current *nix filesystems have the user just like any other piece of meta data. NTFS doesn't have anything like that in practice. whether it's there or not it's not used by windows. Booting from another disk eliminates all security systems in place for any OS. It's a glaring security problem. it's a point no one has begun working on.
...Apparently you've never heard of filesystem-level encryption: a feature available in some form in every modern OS I can think of, including NTFS in Windows.
On OS X the root user isn't activated that command can't be given. Ubuntu is doing the same thing.
As is Vista -- the initial user account created during installation has, essentially, the ability to sudo, but is not the actual Administrator account. By default, the Administrator account doesn't even appear as a login option.
real Mac user: someone true to who they are, the misfits, the rebels, the troublemakers, the round pegs in the square holes. The ones who see things differently. They're not fond of rules and they have no respect for the status quo. The ones who are crazy enough to think that they can change the world.
And apparently, if you're at all representative, the ones with no sense of irony...
Vista's security system at least in the betas could be bypassed by changing an entry in the registry. That's secure?
...And *NIX's security system can be bypassed by chmod -R 666'ing/etc, adding all users to wheel/sudoers, and/or...well, really, any number of ways. That's secure?
Oh wait, yeah, it is.
It goes without saying that any administrator knowledgeable enough to change system settings (particularly those which aren't exposed for easy access) has the capability and the potential to change them to something stupid. So long as the defaults are sane for people who wouldn't know from a registry entry or a group file, who cares?
Next up though will be the intelligent ans secure file system. A filesystem that deals with users and permissions on it's own. preventing access to files without authorization.
Now you're just stringing words together for fun without regard to meaning. Do you have even the foggiest notion of how filesystems are actually implemented? What are you trying to describe, and how is it different from EXT3 or NTFS or any even remotely modern kernel-level filesystem?
The design of the underlying kernels is from the 70s. The windowing systems were research projects in the 80s; yes, even compositing in OS X is an 80s invention. The WIMP interface is 70s.
Had I mod points, they would be yours. This is exactly the point I was alluding to in the GP comment.
Worse, it seems Microsoft has lowered the collective standards of computing to the point where many people believe OS X and even Linux to be advanced operating systems...
So if I hold a gun to your head and pull the trigger, it's not murder, just your failure to adapt quickly enough to getting shot. Natural selection at work, right?
Okay, okay, maybe not such a fair analogy. Here's a better one: I won't shoot you. Instead, I'm going to issue you a warning: in 50 years I will return to find your great grandchildren, and shoot them instead. There you go, your family now has three more generations -- roughly comparable to the timescale on which the dolphins would have had to adapt to their environmental changes -- for at least one of your descendants to adapt to the effects of shooting. If you can't hack that -- with forewarning, no less! -- maybe you and your progeny just weren't meant to be.
Your logic might hold true if each letter corresponded to one and only one randomly-generated number. Remember, though, that the cracker doesn't know which of the four random numbers associated with each character is significant. Coupled with the ability to inject "decoy digits" into the stream, I'd have to consider this system sufficiently difficult to compromise. If you really wanted to complicate things, you could use a hex-based grid (for six associated numbers instead of four), or use a combination of one-, two- and even three-digit key numbers (thus conferring uncertainty as to how many characters in the sequence each numeral corresponds).
Naturally, there are tradeoffs involved between security and convenience, and I'd probably want to use a system like this in conjunction with one or more additional factors, perhaps managed by a risk-based evaluation system. On the other hand, this system is easily as secure, if not more secure, than many considerably more inconvenient systems that I've evaluated, and that's worth quite a lot in the real world of online banking, where we often find it necessary to balance security with ease of use (always erring in favor of security, of course).
(In case you were wondering, I have no affiliation with GDS, nor any particular intention of deploying their GridOne system, but I do work for a financial institution which is currently in the process of evaluating a number of similar products, and their approach struck me as notably clever.)
That's a much more reasonable analysis than the Mastermind comparison. However, in the real world, brute force attacks are trivial to impede simply by locking out accounts above a certain threshhold of failed logins. I don't know of a single online banking system that doesn't implement this.
Grid Data Security's GridOne uses a very similar approach: they present an on-screen alphanumeric entry grid, with each character surrounded by four randomly-generated numbers, one in each corner of the cell. Users enter their password by typing the corresponding number for each character of the password, from a pre-selected corner of the cell (upper left, lower right, etc). Since the numbers are randomly generated with each display of the entry grid, and any numeral may appear in multiple places on a given random grid, this effectively defeats both keyloggers and screengrabbers: even if you can see both the entry grid and the entered keystrokes, deriving the user's password from that information is non-trivial.
(Of course, this isn't much use against the hypothetical of a carefully-engineered realtime man-in-the-middle attack, but I suspect very little would be.)
I'm curious, can you provide me with more specific data on the sort of lucrative government subsidies available to these environmental entrepreneurs? Dollar amounts in particular would be helpful, as I would be quite interested to know how they compare to a typical oil executive's salary (for instance, Exxon's Lee Raymond's, who took home a reported $51.1 million in 2005 before departing with a $400 million retirement package).
You know, I'm honestly surprised that it hasn't occurred to any of these execs how much more money they could be making as anti-oil environmentalists. (Or -- perhaps they do know, and remain in the industry solely on principle...)
Doubtful, since this doesn't require any modification of the hardware. Microsoft already officially supports this sort of "tampering" with other XBox 360 peripherals (they even provide Win98 drivers for the 360 controller, with XP support out of the box) so it'd be at least moderately surprising if they turned around on this one.
It's easy when you have a single all-occasion canned response to everything. Add a few lines here and there to suit context, and voila! -- instant first post.
Seriously, where have you been for the last 10-15 years, and were you somehow under the impression all this time that OpenGL, DirectX 3-9 and their predecessors were "hardware API standards"? The only difference in this respect between DirectX10 and earlier versions is that DX10 doesn't attempt to provide backward compatability for older hardware, so you'll need an explictly DX10-compatible card in order to take advantage of DX10 rendering paths.
Only by virtue of Microsoft's attempt to provide backward compatability for AJAX sites developed for older versions of IE.
Prior to IE7, the XMLHTTP object, used to retrieve data from external sources without full-page reloads, was provided by an external ActiveX control. With IE7, Microsoft has implemented XMLHTTP natively in-browser, rendering the ActiveX control unneccesary -- however, it's still possible for older sites which haven't yet been rewritten to take advantage of native XMLHTTP support to load the ActiveX version.
The good news is, if you don't mind breaking the many AJAX-reliant sites which still use the old-style XMLHTTP object, you can disable it completely through IE7's (and IE6SP2's) Add-on management.
"Kill" has one accepted meaning: to deprive of life. You can only kill in one way, and with one immediate result. Motive/rationalization is an entirely separate question.
The same cannot be said of love, which renders your analogy tenuous at best. Love is abstract; death, concrete. To claim otherwise would cheapen the meanings of both love and death.
Regardless what you think of the underlying argument, this is a poor analogy. The linguistic ambiguity surrounding the word 'love' is directly rooted in the fact that it's used broadly to describe an entire suite of closely related but distinct emotions. Metaphoric and idiomatic usage notwithstanding, 'killing' suffers no such inherent ambiguity: to kill means only one thing, and that's deprivation of life.
IANA particle physicist, but I believe the "photograph" in question is in fact the grayscale interference pattern on the plane beneath the 3D (spectro?)graph.
Slashdot Mirror
As is Vista -- the initial user account created during installation has, essentially, the ability to sudo, but is not the actual Administrator account. By default, the Administrator account doesn't even appear as a login option.
Care to remind me of your point again?
And apparently, if you're at all representative, the ones with no sense of irony...
Oh wait, yeah, it is.
It goes without saying that any administrator knowledgeable enough to change system settings (particularly those which aren't exposed for easy access) has the capability and the potential to change them to something stupid. So long as the defaults are sane for people who wouldn't know from a registry entry or a group file, who cares?
Now you're just stringing words together for fun without regard to meaning. Do you have even the foggiest notion of how filesystems are actually implemented? What are you trying to describe, and how is it different from EXT3 or NTFS or any even remotely modern kernel-level filesystem?
Worse, it seems Microsoft has lowered the collective standards of computing to the point where many people believe OS X and even Linux to be advanced operating systems...
So if I hold a gun to your head and pull the trigger, it's not murder, just your failure to adapt quickly enough to getting shot. Natural selection at work, right?
Okay, okay, maybe not such a fair analogy. Here's a better one: I won't shoot you. Instead, I'm going to issue you a warning: in 50 years I will return to find your great grandchildren, and shoot them instead. There you go, your family now has three more generations -- roughly comparable to the timescale on which the dolphins would have had to adapt to their environmental changes -- for at least one of your descendants to adapt to the effects of shooting. If you can't hack that -- with forewarning, no less! -- maybe you and your progeny just weren't meant to be.
And I'm one of those people without kids who still thinks you're an asshole.
As if the existing White House reality-distortion field weren't bad enough...
Your logic might hold true if each letter corresponded to one and only one randomly-generated number. Remember, though, that the cracker doesn't know which of the four random numbers associated with each character is significant. Coupled with the ability to inject "decoy digits" into the stream, I'd have to consider this system sufficiently difficult to compromise. If you really wanted to complicate things, you could use a hex-based grid (for six associated numbers instead of four), or use a combination of one-, two- and even three-digit key numbers (thus conferring uncertainty as to how many characters in the sequence each numeral corresponds).
Naturally, there are tradeoffs involved between security and convenience, and I'd probably want to use a system like this in conjunction with one or more additional factors, perhaps managed by a risk-based evaluation system. On the other hand, this system is easily as secure, if not more secure, than many considerably more inconvenient systems that I've evaluated, and that's worth quite a lot in the real world of online banking, where we often find it necessary to balance security with ease of use (always erring in favor of security, of course).
(In case you were wondering, I have no affiliation with GDS, nor any particular intention of deploying their GridOne system, but I do work for a financial institution which is currently in the process of evaluating a number of similar products, and their approach struck me as notably clever.)
That's a much more reasonable analysis than the Mastermind comparison. However, in the real world, brute force attacks are trivial to impede simply by locking out accounts above a certain threshhold of failed logins. I don't know of a single online banking system that doesn't implement this.
Really? Care to explain how that works when the corresponding numbers change with each login?
That anything like a "palimpsest"?
Most software keyloggers are trojans. What's your point?
Grid Data Security's GridOne uses a very similar approach: they present an on-screen alphanumeric entry grid, with each character surrounded by four randomly-generated numbers, one in each corner of the cell. Users enter their password by typing the corresponding number for each character of the password, from a pre-selected corner of the cell (upper left, lower right, etc). Since the numbers are randomly generated with each display of the entry grid, and any numeral may appear in multiple places on a given random grid, this effectively defeats both keyloggers and screengrabbers: even if you can see both the entry grid and the entered keystrokes, deriving the user's password from that information is non-trivial.
http://griddatasecurity.com/Approach.htm
(Of course, this isn't much use against the hypothetical of a carefully-engineered realtime man-in-the-middle attack, but I suspect very little would be.)
I'm curious, can you provide me with more specific data on the sort of lucrative government subsidies available to these environmental entrepreneurs? Dollar amounts in particular would be helpful, as I would be quite interested to know how they compare to a typical oil executive's salary (for instance, Exxon's Lee Raymond's, who took home a reported $51.1 million in 2005 before departing with a $400 million retirement package).
You know, I'm honestly surprised that it hasn't occurred to any of these execs how much more money they could be making as anti-oil environmentalists. (Or -- perhaps they do know, and remain in the industry solely on principle...)
Yeah, real lucrative business, that environmentalism. You can see why all the ambitious young entrepeneurs are getting into it.
Doubtful, since this doesn't require any modification of the hardware. Microsoft already officially supports this sort of "tampering" with other XBox 360 peripherals (they even provide Win98 drivers for the 360 controller, with XP support out of the box) so it'd be at least moderately surprising if they turned around on this one.
It's easy when you have a single all-occasion canned response to everything. Add a few lines here and there to suit context, and voila! -- instant first post.
Seriously, where have you been for the last 10-15 years, and were you somehow under the impression all this time that OpenGL, DirectX 3-9 and their predecessors were "hardware API standards"? The only difference in this respect between DirectX10 and earlier versions is that DX10 doesn't attempt to provide backward compatability for older hardware, so you'll need an explictly DX10-compatible card in order to take advantage of DX10 rendering paths.
Only by virtue of Microsoft's attempt to provide backward compatability for AJAX sites developed for older versions of IE.
Prior to IE7, the XMLHTTP object, used to retrieve data from external sources without full-page reloads, was provided by an external ActiveX control. With IE7, Microsoft has implemented XMLHTTP natively in-browser, rendering the ActiveX control unneccesary -- however, it's still possible for older sites which haven't yet been rewritten to take advantage of native XMLHTTP support to load the ActiveX version.
The good news is, if you don't mind breaking the many AJAX-reliant sites which still use the old-style XMLHTTP object, you can disable it completely through IE7's (and IE6SP2's) Add-on management.
You're right. This is the sort of English up with which we should not put.
"Kill" has one accepted meaning: to deprive of life. You can only kill in one way, and with one immediate result. Motive/rationalization is an entirely separate question.
The same cannot be said of love, which renders your analogy tenuous at best. Love is abstract; death, concrete. To claim otherwise would cheapen the meanings of both love and death.
Regardless what you think of the underlying argument, this is a poor analogy. The linguistic ambiguity surrounding the word 'love' is directly rooted in the fact that it's used broadly to describe an entire suite of closely related but distinct emotions. Metaphoric and idiomatic usage notwithstanding, 'killing' suffers no such inherent ambiguity: to kill means only one thing, and that's deprivation of life.
IANA particle physicist, but I believe the "photograph" in question is in fact the grayscale interference pattern on the plane beneath the 3D (spectro?)graph.
Idunno why they'd want to do that; the tag was a Netscape innovation.