher-level math." Sadly, this is mostly true.
This is mostly due to the grade-point-average system and due to grade inflation. Colleges often summary-reject students with a GPA lower than e.g. 3.0, without looking at what classes they took. This leads to the common scenario in U.S. education:
In many US high schools, A no longer means a student is extremely bright and talented. As are average. A C is nearly failing. Students who aren't getting As complain to their teachers (and engage their parents to complain) as though they're failing the class.
This problem is compounded by the difference in a class's difficulty depending on teacher, school, and date taken. At my school, "IB Calculus I" is taught by three teachers. One doesn't teach well and gives amazingly hard tests. His students tend to have Cs and not know what they're doing (through no fault of their own). One teaches well and is a total hard-ass. His students are probably the most well-versed, but they also have Cs. One teacher gives open-note, multiple-choice tests. His students are generally clueless and have As.
A college has *no way* to tell which students are which, since the class is the same on transcripts. This Is Broken.
Colleges need to take a closer look at what classes a student took and other methods of aptitude testing before they accept or reject students.
Just use a truecrypted embedded crypto partition and don't keep a shell history or automount it anywhere.
It's not discernible from random data, so you can deny it even exists with no fear of retribution.
And, of course, crypt the entire rest of your drive with a normal crypt partition and drag your feet on giving over any keys.
However, at the school district in my area, DoubleClick is automatically blocked at the edge router level. I'm not at all sure if this is legal, but it's definately been done.
I'm sure at least a few small/medium business network admins also automatically block DoubleClick due to their reputation for terribly invasive and questionably legal data-mining.
So quite a few people probably have DoubleClick blocked without even really knowing or noticing it.
It's expensive, sure, but like I said it only has to be done once. And once there's a demand for pirated high definition content in Asia there will be groups with significant cash resources looking for a way in.
LCDs *must* have the final step of running varying voltage across the crystals to allow light through, and DLPs *must* have the final step of positioning the mirrors. There is no way around this. It's physics. LCDs would be *very* difficult to obtain a signal from at this stage, but DLP devices wouldn't be terribly difficult as each mirror reposition corresponds directly with a R/G/B pixel state. Any excess "noise" introduced by visual obfuscation would be detectable mathematically once the raw mirror switch signals were gathered.
Yes, some quality would be lost in the re-encode, but at the near-lossless bitrates HD content is encoded at the re-encode quality loss isn't too significant.
I'd like to refer you to this comment where I've already pointed out that a camera (which is indeed expensive, low-quality, and easily fooled) is entirely unnecessary.
How about the video that's been re-encoded in good quality off the analog signal that *has* to exist in a monitor/projector (hell, if the DRM got bad/"good" enough well-funded groups i.e. chinese organized piracy groups could make devices that reconstructed signals off of LCD crystal drivers)?
Still not optimal, sure, and sure the studios have won a tiny victory, but it's still guaranteed to be better than SD.
Then there's the fact that to make a system "secure" up to that point requires integrating the cryptography engine (which has to be fast enough to decrypt the compressed stream on one end and encrypt the uncompressed digital video stream on the other) and A/V decoder on one chip that requires no external buffer memory and runs no other tasks (takes a raw encrypted video stream in and spits digital-decompressed audio and video out without involving any other hardware), which is easy but slightly expensive and which I'm fairly certain doesn't exist yet.
Wrong. Why?
The user still has to be able to *view* the content. There is no DRM for the mind (yet, hopefully ever).
No matter how much fancy full-pipeline encrypted hardware you build, the user still has to see it. And our minds don't support AES.
And the update must have the new key in it!
And we know how smart InterVideo have been about protecting the keys so far...
The fact of the matter is that if it can be decrypted and the user has physical access, there is *no way* to make "unbreakable" DRM. None. At all.
Especially on most modern CPU architectures where memory and the bus are unencrypted. The data *has* to go through RAM and over the bus.
Therefore there *is no protection*
It takes *one* decrypt to defeat their supposed purpose "keeping them dirty pirates from getting it" and this decrypt will *always* happen. But yet they waste millions in R+D money making ridiculously bad systems to try to prevent something that's physically impossible to prevent.
Windows. Autorun. U3.
Look up the U3 SwitchBlade.
Windows runs stuff on mounted drives automatically.
Windows runs as administrator by default.
Some USB key drives even have CD emulators, which bypass Windows autorun protection.
See the drift?
Mono, believe it or not, is actually being used (especially at Novell) to create applications in C# *designed to run on Linux* (see Beagle, which I'm fairly certain is now included in Novell's Linux distributions).
.NET and Mono are annoying (I hate all memory-managed languages, though, so that's not saying much), I see nothing to "pff" at including a dependancy for increasingly-common applications.
While I think
Issues:
.001% of admins who run with highly sensitive data and audit every line of code going into their systems, this is a definite threat that they should be concerned about detecting. And they're pretty difficult to detect. And they're something new and special, so they're the Next Big Thing.
The CPU is idle. A lot. The rootkit could quite easily only run itself when the CPU would otherwise be in nops or a delay loop. It's essentially impossible to use 100% of the CPU, because something, somewhere in a modern OS is generally going to run a few nops or go into a known loop state, at which the malware could just overwrite the nops or delay instructions and not delay the system at all. So your method isn't terribly great.
Now, calling privileged instructions as you mention is a brilliant way of sensing the malware, as it's unavoidable that the malware must handle most privleged instructions acting as a virtual machine, and then it'd definitely be losing clock cycles.
Unless you're listening to the samples and counting every one the rootkit could just discard enough of the calls to make the clock rate appear the same.
The OS has no idea if the virtual machine is swapping for it. And unless you're filling the RAM with random data and then reading it back + timing it memtest86 style, the VM could just discard all the memory you allocate.
Yes, there is a ton of hyperbole and sensationalism. Virtualized rootkits are among the least common threats currently on the internet and all users and 99% of admins need not worry about them, as they have much more important things to be concerned about. But for the
No. This is totally different. It's easy to verify a bug report (does it exist or not) and code (does it work or not, are there security flaws). It's very difficult to verify information on theology, and it's almost certain that a lot of questions other editors or users had were quashed by EssJay's claimed ThD (he has a PhD in that, he must be right!)
Code is a field where I feel a degree doesn't mean much (it's easy to tell good code from bad code and degree is irrelevant; code is objective, either it works well and is secure or it does not work well), whereas in theology and a peer-review encyclopedia a degree very important (he gained prestige due to his degree and theology is very subjective, therefore it's highly likely his viewpoints weaseled their way in).
The article also doesn't realize that the majority of serious (aka real) pirated Windows installations use MuBlinder or another memory-patching or DLL replacement application to bypass WGA.
I think that nearly 100% of the failures reported were false positives, and that the number is probably highly inflated by legit users frantically trying to get their critical security updates after WGA has randomly failed them.
The real pirates are dodging WGA and aren't trackable with these stats.
Nope. Darwin, as an open source project, has code committed from outside Apple. The authors of this code still own it. Unless Apple negotiated with *every single* Darwin/xnu contributor whose code was going into the iPhone OS, they'd have to open-source it or at least portions of it.
IBM zSeries also have two execution units in each processor unit which execute in lockstep. If results are different the processor repeats the execution. If failure continues the processor will defer the instructions to another processor unit and disable the failing processor unit. This reliability, superior I/O throughput, and a tried-and-tested system is the advantage of the mainframe.
MOL (Mac-On-Linux). Sure it's PowerPC, it's still virtualization.
Oh and that little copyright thing. The RIAA doesn't want us to believe (and it's possibly not) that copying songs to our friends is legal.
One issue. The methods that the police use to transfer data off of confiscated storage must be screened before they can be used in a manner which satisfies the court. Otherwise the defense could just question the manner in which the data was transferred, claim it was tampered with by the police, and the case is blown. I doubt googling emulators is an approved or accepted method.
It's what the fan spinning up/down repeatedly at the heat thresholds is called, because it sounds like a moo.
I think it might just be a small, vocal group of people having problems.
The only "common issue" I have with my black MacBook is the "mooing" which isn't even noticable with headphones.
It runs much, much cooler than any other laptop I own, and it's infinitly quieter.
The only quality control issues I've had are that the hinge is a bit squeaky and the power brick makes odd noises.
That's *it.*
Maybe I just got lucky. Who knows?