That was a name that was given to them by Fox News about (18?) months ago to describe the people on anonymous image boards and/or *chans, IRC nets, and such that were griefing people IRL and online (Tom Green, Hal Turner, MySpace and LJ hacks, and so forth).
This name had been taken on in pride by its adherents as a banner of unification among these Internet communities. This war with Co$ is their latest and most ambitious project. It has also drawn in people from the sidelines who might have not agreed with their earlier tactics but would like to participate now that target is deemed worthy, one can suppose.
Take the kernel-source. Modify the kernel config file and remove what you know isn't necessary. Create a diff between the new and old and place it in the SOURCES from the rpmbuild environment. Add the patch to the spec file for the kernel in the patches section; also change the release name to match your company to distinguish it from a stock kernel release. rpmbuild the kernel using your new patched config and new spec file and it'll do the rest of the work automagically.
Now you have a fresh, customized kernel RPM you can use on all of the hardware of the same class. Distribute via internal package mirror (you need one of these too, its a godsend).
Netboot, biiiatch! Set up a TFTP, toss in a syslinux config, and point it at a loopback mounted ISO of whatever distro you're installing. I know at least Debian and Fedora/Redhat are capable of this. Solaris too (although its been awhile I remember doing it ages ago).
Five days is a target for something like a kernel exploit (in terms of the fix appearing in mirrors for various distros, and update tools telling you to reboot).
For whatever reason, the author of TrueCrypt wrote his own implementation of AES. This means even if someone put up the cash to apply for a cert, it'd probably take much longer to get anything other than assurance level 1 than most people are willing to wait.
In any case it costs a lot of money and they only test binaries which makes anything that links into a kernel difficult unless it's only a library core common among implementations which is linked at install time or something.
It's a real pain.:-(
Most people are fine with FIPS-compliant but not listed, and not many government types use anything but windows on laptops, so you're kinda screwed there being one of very few who need it.
It's not the environment is bad, I just don't like rolling APT packages. I was okay with hand-rolling patched mkinitrd's for the last few years but anaconda support here is like delicious gravy to me.
It was getting the installer / boot scripts to support them (and also getting mkinitrd patched) so you can do encrypted root out of the box.
There's little things about that you have to watch out for... for example, if you decide to use LVM and swap but use a dynamic generated key for encrypting swap, then you have to disable hibernation because resume won't work. Blah blah blah...
That right there is the NUMBER ONE reason to get it if you have a laptop. It's been a long time coming and it is sorely missed. Now you too can reap the benefits of transparent encryption enforced at boot on your portable device, wrapped up in a package that is easy to set up.
They just spout the same old bullshit arguments about how: 1) American Football is misnamed. 2) It's a wussy game (woo rugby) 3) It's for retards. 4) Too many breaks 5) Companies spend a lot of money on marketing THEY ARE EVIL HURRRR
I'm not going to address these comments because they are loaded or strawmen and others have done it better than me. I think it's great. It's a lot of fun to watch and talk about, and I hope the Giants win today. The rest of you haters can go back to whatever the hell you were doing.
Oooh the Tuck of the Giants just got an interception! WOOOO
So how do you suppose a Whitespace interpreter is added to every version of GCC ever used to compile any crypto code that gets tested?
Oh wait, it doesn't, whitespace is a horrible language only Touring-complete in name and the extra whitespace that would be required to do anything subversive would be 10 times larger than the source code to the encryption itself, and you don't think anyone would notice that?
Jesus Fucking Christ, you're retarded. You're out of your league. Take your tinfoil hat off and swallow it.
There are currently no reliable symmetric cyphers that use keysizes greater than 256 bits. They just haven't been written and tested yet, because we don't need them until something drastic happens in math or quantum computing to make guessing that symmetric key feasible.
Other algorithms from PKI are where you see 512, 1024, 2048 bits. These algorithms use math that works in two directions and the security rests on the difficulty of factoring very large numbers. These types of keys are long-term use keys used to prove identity and sign documents, and protect randomly selected encryption keys that are one-time-use between parties. You need those one-time-keys when exchanging a lot of data; you'd use it with the aforementioned symmetric cypher with those smaller 256-bit keys and blocks in that case. It's simultaneously stronger per bit of key, but faster to compute than the PKI encryption.
You know, the kind you can self-verify are correct and pass all the relevant tests?
The mathematical algorithms are open, the implementations open... there's no reason why you shouldn't be able to find and test an implementation that you feel secure with. Be that twofish or AES, whatever.
The trick is keeping your key material and plaintext (when not encrypted) from being exposed.
... I suggest you put your wallet back in your pocket, and don't spend any more money on consultants, software, or IT staff hours spent configuring the free and non-free stuff in furtherance of your goals.
Instead you should save your money and hire a lawyer instead who will draft up NDAs for you to have people sign in order to protect those documents/secrets you want tightly controlled.
Technical solutions will not cut it. They never will. You are throwing your money away.
Hire a lawyer, and only give the documents to people who ABSOLUTELY need it and is worth the time to get contracts involved with.
Although I didn't mean that virtualized and/or thin-client desktops were anything new.:-) The question is about selling Citrix -- as-a-service. A cursory investigation reveals companies out there offering a managed virtualized desktop solution, but my impression is this is not a mature offering yet.
I expect the same companies that provide virtual Windows server hosting will be the ones that legitimatize it. Building on their centrally managed, patched and provisioned servers, they will expand into virtualized workstation/desktop offering once management tools make it cheap enough to sell in bulk to corporations needing a centralized solution for call centers, customer service, etc.
They're called Wyse terminals, SunRays, and what-have-you. There's nothing stopping a small business with a decent internet connection from using a monthly, capacity-based Citrix or whatever hosting service.
Maybe the current services aren't mature or standardized yet, but I'm certain they'll be commonplace in the next 5, not 20 years.
Which is a pretty cool system, IMHO. Virtualization among realtime processes since 1989. It features an older POSIX and newer linux ABI for userland apps. Fly the linux-friendly skies!
This story is already flamebait enough as it is to add fuel to the fire in responding to ACs and trolls. A metadiscussion of the story and the community is warranted and slashdot staffer's feelings about the subject are certainly interesting but this all seems childish...
If you're not doing it for the "lulz" then you should just stop. If you are doing it for the "lulz" you need to work on your counter-trolling techniques. We expect a more seasoned ZING from the ones with the slashdot icon next to their names.
VMWare Fusion and Parallels are but shades, SHADES of decades of open and closed research in virtualization of which you haven't the faintest idea about. That's just the latest commercial spin of the prevailing technology.
The only good example you provided was Plan 9. But no one uses it because I think it took certain concepts to a logical, academic extreme and lost a grounding in practicality.
The force that's holding back the technological utopia of which you dream is the wireless network operators (phone company). Until there is a standarized way to get (symmetric) wireless broadband without class of service penalties for novel usages affordably, nothing else will matter.
3D World Runner, King's Knight, and Rad Racer were some notable games they made before the FF series. All three were pretty sophisticated for the time period (mid to late 80s) and (IMHO) lots of fun.
The web application detects no cookie is set, a RANDOM GUID is created and your IP address recorded in a database or session cache. The GUID is recorded in a cookie.
For each subsequent page of the form, your cookie is transmitted and the application knows which partially complete record you're filling out, what page of the form you're on, and so forth (sessions in J2EE/PHP/ASP).
Client-chosen GUIDs are unlikely to be valid. Any GUID in a cookie that exists but isn't coming from the right IP address is denied.
The Apple devs are good. But not that good. (Wine is how old?) Keep in mind most of the software they release is acquired through purchase or license and then revamped and maintained. Not that they don't make a lot of changes and improvements, but I don't see them making a Win32 subsystem from scratch.
But I _can_ see them taking the ECMA standard and adding support for the more advanced features in WinForms w/Cocoa bindings and stuff, thus creating a nifty ecosystem of cross-platform software, a native SilverLight implementation, and blah-dee-blah-dee-blah.
This is especially relevant as Microsoft is encouraging developers using VS2005+ to target.NET 3.0 and up, taking advantage of all the new Vista capabilities. New windows software implicitly running on OSX? Using VMWare Fusion to run the old and busted stuff? Sounds like a plan to me.
You'd have heard that Apple was licensing the Windows common runtime from Microsoft, Mainwin, or somebody like that if that's what their goal was. Even Apple doesn't have the resources to re-implement the Wine wheel..NET is, however, an open standard with an implementation that already works on FreeBSD and OSX (10.2 and up)... ENTERPRISEY!
If your software is complicit in using MySQL as backend for your propietary product (you could have always actively rejected the use of it to avoid this situation), YOU HAVE TO PONY UP FOR A COMMERCIAL LICENSE
Thems the breaks. Same goes for QT, and a bunch of other stuff.
Slashdot Mirror
That was a name that was given to them by Fox News about (18?) months ago to describe the people on anonymous image boards and/or *chans, IRC nets, and such that were griefing people IRL and online (Tom Green, Hal Turner, MySpace and LJ hacks, and so forth).
This name had been taken on in pride by its adherents as a banner of unification among these Internet communities. This war with Co$ is their latest and most ambitious project. It has also drawn in people from the sidelines who might have not agreed with their earlier tactics but would like to participate now that target is deemed worthy, one can suppose.
Take the kernel-source. Modify the kernel config file and remove what you know isn't necessary. Create a diff between the new and old and place it in the SOURCES from the rpmbuild environment. Add the patch to the spec file for the kernel in the patches section; also change the release name to match your company to distinguish it from a stock kernel release. rpmbuild the kernel using your new patched config and new spec file and it'll do the rest of the work automagically.
Now you have a fresh, customized kernel RPM you can use on all of the hardware of the same class. Distribute via internal package mirror (you need one of these too, its a godsend).
...to clean teeth.
Netboot, biiiatch! Set up a TFTP, toss in a syslinux config, and point it at a loopback mounted ISO of whatever distro you're installing. I know at least Debian and Fedora/Redhat are capable of this. Solaris too (although its been awhile I remember doing it ages ago).
Five days is a target for something like a kernel exploit (in terms of the fix appearing in mirrors for various distros, and update tools telling you to reboot).
It's already dorky. Who gives a shit? People need to get shit done, this isn't like cellphones with bling glued on a ringers and WHERE U AT
Fuck this shit. Fuck wired. The industry is so out of touch with itself that it can give itself a handjob and a pat on the back.
And fuck slashdot too.
For whatever reason, the author of TrueCrypt wrote his own implementation of AES. This means even if someone put up the cash to apply for a cert, it'd probably take much longer to get anything other than assurance level 1 than most people are willing to wait.
:-(
In any case it costs a lot of money and they only test binaries which makes anything that links into a kernel difficult unless it's only a library core common among implementations which is linked at install time or something.
It's a real pain.
Most people are fine with FIPS-compliant but not listed, and not many government types use anything but windows on laptops, so you're kinda screwed there being one of very few who need it.
It's not the environment is bad, I just don't like rolling APT packages. I was okay with hand-rolling patched mkinitrd's for the last few years but anaconda support here is like delicious gravy to me.
It was getting the installer / boot scripts to support them (and also getting mkinitrd patched) so you can do encrypted root out of the box.
There's little things about that you have to watch out for... for example, if you decide to use LVM and swap but use a dynamic generated key for encrypting swap, then you have to disable hibernation because resume won't work. Blah blah blah...
That right there is the NUMBER ONE reason to get it if you have a laptop. It's been a long time coming and it is sorely missed.
Now you too can reap the benefits of transparent encryption enforced at boot on your portable device, wrapped up in a package that is easy to set up.
They just spout the same old bullshit arguments about how:
1) American Football is misnamed.
2) It's a wussy game (woo rugby)
3) It's for retards.
4) Too many breaks
5) Companies spend a lot of money on marketing THEY ARE EVIL HURRRR
I'm not going to address these comments because they are loaded or strawmen and others have done it better than me. I think it's great. It's a lot of fun to watch and talk about, and I hope the Giants win today. The rest of you haters can go back to whatever the hell you were doing.
Oooh the Tuck of the Giants just got an interception! WOOOO
So how do you suppose a Whitespace interpreter is added to every version of GCC ever used to compile any crypto code that gets tested?
Oh wait, it doesn't, whitespace is a horrible language only Touring-complete in name and the extra whitespace that would be required to do anything subversive would be 10 times larger than the source code to the encryption itself, and you don't think anyone would notice that?
Jesus Fucking Christ, you're retarded. You're out of your league. Take your tinfoil hat off and swallow it.
Because the algorithm doesn't exist.
There are currently no reliable symmetric cyphers that use keysizes greater than 256 bits. They just haven't been written and tested yet, because we don't need them until something drastic happens in math or quantum computing to make guessing that symmetric key feasible.
Other algorithms from PKI are where you see 512, 1024, 2048 bits. These algorithms use math that works in two directions and the security rests on the difficulty of factoring very large numbers. These types of keys are long-term use keys used to prove identity and sign documents, and protect randomly selected encryption keys that are one-time-use between parties. You need those one-time-keys when exchanging a lot of data; you'd use it with the aforementioned symmetric cypher with those smaller 256-bit keys and blocks in that case. It's simultaneously stronger per bit of key, but faster to compute than the PKI encryption.
You know, the kind you can self-verify are correct and pass all the relevant tests?
The mathematical algorithms are open, the implementations open... there's no reason why you shouldn't be able to find and test an implementation that you feel secure with. Be that twofish or AES, whatever.
The trick is keeping your key material and plaintext (when not encrypted) from being exposed.
... I suggest you put your wallet back in your pocket, and don't spend any more money on consultants, software, or IT staff hours spent configuring the free and non-free stuff in furtherance of your goals.
Instead you should save your money and hire a lawyer instead who will draft up NDAs for you to have people sign in order to protect those documents/secrets you want tightly controlled.
Technical solutions will not cut it. They never will. You are throwing your money away.
Hire a lawyer, and only give the documents to people who ABSOLUTELY need it and is worth the time to get contracts involved with.
Although I didn't mean that virtualized and/or thin-client desktops were anything new. :-)
The question is about selling Citrix -- as-a-service. A cursory investigation reveals companies out there offering a managed virtualized desktop solution, but my impression is this is not a mature offering yet.
I expect the same companies that provide virtual Windows server hosting will be the ones that legitimatize it. Building on their centrally managed, patched and provisioned servers, they will expand into virtualized workstation/desktop offering once management tools make it cheap enough to sell in bulk to corporations needing a centralized solution for call centers, customer service, etc.
They're called Wyse terminals, SunRays, and what-have-you. There's nothing stopping a small business with a decent internet connection from using a monthly, capacity-based Citrix or whatever hosting service.
Maybe the current services aren't mature or standardized yet, but I'm certain they'll be commonplace in the next 5, not 20 years.
Which is a pretty cool system, IMHO. Virtualization among realtime processes since 1989.
It features an older POSIX and newer linux ABI for userland apps. Fly the linux-friendly skies!
This story is already flamebait enough as it is to add fuel to the fire in responding to ACs and trolls.
A metadiscussion of the story and the community is warranted and slashdot staffer's feelings about the subject are certainly interesting but this all seems childish...
If you're not doing it for the "lulz" then you should just stop.
If you are doing it for the "lulz" you need to work on your counter-trolling techniques. We expect a more seasoned ZING from the ones with the slashdot icon next to their names.
Oh, you poor, poor ignorant soul.
VMWare Fusion and Parallels are but shades, SHADES of decades of open and closed research in virtualization of which you haven't the faintest idea about. That's just the latest commercial spin of the prevailing technology.
The only good example you provided was Plan 9. But no one uses it because I think it took certain concepts to a logical, academic extreme and lost a grounding in practicality.
The force that's holding back the technological utopia of which you dream is the wireless network operators (phone company). Until there is a standarized way to get (symmetric) wireless broadband without class of service penalties for novel usages affordably, nothing else will matter.
3D World Runner, King's Knight, and Rad Racer were some notable games they made before the FF series.
All three were pretty sophisticated for the time period (mid to late 80s) and (IMHO) lots of fun.
Kondo and Uematsu? They're notable but not great.
Sakimoto is underrated.
Shimomura is overrated.
Missing but critical?
Jonne Voltonen, Rich Jacques.
The web application detects no cookie is set, a RANDOM GUID is created and your IP address recorded in a database or session cache. The GUID is recorded in a cookie.
For each subsequent page of the form, your cookie is transmitted and the application knows which partially complete record you're filling out, what page of the form you're on, and so forth (sessions in J2EE/PHP/ASP).
Client-chosen GUIDs are unlikely to be valid. Any GUID in a cookie that exists but isn't coming from the right IP address is denied.
THE END
This is just like every other fucking website.
The Apple devs are good. But not that good. (Wine is how old?)
.NET 3.0 and up, taking advantage of all the new Vista capabilities. New windows software implicitly running on OSX? Using VMWare Fusion to run the old and busted stuff?
Keep in mind most of the software they release is acquired through purchase or license and then revamped and maintained. Not that they don't make a lot of changes and improvements, but I don't see them making a Win32 subsystem from scratch.
But I _can_ see them taking the ECMA standard and adding support for the more advanced features in WinForms w/Cocoa bindings and stuff, thus creating a nifty ecosystem of cross-platform software, a native SilverLight implementation, and blah-dee-blah-dee-blah.
This is especially relevant as Microsoft is encouraging developers using VS2005+ to target
Sounds like a plan to me.
You'd have heard that Apple was licensing the Windows common runtime from Microsoft, Mainwin, or somebody like that if that's what their goal was. Even Apple doesn't have the resources to re-implement the Wine wheel. .NET is, however, an open standard with an implementation that already works on FreeBSD and OSX (10.2 and up)... ENTERPRISEY!
If your software is complicit in using MySQL as backend for your propietary product (you could have always actively rejected the use of it to avoid this situation), YOU HAVE TO PONY UP FOR A COMMERCIAL LICENSE
Thems the breaks. Same goes for QT, and a bunch of other stuff.