Well, we got this nifty platform here for you to stand on. Right overhere, by the trapdoor.
And now notice the safety strap that's being applied around you neck. Good, isn't it?
And now, any last words before I pull this lever?
apparently, it's quite normal for people to view their ms-windows boxes filling up with vermin etc.
Not just users....
A Laptop at work got a virus. I was asked to help cleanit up. After 'cleaning' it, I suggested that we reboot and check again (actually, I suggested we just wipe the box and start again).
Sure enough, the reboot-and-scan found a few more files.
The local 'admin' just shrugged and said: "well, that's normal for windows, isn't it?"
Bruce criticisms of code signing is that it does not increase security for consumers.
Your comment is that code signing wasn't meant to increaes security.
OK, so what/IS/ code signing supposed to do for the consumer?
... a backend compromise
So you can't turn a hash of my fingerprints back into my fingerprints.
Big deal.
You can still collate my hashed fingerprint in THIS database with my hashed fingerprint in THAT database etc. etc.
until you stumble on a database that has my hashed fingerprint and my name.
In other words, all the data-mining junk still works. You can still track me, SPAM me, sell my information, even find out my name and where I live.
If the OS runs the driver in kernel mode then a buggy driver can kill the OS.
This is arguably wrong, however almost everyone does it anyway for performance reasons.
(A windows box with a crashed graphics subsystem is as good as dead to the average user anyway,
so there'e not much point protecting the OS when the user is gonna press the reset button anyway to resurect his box.)
Exposing risky API calls heaps wrongness upon wrongness.
(again, this is often done for performance reasons).
Assuming X knows what X is doing (where X is a user, program, HW device etc.) is pushing wrongedness to a whole new level.
(guess what, almost everyone does this too).
Stability (aka "security") is traded off for performance/features/etc by so many people in so many places that it's
pointless to try to apportion blame when something dies.
Good point.... whose fault is it vs. whos problem is it.
OOo may have done something bad which may have caused a buggy driver to crash NT.
End result: whomever is at fault, OOo can't run so it's OOo's problem.
BSOD is an OS problem, not an application problem.
Applications crashing themselves is one thing, applications crashing the OS is another.
I believe the video drivers were moved from user to kernel space in NT4. A buggy video driver can therefore easily crash the OS.
But in the meantime, I will be using cgs/mks/etc for work (Physics) and English for driving, cooking, and so on. Before I start using some form of metric for everyday activities, companies need to sell goods with metric measurements. Until that happens it's not going to change.
That's kind of my point.... why not drive the conversion from imperial to metric from the high-tech end rather than (or as well as) the kitchen-sink end?
Could someone please tell the US about SI units?
I can understand keeping imperial units around for 'legacy support', but when something new like a small HDD comes along
is it too much to ask that they use SI rather than 'my-mars-probe-is-better-than-yours' units?
should be just about enough for the police to buy legal licenses for windows.
which means they can keep getting "genuinely advantaged" patches.
which is actually very helpful.
All this proves is that Monad can find and modify text files (and that there are idiots out there who will misuse tools).
About the only way around this is code-signing to prevent modification (yeah, like I'm gonna sign every single perl script I ever wrote.....)
It's not like you can't do this in bash, awk, sed, perl, python, REXX etc. etc.
There's no question that the buit-in solution is more elegant than manually trawling the disk periodically.
I was trying to show that the functionality offered isn't that diffucult to duplicates. Most users care about functionality, not implementation.
Given a choice between a radically new filesystem with lots of magic support in lots of places
(will this work with existing tools or o you have to buy WordVista or is the indexing automatic?)
and a slightly kludgy script
on solid proven technology with no magic required by tools to get suport, I choose the latter.
The mechanism can probably be duplicated with some of the ReiserFS magic stuff. Not sure about that.
The windows system may be "instant", but is that a realistic requirement?
If I want something I edited in the last 5 mins I'll look in the "recently opened" folder.
Otherwise I'll run this as a cron job every 5 mins. "instant" enough for practical purposes.
If the files 'ages out' at "1 week and 5 mins" rather than "1 week" I don't really care.
DRM uses asymetric encryption.
Data to be protected is encrypted with a public key, and decrypted with the private key.
The private key is held in the trusted hardware, so you can'g get at it. In fact, the data may remain encrypted
all the way to the 'trusted' monitor.
Sure, you can copy the encrypted files all you wnt, but you can't decrypt them w/o the trusted HW.
The problem is this.... To distrbute a movie to 10,000 computers you either have to encrypt it 10,000 times (ouch, CPU time, bandwidth!)
or encrypt it with a key that's shared by all 10,000 PC's.
If _one_ of those 10,000 PC's is 'comproised' then the original data leaks out of the DRM world and DRM has bought you _NOTHING_.
DRM is designed to make honest people pay again and again for the same thing. It won't do a thing to stop 'piracy'.
Actual informed users can run administrator accounts on Windows with no problems whatsoever
I'm guessing you're 'informed', so please tell me how!
I've been honestly trying, and I can't get half the stuff to work properly
(granted that a lot of this is due to applications rather than the OS, but the end result is the same).
I guess I'm not 'informed' enough.... I'm only a SW developer/sys-admin with 10+ years expirience.
Slashdot Mirror
yeah... 'cos magic fairies drop off the master CDs and Microsoft is just a big CD-replicating business.
Last time I spend that much (more, actually) with RedHat I didn't even get a CD.
What is platformization?
Well, we got this nifty platform here for you to stand on. Right overhere, by the trapdoor.
And now notice the safety strap that's being applied around you neck. Good, isn't it?
And now, any last words before I pull this lever?
... why power companies just don't sling fiber on their poles.
Despite the bandwidth, I don't think you can actually get a lot of power through a FO.
apparently, it's quite normal for people to view their ms-windows boxes filling up with vermin etc.
Not just users....
A Laptop at work got a virus. I was asked to help cleanit up. After 'cleaning' it, I suggested that we reboot and check again (actually, I suggested we just wipe the box and start again).
Sure enough, the reboot-and-scan found a few more files.
The local 'admin' just shrugged and said: "well, that's normal for windows, isn't it?"
let's see.....
cd ~/gento
time gmake -j 30000
I'll let you know when it's done!
Bruce criticisms of code signing is that it does not increase security for consumers. /IS/ code signing supposed to do for the consumer?
Your comment is that code signing wasn't meant to increaes security.
OK, so what
... a backend compromise
So you can't turn a hash of my fingerprints back into my fingerprints.
Big deal.
You can still collate my hashed fingerprint in THIS database with my hashed fingerprint in THAT database etc. etc. until you stumble on a database that has my hashed fingerprint and my name.
In other words, all the data-mining junk still works. You can still track me, SPAM me, sell my information, even find out my name and where I live.
If the OS runs the driver in kernel mode then a buggy driver can kill the OS.
This is arguably wrong, however almost everyone does it anyway for performance reasons. (A windows box with a crashed graphics subsystem is as good as dead to the average user anyway, so there'e not much point protecting the OS when the user is gonna press the reset button anyway to resurect his box.)
Exposing risky API calls heaps wrongness upon wrongness. (again, this is often done for performance reasons).
Assuming X knows what X is doing (where X is a user, program, HW device etc.) is pushing wrongedness to a whole new level. (guess what, almost everyone does this too).
Stability (aka "security") is traded off for performance/features/etc by so many people in so many places that it's pointless to try to apportion blame when something dies.
Good point.... whose fault is it vs. whos problem is it.
OOo may have done something bad which may have caused a buggy driver to crash NT.
End result: whomever is at fault, OOo can't run so it's OOo's problem.
cow1: Do you worry about mad cow disease?
cow2: Why should I? I'm a rabbit.
BSOD is an OS problem, not an application problem.
Applications crashing themselves is one thing, applications crashing the OS is another.
I believe the video drivers were moved from user to kernel space in NT4. A buggy video driver can therefore easily crash the OS.
DRM has nothing to do with piracy (other than that piracy is used as a justification).
DRM is anti fair-use.
Eradicating fair-use is much more profitable, and much easier, than eradicating piracy.
But in the meantime, I will be using cgs/mks/etc for work (Physics) and English for driving, cooking, and so on. Before I start using some form of metric for everyday activities, companies need to sell goods with metric measurements. Until that happens it's not going to change.
That's kind of my point.... why not drive the conversion from imperial to metric from the high-tech end rather than (or as well as) the kitchen-sink end?
Could someone please tell the US about SI units?
I can understand keeping imperial units around for 'legacy support', but when something new like a small HDD comes along is it too much to ask that they use SI rather than 'my-mars-probe-is-better-than-yours' units?
I am not against video cameras in a private space
Do you rent?
Would you object to your landlord putting cameras in your/his home?
Actually they'd probably upgrade to a Ford Explorer 'cos the pinto isn't made anymore.
should be just about enough for the police to buy legal licenses for windows.
which means they can keep getting "genuinely advantaged" patches.
which is actually very helpful.
... on which comes out first
Vista or GLP3
(as a sidebet, DNF vs Hurd)
All this proves is that Monad can find and modify text files (and that there are idiots out there who will misuse tools).
About the only way around this is code-signing to prevent modification (yeah, like I'm gonna sign every single perl script I ever wrote.....)
It's not like you can't do this in bash, awk, sed, perl, python, REXX etc. etc.
http://www.schneier.com/blog/archives/2005/08/eave sdropping_o.html
There's no question that the buit-in solution is more elegant than manually trawling the disk periodically.
I was trying to show that the functionality offered isn't that diffucult to duplicates. Most users care about functionality, not implementation.
Given a choice between a radically new filesystem with lots of magic support in lots of places (will this work with existing tools or o you have to buy WordVista or is the indexing automatic?) and a slightly kludgy script on solid proven technology with no magic required by tools to get suport, I choose the latter.
The mechanism can probably be duplicated with some of the ReiserFS magic stuff. Not sure about that.
The windows system may be "instant", but is that a realistic requirement?
If I want something I edited in the last 5 mins I'll look in the "recently opened" folder.
Otherwise I'll run this as a cron job every 5 mins. "instant" enough for practical purposes.
If the files 'ages out' at "1 week and 5 mins" rather than "1 week" I don't really care.
find ~ -type f -mtime -7 -exec ln -s {} ~/DocumentsEditedLastWeek/\`basename {}\` \;
(or words to that effect)
OK.... what's next?
DRM uses asymetric encryption.
Data to be protected is encrypted with a public key, and decrypted with the private key.
The private key is held in the trusted hardware, so you can'g get at it. In fact, the data may remain encrypted all the way to the 'trusted' monitor.
Sure, you can copy the encrypted files all you wnt, but you can't decrypt them w/o the trusted HW.
The problem is this.... To distrbute a movie to 10,000 computers you either have to encrypt it 10,000 times (ouch, CPU time, bandwidth!) or encrypt it with a key that's shared by all 10,000 PC's.
If _one_ of those 10,000 PC's is 'comproised' then the original data leaks out of the DRM world and DRM has bought you _NOTHING_.
DRM is designed to make honest people pay again and again for the same thing. It won't do a thing to stop 'piracy'.
Actual informed users can run administrator accounts on Windows with no problems whatsoever
I'm guessing you're 'informed', so please tell me how!
I've been honestly trying, and I can't get half the stuff to work properly (granted that a lot of this is due to applications rather than the OS, but the end result is the same).
I guess I'm not 'informed' enough.... I'm only a SW developer/sys-admin with 10+ years expirience.