Totally false. Sure not everything is implemented and some stuff is stubbed but outside a few little used system level APIs thinks SQL need. If it works on XP it probably runs on WINE.
refusal to license MacOS is why windows became the de facto standard on the PC
I don't buy into that argument. Maybe had apple licensed MacOS around like 1983-88; it could have found a home on other platforms and become dominate. Much after '89 or so licensing it would have done no good at all; because Windows 3.0 for all its warts changed the game.
The fact is Windows 3.0 was good enough, for most situations and most people. It was much better than MacOS at the time in most respects; except when evaluated by the most ardent fanboi; or very specific types of users like desktop publishing and CAD folks who needed the real WYSIWYG MacOS could provide rather than the WYSIA(alot)L(like)WYG the windows GDI offered at the time. For everyone else Windows of the day did more, looked nicer, and was more flexible than anything the Mac platform had to offer.
So let me understand. Your argument is that rents go up in a desirable location and that is some how a problem? I just don't see it. The property owners many of whom probably worked very hard to get where they are certainly gain from the appreciation and deserve to do so. The argument about the locals not being able to live in their own city is just silly.
If they have to commute wages will go up because employers will have to cover the cost of commuting or they won't be able to hire qualified, let alone quality workers. The place will either become a less desirable tourist destination as a result and property will depreciate until locals can afford to move back in; or wages will continue to rise and people will move back to the city. Either way a new equilibrium will be reached.
The entire thing just smacks of an entitlement problem. "Sob sob, I can't afford to live in the neighborhood I want to with my part time job serving coffee." So what..
Well I for one don't see how justice is served by criminalizing speculation, or did you mean to imply that these speculators were criminals because of their having broken other unrelated laws?
If I want to purchase properties and let them sit empty its should be nobodies damn business but my own.
Unfortunately not entirely true. Mozilla has been taking it upon themselves to decide which java plugins you can and can't use. Obviously its just the plugin and nothing FF or Seamonkey does affects local java code from using whatever JRE I happen to have installed. Still I think its an over-reach.
Fortuitously both are open source and it would be pretty trivial to disable that version check and do my own build if I needed to do so; but I would still say I am not pleased. Really they should just offer a warning or something and let you continue.
It should not be the case but lets face reality here there thousands of Java applications out there that only work correctly on specific platform releases. If you depend on these and your main system is a Mac you might be really screwed by this. Do any Mac users know if you can override? If you can does it mean you have to give up functionality like disabling XProtect entirely?
There should be no risk in sending something like this. First you don't have a known plain text because you don't know what the output of the video encoder for the stream is; though you might make some guess like; its probably mpegts and therefore there ought to be a certain magic number every 288 bytes etc. I am sure it helps the crypto analyst but probably not that much.
Next while I don't know anything about military communications in particular; I am pretty confident they are not using unchanging per-shared symmetric keys. They probably are doing something like every commercial encrypted streaming communications does:
First you use some asymmetric method PKI like method to identify, and facilitate some sort of additional challenge, and if successful exchange a value to be used for a symmetric key system that you will then use to send your stream efficiently. You might even do this twice if you need to mutually assure identity. This symmetric key value will be generated as randomly as possible, and probably either not stored or stored on some never use again list. The stream is then sent using a common algorithm like AES. Anyone working on a plan text attack of the stream already knows how to do AES (although it might take some effort for them to be sure it is AES as the data should look random); what they are after is symmetric key which would enable them to decode this particular message but no other messages.
Probably with enough resources they will be able to do this given time, because the more vulnerable stream cipher emulation mode OFB or CTR will be used; as with video you'd want to tolerate packet loss. OFB and CTR are weaker than CBC and similar modes in that you don't need to have correctly deciphered the previous block to decipher the next one, you only need to know the key, initialization vector and the position in the stream. I am sure other communications like orders would use the more secure modes.
So I don't think there is actually an potential to reveal valuable information about the cryptography in use. The initial exchange is probably the most interesting thing to any would be snoops but those probably happen thousands of times each day already.
well sure your community college does not have an outraged parent who just cut a $45k check to answer to; there is little in the way of them having standards.
The bottled air is a "joke" or "political statement" depending on who you ask. These are literally pop-top aluminum cans. Nothing like scuba gear; or anything actually designed to "cope" with pollution.
I agree if you have to install the firing position in preparation for an attack absolutely. Its hard to imagine for Geo-graphic reasons such a strategy being deployed against targets on US soil.
Around a disputed boarder region though like the West Bank? You might very well over the course of months or years install handfuls of dumb missiles at launch points around your side of the boarder. Enough of those points equipped with 10s of misses suddenly you have the capacity to put 100's in the air over a short period of time. Coordination of such an attack is not hard either for a state actor, its radio recievers and some "Raspberry pi like" machines listing for the "GO" signal.
Right but its not as if those older less accurate weapons are not accurate enough to resulted in an estimated impact zone that is not "expendable". At the end of the day you have to have more interceptors than I have missiles. I can barrage you with cheap munitions that are designed to just rain down over a general area, like you know a city, with just some basic magnetic guidance to keep it on a strait course. Sure maybe these things don't fly fast enough and have no hope of evading your interceptors; but they do consume them. Once your out of expensive weapons I can bring out my good ones to use on your high value targets.
Swartz's case can hardly be compared with speeding, or simple theft. So I don't think it applies to my statement that a properly functioning court should be able to decide those matters in an hour. Trespassing is probably one of the many charges that could be proffered against Swartz and there again it should be pretty simple to establish if he was or was not on various parts of the campus and if he did or did not have permission to be there. That part of the trial amounts to a few simple findings of fact and probably could be done with in an hour or less.
If some petty functionary in a law enforcement agency asks AT&T to do what under current rules is illegal wire tapping they don't blink. They will do whatever the president asks and Congress will just grant them retro-active immunity if there is any problem on their side. The President has already placed himself above the law time and time again and with his party having the majority in the Senate that is not going to be challenged. If Obutthead wants his phone unlocked it will be.
The more interesting question is can congress even grant retroactive immunity? The president has the power of pardon so its clear that Bush or Obama could shielded AT&T in the wiretap cases but can Congress? Article I Section 9, contains the text "No Bill of Attainder or ex post facto Law shall be passed". I think the intellectually honest among us would say that even a laws that prevents the enforcement of a law enforce at the time the act was committed is ex post facto.
We will never know though because of the "standing trap" which is another gross miscarriage of the notion of rule of law. "You can't sue us for violating your fourth amendment rights because you can't reasonably know first if we did or not" had to be one of the most morally and intellectually bankrupt arguments ever to fly to the date it was made; and then Obama just kept talking...
No it should not. If I don't as the machines owner feel I have the need or desire to preserve a chain of trust; nobody should force me to do so. Security should serve MY interests.
We don't require you to lock your car doors do we? Do most think its a good idea sure, but you don't have to.
Lots of people are posting about all the risks to the owner of the access point. I think this is ignoring the risks to the end user as well.
Open wifi is one thing in the Coffee shop where you can at least start to expect that its under the control of responsible parties but some wifi you connect to on the street?
Look most users are carrying a device that gets updates maybe semiannually. Do they still have those leaked DigiNotar CA certs in their trust store, does SSL even work properly on them to begin with, does their APP use verify remote hosts correctly?
With tools like sitecloner, and SET out there its shockingly easy to snatch passwords and similar when you control the router or dns. With open wifi for many devices the operator of the wifi will have both! Training the general public that its alright, let alone a good idea to connect to unknown open wifi networks and use them is totally irresponsible! I am really disappointed the EEF would even suggest such a thing.
Yes there are solutions like VPNs and such but practically none will use them.
Yes I have evaluated Good and have some experience with it. Its certainly best of breed. No matter what other players like Zenprise, McAfee, pay Gartner to stick them in the same quadrant they just don't stack up.
Anyone looking for MDM solutions I strongly encourage you to eval Good and at least one of the others. Don't just compare feature charts, actually get both on a few different handhelds and run thru the situations. Lost device, employee exit, etc. I expect you will find Good to be a notch above the rest; its the only one without SERIOUS holes in my opinion.
Still as Rude Turnip points out it closes them by putting basically its own full communications suite on top of the platform rather than integrating with it. So it is like learning a whole separate phone for users; and it somewhat limits your options for developing custom apps that need to reach back to corporate data. It does have its own tunneled web browser so if you can work within that you have some options.
I am interested to see the Balance feature both from a user experience and technical perspective. Currently both the major platforms Droid and IOS simply do not really offer the features Enterprise security needs even when paired with an MDM solution; of if they do they do so in a way that will not be acceptable to end users in a BYOD environment.
We have been promised Droid VMs for two years now and seen nadda. The idea being you'd have a personal phone environment and a business phone environment. One managed one not.
The Fed buying up US bonds (for the past couple of years) has nothing to do with bailing out banks, and everything to do with printing money.
Those activities are one and the same. None of the big banks are structured to cope with even low rate of deflation for weeks let alone years.
Without the bond buying and interest rate manipulation ALL of the big banks would have collapsed. Its primarily about keeping the currently on top where they are; no matter how much wealth they have to orchestatriat the transfer of from everyone else to effect that.
Maybe because he does not have sound money. Burying your savings works great if they are not being rapidly devalued.
There are lots of differing opinions out there about what the real rate of inflation is. Its telling though that even the most vehemently insistent its only around %2, still keep almost everything they have in bonds, equities, and real-estate.
Traditionally the light weight home routers vulnerable or not have just not been targets. It was easy enough to get control of the much more powerful machine behind it. If you wanted a spam bot a PC is much more useful. If you are an identity theif etc, the PC will have information on it, the route probably not so much. If you are script kiddy and you just want metasploit to grab some screen shots for the lolz then again the PC behind the router was more interesting.
I am not saying that in an attack control of the router is not an incredibly valuable asset to your operation but it was hardly needed for attacking home PCs and of little value on its own. As these things are getting more powerful with more memory and capable processors, a botnet of home routers might be useful in its own right so I agree its coming. The reason that old d-link, linksys etc is doing its thing is because nobody really cares about it.
I don't know who it hurts more but its certain everyone would suffer. The grandparent is not considering all the possible complexities. What about digital certificates for example. Who can get a certificate for Amazon.com? The owner of it in the USA DNS zone, the owner in the EU/Global DNS zone, only someone who controls it both? What if you can't get your name in the other zone for political reasons, or because someone already has it? Are you able to get a certificate from a CA anyone actually trusts?
Multiple DNS hierarchies would cause all manor challenges, your typical luser would never be able to overcome. It would end international online commerce at the consumer level, and complicate b2b massively.
Such an uprising could not simply be an all out shootout between the rebels and the military. I don't think even the wildest of "gun nuts," I don't like the term but... think that is likely. Either there will be some State sponsorship, like a group of States fighting to leave the Union as was the case with the War of Northern Aggression; or it would be a more geographically dispersed group using terrorist techniques.
If you don't think all the fire arms even the small ones floating around would be an effective tool you the one who is crazy. Just imagine if a semi-organized group of cells started gunning State supporters down in the streets, high profile folks local business leaders politicians etc. Suppose the planed 10 or 20 "hits" within a few hours of each other, spread across a city; and the same across the nation? Police and Federal resources would be stretched pretty thin pretty quickly. The public would likely decided pretty fast that the current government can't protect them. If the terror group successfully go the point accross that being seen as cooperating by talking to police, entering federal buildings, voting, associating with government employees, being a government employee, etc makes you a target people would probably quit doing those things. That does not mean they are going to join the cause but their unwillingness to work with government will make them a sort of obstacle all on their own. Its been a big challenge to our middle eastern efforts. Witness how much trouble its been assembling police forces in Iraq and Afghanistan.
You absolutely *could* if you had some level of support like the taliban does undermine a whole society with not much more than small arms and IEDs.
if a U.S. separatist group had the same level of support from the people living near them that the Taliban gets in Afghanistan, the U.S. military wouldn't be attacking them because they'd have a big enough voting bloc to make Congress stop.
Any witness to one of these "exercise" should file assult charges against the military. Remember assault is just the "putting in of fear." clearly even simulated gun fire with blanks is fear inducing if you don't know they are blanks, doubly so if fired from a fully automatic weapon mounted on a black chopper.
Slashdot Mirror
WINE is stuck at around the Windows 2000 era
Totally false. Sure not everything is implemented and some stuff is stubbed but outside a few little used system level APIs thinks SQL need. If it works on XP it probably runs on WINE.
refusal to license MacOS is why windows became the de facto standard on the PC
I don't buy into that argument. Maybe had apple licensed MacOS around like 1983-88; it could have found a home on other platforms and become dominate. Much after '89 or so licensing it would have done no good at all; because Windows 3.0 for all its warts changed the game.
The fact is Windows 3.0 was good enough, for most situations and most people. It was much better than MacOS at the time in most respects; except when evaluated by the most ardent fanboi; or very specific types of users like desktop publishing and CAD folks who needed the real WYSIWYG MacOS could provide rather than the WYSIA(alot)L(like)WYG the windows GDI offered at the time. For everyone else Windows of the day did more, looked nicer, and was more flexible than anything the Mac platform had to offer.
So let me understand. Your argument is that rents go up in a desirable location and that is some how a problem? I just don't see it. The property owners many of whom probably worked very hard to get where they are certainly gain from the appreciation and deserve to do so. The argument about the locals not being able to live in their own city is just silly.
If they have to commute wages will go up because employers will have to cover the cost of commuting or they won't be able to hire qualified, let alone quality workers. The place will either become a less desirable tourist destination as a result and property will depreciate until locals can afford to move back in; or wages will continue to rise and people will move back to the city. Either way a new equilibrium will be reached.
The entire thing just smacks of an entitlement problem. "Sob sob, I can't afford to live in the neighborhood I want to with my part time job serving coffee." So what..
Well I for one don't see how justice is served by criminalizing speculation, or did you mean to imply that these speculators were criminals because of their having broken other unrelated laws?
If I want to purchase properties and let them sit empty its should be nobodies damn business but my own.
Unfortunately not entirely true. Mozilla has been taking it upon themselves to decide which java plugins you can and can't use. Obviously its just the plugin and nothing FF or Seamonkey does affects local java code from using whatever JRE I happen to have installed. Still I think its an over-reach.
Fortuitously both are open source and it would be pretty trivial to disable that version check and do my own build if I needed to do so; but I would still say I am not pleased. Really they should just offer a warning or something and let you continue.
It should not be the case but lets face reality here there thousands of Java applications out there that only work correctly on specific platform releases. If you depend on these and your main system is a Mac you might be really screwed by this. Do any Mac users know if you can override? If you can does it mean you have to give up functionality like disabling XProtect entirely?
One ... two .. three ... four; ... six ... seven ... eight;
we won't sell your Appstore;
Five
its that'll make win8 great;
There should be no risk in sending something like this. First you don't have a known plain text because you don't know what the output of the video encoder for the stream is; though you might make some guess like; its probably mpegts and therefore there ought to be a certain magic number every 288 bytes etc. I am sure it helps the crypto analyst but probably not that much.
Next while I don't know anything about military communications in particular; I am pretty confident they are not using unchanging per-shared symmetric keys. They probably are doing something like every commercial encrypted streaming communications does:
First you use some asymmetric method PKI like method to identify, and facilitate some sort of additional challenge, and if successful exchange a value to be used for a symmetric key system that you will then use to send your stream efficiently. You might even do this twice if you need to mutually assure identity. This symmetric key value will be generated as randomly as possible, and probably either not stored or stored on some never use again list. The stream is then sent using a common algorithm like AES. Anyone working on a plan text attack of the stream already knows how to do AES (although it might take some effort for them to be sure it is AES as the data should look random); what they are after is symmetric key which would enable them to decode this particular message but no other messages.
Probably with enough resources they will be able to do this given time, because the more vulnerable stream cipher emulation mode OFB or CTR will be used; as with video you'd want to tolerate packet loss. OFB and CTR are weaker than CBC and similar modes in that you don't need to have correctly deciphered the previous block to decipher the next one, you only need to know the key, initialization vector and the position in the stream. I am sure other communications like orders would use the more secure modes.
So I don't think there is actually an potential to reveal valuable information about the cryptography in use. The initial exchange is probably the most interesting thing to any would be snoops but those probably happen thousands of times each day already.
well sure your community college does not have an outraged parent who just cut a $45k check to answer to; there is little in the way of them having standards.
The bottled air is a "joke" or "political statement" depending on who you ask. These are literally pop-top aluminum cans. Nothing like scuba gear; or anything actually designed to "cope" with pollution.
I agree if you have to install the firing position in preparation for an attack absolutely. Its hard to imagine for Geo-graphic reasons such a strategy being deployed against targets on US soil.
Around a disputed boarder region though like the West Bank? You might very well over the course of months or years install handfuls of dumb missiles at launch points around your side of the boarder. Enough of those points equipped with 10s of misses suddenly you have the capacity to put 100's in the air over a short period of time. Coordination of such an attack is not hard either for a state actor, its radio recievers and some "Raspberry pi like" machines listing for the "GO" signal.
Right but its not as if those older less accurate weapons are not accurate enough to resulted in an estimated impact zone that is not "expendable". At the end of the day you have to have more interceptors than I have missiles. I can barrage you with cheap munitions that are designed to just rain down over a general area, like you know a city, with just some basic magnetic guidance to keep it on a strait course. Sure maybe these things don't fly fast enough and have no hope of evading your interceptors; but they do consume them. Once your out of expensive weapons I can bring out my good ones to use on your high value targets.
Swartz's case can hardly be compared with speeding, or simple theft. So I don't think it applies to my statement that a properly functioning court should be able to decide those matters in an hour. Trespassing is probably one of the many charges that could be proffered against Swartz and there again it should be pretty simple to establish if he was or was not on various parts of the campus and if he did or did not have permission to be there. That part of the trial amounts to a few simple findings of fact and probably could be done with in an hour or less.
If some petty functionary in a law enforcement agency asks AT&T to do what under current rules is illegal wire tapping they don't blink. They will do whatever the president asks and Congress will just grant them retro-active immunity if there is any problem on their side. The President has already placed himself above the law time and time again and with his party having the majority in the Senate that is not going to be challenged. If Obutthead wants his phone unlocked it will be.
The more interesting question is can congress even grant retroactive immunity? The president has the power of pardon so its clear that Bush or Obama could shielded AT&T in the wiretap cases but can Congress? Article I Section 9, contains the text "No Bill of Attainder or ex post facto Law shall be passed". I think the intellectually honest among us would say that even a laws that prevents the enforcement of a law enforce at the time the act was committed is ex post facto.
We will never know though because of the "standing trap" which is another gross miscarriage of the notion of rule of law. "You can't sue us for violating your fourth amendment rights because you can't reasonably know first if we did or not" had to be one of the most morally and intellectually bankrupt arguments ever to fly to the date it was made; and then Obama just kept talking...
No it should not. If I don't as the machines owner feel I have the need or desire to preserve a chain of trust; nobody should force me to do so. Security should serve MY interests.
We don't require you to lock your car doors do we? Do most think its a good idea sure, but you don't have to.
Lots of people are posting about all the risks to the owner of the access point. I think this is ignoring the risks to the end user as well.
Open wifi is one thing in the Coffee shop where you can at least start to expect that its under the control of responsible parties but some wifi you connect to on the street?
Look most users are carrying a device that gets updates maybe semiannually. Do they still have those leaked DigiNotar CA certs in their trust store, does SSL even work properly on them to begin with, does their APP use verify remote hosts correctly?
With tools like sitecloner, and SET out there its shockingly easy to snatch passwords and similar when you control the router or dns. With open wifi for many devices the operator of the wifi will have both! Training the general public that its alright, let alone a good idea to connect to unknown open wifi networks and use them is totally irresponsible! I am really disappointed the EEF would even suggest such a thing.
Yes there are solutions like VPNs and such but practically none will use them.
Yes I have evaluated Good and have some experience with it. Its certainly best of breed. No matter what other players like Zenprise, McAfee, pay Gartner to stick them in the same quadrant they just don't stack up.
Anyone looking for MDM solutions I strongly encourage you to eval Good and at least one of the others. Don't just compare feature charts, actually get both on a few different handhelds and run thru the situations. Lost device, employee exit, etc. I expect you will find Good to be a notch above the rest; its the only one without SERIOUS holes in my opinion.
Still as Rude Turnip points out it closes them by putting basically its own full communications suite on top of the platform rather than integrating with it. So it is like learning a whole separate phone for users; and it somewhat limits your options for developing custom apps that need to reach back to corporate data. It does have its own tunneled web browser so if you can work within that you have some options.
I am interested to see the Balance feature both from a user experience and technical perspective. Currently both the major platforms Droid and IOS simply do not really offer the features Enterprise security needs even when paired with an MDM solution; of if they do they do so in a way that will not be acceptable to end users in a BYOD environment.
We have been promised Droid VMs for two years now and seen nadda. The idea being you'd have a personal phone environment and a business phone environment. One managed one not.
Boeing managers should have made sure that those engineers from various suppliers do in fact talk to each other, and talk often.
Right in the era of NDAs and intellectual property being regarded as our chief output, that is probably impossible.
The Fed buying up US bonds (for the past couple of years) has nothing to do with bailing out banks, and everything to do with printing money.
Those activities are one and the same. None of the big banks are structured to cope with even low rate of deflation for weeks let alone years.
Without the bond buying and interest rate manipulation ALL of the big banks would have collapsed. Its primarily about keeping the currently on top where they are; no matter how much wealth they have to orchestatriat the transfer of from everyone else to effect that.
Maybe because he does not have sound money. Burying your savings works great if they are not being rapidly devalued.
There are lots of differing opinions out there about what the real rate of inflation is. Its telling though that even the most vehemently insistent its only around %2, still keep almost everything they have in bonds, equities, and real-estate.
Traditionally the light weight home routers vulnerable or not have just not been targets. It was easy enough to get control of the much more powerful machine behind it. If you wanted a spam bot a PC is much more useful. If you are an identity theif etc, the PC will have information on it, the route probably not so much. If you are script kiddy and you just want metasploit to grab some screen shots for the lolz then again the PC behind the router was more interesting.
I am not saying that in an attack control of the router is not an incredibly valuable asset to your operation but it was hardly needed for attacking home PCs and of little value on its own. As these things are getting more powerful with more memory and capable processors, a botnet of home routers might be useful in its own right so I agree its coming. The reason that old d-link, linksys etc is doing its thing is because nobody really cares about it.
I don't know who it hurts more but its certain everyone would suffer. The grandparent is not considering all the possible complexities. What about digital certificates for example. Who can get a certificate for Amazon.com? The owner of it in the USA DNS zone, the owner in the EU/Global DNS zone, only someone who controls it both? What if you can't get your name in the other zone for political reasons, or because someone already has it? Are you able to get a certificate from a CA anyone actually trusts?
Multiple DNS hierarchies would cause all manor challenges, your typical luser would never be able to overcome. It would end international online commerce at the consumer level, and complicate b2b massively.
Such an uprising could not simply be an all out shootout between the rebels and the military. I don't think even the wildest of "gun nuts," I don't like the term but... think that is likely. Either there will be some State sponsorship, like a group of States fighting to leave the Union as was the case with the War of Northern Aggression; or it would be a more geographically dispersed group using terrorist techniques.
If you don't think all the fire arms even the small ones floating around would be an effective tool you the one who is crazy. Just imagine if a semi-organized group of cells started gunning State supporters down in the streets, high profile folks local business leaders politicians etc. Suppose the planed 10 or 20 "hits" within a few hours of each other, spread across a city; and the same across the nation? Police and Federal resources would be stretched pretty thin pretty quickly. The public would likely decided pretty fast that the current government can't protect them. If the terror group successfully go the point accross that being seen as cooperating by talking to police, entering federal buildings, voting, associating with government employees, being a government employee, etc makes you a target people would probably quit doing those things. That does not mean they are going to join the cause but their unwillingness to work with government will make them a sort of obstacle all on their own. Its been a big challenge to our middle eastern efforts. Witness how much trouble its been assembling police forces in Iraq and Afghanistan.
You absolutely *could* if you had some level of support like the taliban does undermine a whole society with not much more than small arms and IEDs.
if a U.S. separatist group had the same level of support from the people living near them that the Taliban gets in Afghanistan, the U.S. military wouldn't be attacking them because they'd have a big enough voting bloc to make Congress stop.
Um no see: the 1860s.
Any witness to one of these "exercise" should file assult charges against the military. Remember assault is just the "putting in of fear." clearly even simulated gun fire with blanks is fear inducing if you don't know they are blanks, doubly so if fired from a fully automatic weapon mounted on a black chopper.