There is no problem with the Java security model. The worst that can happen is a bad implementation of it allows applets to do something they're not allowed to.
The problem with Java's security model is that it trusts the browser to pass it true information... so when JavaScript misbehaves Java trusts the false information its passed which causes it to misbehave as well.
Sorry, preventing applets from doing things they're not allowed to is the whole point of the security model...
Simply put, a JavaScript is being used to call for a Java applet after the user has presumably left the page... the result is a Java applet that is permitted to run outside the usual sandbox, and there's your hole.
Because the point of "number portablity" is to have a number that stays with you as you change providers. I think it would get confusing to have to remap Foo-Bar@NY.NY#verizon.phone to Cingular...
Because we already had to break a previous rule that said that the middle digit of an area code has to be a 0 or 1, and we're already well along the way to maxing out all of the possible 3 digit area codes available.
In addition, cell phone numbers do have a "handoff" location associated with the first 6 digits of their number (area code + exchange code) and landline carriers bill callers a toll charge to reach a distant handoff point even if the cell phone itself is next to the caller. What this means is that if you have a Worcester, MA-based cell phone and your friends are all closer to Boston, MA, your friends are going to have to make a toll call to reach you... so as you move you'd certainly want to have your cell phone number be locally-based.
But nothing requires Disney to put their highest-quality programs on ABC... Disney could, say, put half of the baseball playoffs on ABC Family if they wanted to. The government can't force the ABC network programming service to exist or maintain its quality.
Actually, that $8 is for putting up with the local monopoly. It's now illegal to grant an exclusive cable license... anybody can come into any town they want and offer to build a second cable system.
The problem is, nobody wants to build a second cable system. If anybody was stupid to try, the resident monopoly will suddenly wake up and be on its best behavior to keep its customers from switching over. They start the game at a score of 100% to 0%, and the newcomer will have to strugle to reach 50% to 50%. Serving that cable-less town of 200 is a better investment than that...
It's not the government installing a monopoly, it's a case where the market is going form one because it's simply more effective. All connection-to-the-home technologies end up this way, not just cable, think about a water system, sewer system, natural gas system, telephone system, or power system. Ever see two of any of those in the same place?
What this tool does is add a very detailed logging component to the VM software, so that when you're compromised, you have a much easier time figuring out what hit you.
The problem with most current system logging tools is that they run on the system that they are logging, which means if the attacker gains root access they could kill the logging tool's process first, or tamper with the logs to erase their activities.
By making the logging tool one in the same with the VM software, if the hacker kills the logging tool the machien they were trying to hack vaporizes. And, if they are able to obtain root on the virtual machine, they'd still need to obtain root on the host OS (which is intentionally a lightwieght OS to decrease the likelyhood of that ever happening) to clean their tracks.
The UMLinux OS is there to be a thin real OS that runs the simulator which runs the guest OS and their goal is for the simulator to be a good enough emulation of real hardware so that any operating system can be installed as that guest OS....
Seems like this is a solution for recording the every move a computer makes, so when it is hacked you can play back moment-by-moment what exactly happened.
The only problem... by the time you realize it's time to look at the playback, the "virtual machine" is already 0wned. Useful for honeypots, but this isn't going to secure a production system... it's not a line of defense, it's a just a very detailed logging of what happened.
A quote from the original Wired article... Farhat Gupta, owner of several Bangalore call centers, said that little attention is paid to technical training, as "all the answers are always on the computer screen in front of the workers. We exist for people who do not want to use the Internet themselves to find their own answers."
The only time I ever call technical support is when checking the manual and web doesn't get me the answer. If the person on the other end of the line has no more information available to them, what's the point?
On my desktop computer I once got hit with a bad Norton Antivirus update that ended up causing the virus scanner to do about 10 seconds of needless processing every time I ran a new process... needless to say, I thought I had something seriously wrong with my computer until I determined what happened.
So, you can't even blindly trust that a Symantec virus definitions update won't cause unacceptable performance from your must-be-up production server... so you're damned if you and damned if you don't. Still, I'd say frequent virus updates are the safer bet...
Unfortunately, the ball rolled between the shortstop's legs and into the outfield...
All major antivirus programs did not detect this virus as of this morning. They all scrambled to develop definition updates, but the./ mention is needed to tell admins who control AntiVirus programs to do an immediate update. (If everybody checked the anti-virus vendor servers every 15 seconds on a regular basis, they'd be bandwidth- swamped every week when their major updates come out for low-priority viruses.)
This virus uses everything its writer(s) could think of to get around, so you have to be absolutely golden on your security (or running a non-MS OS) to be safe.
Therefore, it couldn't be produced under the GPL unless AOL said so.
This was discussed to death in the previous WASTE discussion. Justin, as an employee of AOL, tried to put WASTE under the GPL. AOL then came forward and said that Justin had no authority to do so.
However, just because an employee makes a deal outside of their authority doesn't automatically reverse the deal. The test is whether the other party to the deal in good faith believed that the employee had the authority, or should have known that something was amiss. That's a tough question and would likely take a judge to answer completely...
I do not want 1 large program to run all of my applications. I do not want to get my email, from where I get my web pages, and my IM. I don't want any of this.
So I take it you're not running Windows, Internet Explorer, and MSN Messenger?
Well, even if you're running Linux, Mozilla, and AOL Instant Messenger, they're still running on the same physical hardware and using the same window manager software in order to keep the interface consistant and organized.
And that's the point of this project and several other next-gen file systems in development now... Presenting users with a unified and organized interface that shows them their data in a way they can find it easily. From a user perspective, it makes more sense to store information as "messages that came in from Bonnie" rather than have a seperate file storage device for e-mail, IMs, voicemails, etc.
You might think it's simpler to have a physical device manage each communications protocol you use, and I'm sure product manufacturers will continue to support you with products based on that concept. However, most users would rather have their computers keep the difference between protocols to itself.
It doesn't matter how the information gets to the computer as much as what the information is and which person or organization is credited as the author. That's the best way to present information to a user who doesn't care about tech stuff.
If we always adopted new ways of doing things we wouldn't be typing at QWERTY-style keyboards anymore. Afterall, QWERTY was designed to slow down too-fast typists on a typewriter, none of us have to worry about hammers jamming on our computers. But the costs and annoyance of having to disrupt QWERTY's installed base is enough to justify not replacing the existing standard. Just because they built this doesn't mean anybody's gonna come.
What they have completely forgotten is that the current ZIP code system does not represent the actual lattitude/logitude position of the city or town, but instead the main routing office that the letter needs to get to, and then the sub-office it should be routed to from there to reach the route that this letter needs to be on. The +4 extention tells in which route it needs to be placed, and where the postman encounters the address within that route... Any relationship between ZIP Codes and GPS coordinates are purely coinsidental, and the numbers might seem completely random to an outsider, but it makes perfect since to the people who run the postal system. They've got no reason to break their already set up system to go to this... the ZIP code is more useful to them.
Come on... all NAC has really invented here is a base-36 expression of the same latitude and longitude numbers that we've been measuring in degrees, hours, minutes, and seconds, and they've come to the stunning conclusion that their system specifies the same location in fewer characters... duh. No stunning breakthrough here, just marketing hype.
1. Propose new addressing scheme. 2. ?????? 3. Profit!
You left the part of your message off where you explained why you think this is a bad thing.
I didn't leave that part out... I don't think this is a bad thing.
This is the opposite of the model most business are using when it comes to hacking their products, which is a simple "zero tolerance" plan for hacks of all kinds. TiVo is welcoming most forms of hacking, so long as the hackers agree to stay out of the troublemaking zones. Most TiVo hackers are playing by those rules willingly, so everybody's happy.
Compared with Microsoft's policy towards hacking the Xbox, TiVo seems to be having much greater success by keeping the hackers busy with something else...
TiVo sells most of their units at a loss with the expectation they will make the money back on the service plans. If you were to connect your TiVo to another source, you would have broken no laws, but you would have deprived TiVo of their revenues.
That's why TiVo has to resort to programming-based protections to put the unit into "Boat Anchor Mode" when it isn't subscribed to TiVo's services. Yeah, somebody could make the hacks to do that, but TiVo would then make a design change to break that hack. They're not gonna help you with this one at all.
There have always been rumors that TiVo has created the code in order to duplicated ReplayTV's show-sending features, but is holding all of them back until the lawsuits are settled.
If ReplayTV should ever win a lawsuit, TiVo would then be able to instantly roll out the feature without having to have won the legal fight themselves. If ReplayTV loses, they're the ones who have to pay the consequences.
Kinda a smart thing for them to do... staying away from the controversial issues until somebody else sorts them out.
TiVo welcomes hacks that take the unit in a direction that they want to go... they sponsor the tivocommunity.com message boards where people can freely discuss hacks such as adding a bigger hard drive or a caller ID display feature.
However, any hack that bypasses the need for a subscription or allows for video extraction is in a marked no-man's-zone. TiVo intentionally breaks these hacks, and doesn't allow discussion of these on the message board they sponsor.
In short, they encurage hackers to play within their bounds, but also leave plenty of room within the bounds to still have fun.
What's wrong with video extraction is that it would expose TiVo to the ReplayTV-like lawsuits from the media industry.
TiVo tries to be all things to all people, being cozy with both the media industy and users who want to control their TVs at the same time. It's quite a tight rope to walk...
TiVo seems to have a dual-faced plan for dealing with hackers. The hacks that they want to let happen seem to be too easy, while they make the hacks they don't want to happen hard. As a result, the hackers who take the path of least resistance get all the credit, the hackers who go into the marked red zones get shunned.
In most single-drive models TiVo just happens to provide a perfect mounting point for that second drive... in network-less models they just happen to provide a slot in which an add-on card can be installed... when you give you TiVo Internet access, they just happen to have left their data server exposed to the 'net and let you do your "daily call" that way... for some reason they just happen to use modems that support Caller ID decoding... and let's not forget all of the "cheat code" hacks you can do with your remote control...
But when you stray into the areas that threaten TiVo's business model, subscription theft and video extraction from the box, things stop getting so easy. In fact, TiVo starts actively programming to break such hacks in required updates if they are ever found to exist. These people are also shunned by the main TiVo-hacking community, so even if they discover something there's nobody who cares.
The result is that TiVo controls their hackers by letting them improve their units, but only in the way that TiVo has appoved. This strategy makes them appear hacker-friendly, when really there are two hacks that they specifcally forbid. By letting the hackers have the little things, they seem to have found the most effective way of preventing hackers from going after the big things...
There is no problem with the Java security model. The worst that can happen is a bad implementation of it allows applets to do something they're not allowed to.
The problem with Java's security model is that it trusts the browser to pass it true information... so when JavaScript misbehaves Java trusts the false information its passed which causes it to misbehave as well.
Sorry, preventing applets from doing things they're not allowed to is the whole point of the security model...
Simply put, a JavaScript is being used to call for a Java applet after the user has presumably left the page... the result is a Java applet that is permitted to run outside the usual sandbox, and there's your hole.
Both are flawed...
Because the point of "number portablity" is to have a number that stays with you as you change providers. I think it would get confusing to have to remap Foo-Bar@NY.NY#verizon.phone to Cingular...
Because we already had to break a previous rule that said that the middle digit of an area code has to be a 0 or 1, and we're already well along the way to maxing out all of the possible 3 digit area codes available.
In addition, cell phone numbers do have a "handoff" location associated with the first 6 digits of their number (area code + exchange code) and landline carriers bill callers a toll charge to reach a distant handoff point even if the cell phone itself is next to the caller. What this means is that if you have a Worcester, MA-based cell phone and your friends are all closer to Boston, MA, your friends are going to have to make a toll call to reach you... so as you move you'd certainly want to have your cell phone number be locally-based.
But nothing requires Disney to put their highest-quality programs on ABC... Disney could, say, put half of the baseball playoffs on ABC Family if they wanted to. The government can't force the ABC network programming service to exist or maintain its quality.
Actually, that $8 is for putting up with the local monopoly. It's now illegal to grant an exclusive cable license... anybody can come into any town they want and offer to build a second cable system.
The problem is, nobody wants to build a second cable system. If anybody was stupid to try, the resident monopoly will suddenly wake up and be on its best behavior to keep its customers from switching over. They start the game at a score of 100% to 0%, and the newcomer will have to strugle to reach 50% to 50%. Serving that cable-less town of 200 is a better investment than that...
It's not the government installing a monopoly, it's a case where the market is going form one because it's simply more effective. All connection-to-the-home technologies end up this way, not just cable, think about a water system, sewer system, natural gas system, telephone system, or power system. Ever see two of any of those in the same place?
Right, you'd still be compromised.
What this tool does is add a very detailed logging component to the VM software, so that when you're compromised, you have a much easier time figuring out what hit you.
The problem with most current system logging tools is that they run on the system that they are logging, which means if the attacker gains root access they could kill the logging tool's process first, or tamper with the logs to erase their activities.
By making the logging tool one in the same with the VM software, if the hacker kills the logging tool the machien they were trying to hack vaporizes. And, if they are able to obtain root on the virtual machine, they'd still need to obtain root on the host OS (which is intentionally a lightwieght OS to decrease the likelyhood of that ever happening) to clean their tracks.
The UMLinux OS is there to be a thin real OS that runs the simulator which runs the guest OS and their goal is for the simulator to be a good enough emulation of real hardware so that any operating system can be installed as that guest OS....
Seems like this is a solution for recording the every move a computer makes, so when it is hacked you can play back moment-by-moment what exactly happened.
The only problem... by the time you realize it's time to look at the playback, the "virtual machine" is already 0wned. Useful for honeypots, but this isn't going to secure a production system... it's not a line of defense, it's a just a very detailed logging of what happened.
A quote from the original Wired article...
Farhat Gupta, owner of several Bangalore call centers, said that little attention is paid to technical training, as "all the answers are always on the computer screen in front of the workers. We exist for people who do not want to use the Internet themselves to find their own answers."
The only time I ever call technical support is when checking the manual and web doesn't get me the answer. If the person on the other end of the line has no more information available to them, what's the point?
On my desktop computer I once got hit with a bad Norton Antivirus update that ended up causing the virus scanner to do about 10 seconds of needless processing every time I ran a new process... needless to say, I thought I had something seriously wrong with my computer until I determined what happened.
So, you can't even blindly trust that a Symantec virus definitions update won't cause unacceptable performance from your must-be-up production server... so you're damned if you and damned if you don't. Still, I'd say frequent virus updates are the safer bet...
Yes, but even if you're patched against that it still offers you a file attatchment to click on.
Fact is, this virus is using every trick in the book...
Unfortunately, the ball rolled between the shortstop's legs and into the outfield... All major antivirus programs did not detect this virus as of this morning. They all scrambled to develop definition updates, but the ./ mention is needed to tell admins who control AntiVirus programs to do an immediate update. (If everybody checked the anti-virus vendor servers every 15 seconds on a regular basis, they'd be bandwidth- swamped every week when their major updates come out for low-priority viruses.)
This virus uses everything its writer(s) could think of to get around, so you have to be absolutely golden on your security (or running a non-MS OS) to be safe.
And further strange that AOL hasn't followed-through with a DMCA takedown notice as far as we know...
Therefore, it couldn't be produced under the GPL unless AOL said so.
This was discussed to death in the previous WASTE discussion. Justin, as an employee of AOL, tried to put WASTE under the GPL. AOL then came forward and said that Justin had no authority to do so.
However, just because an employee makes a deal outside of their authority doesn't automatically reverse the deal. The test is whether the other party to the deal in good faith believed that the employee had the authority, or should have known that something was amiss. That's a tough question and would likely take a judge to answer completely...
- Pentium III 700mhz-based computer or better (Pentium 4 2ghz strongly recommended)
- 12 megabytes of RAM (768 megabytes strongly recommended)
Thing is, the average $500 eMachines being sold today meets those requirements.
I do not want 1 large program to run all of my applications. I do not want to get my email, from where I get my web pages, and my IM. I don't want any of this.
So I take it you're not running Windows, Internet Explorer, and MSN Messenger?
Well, even if you're running Linux, Mozilla, and AOL Instant Messenger, they're still running on the same physical hardware and using the same window manager software in order to keep the interface consistant and organized.
And that's the point of this project and several other next-gen file systems in development now... Presenting users with a unified and organized interface that shows them their data in a way they can find it easily. From a user perspective, it makes more sense to store information as "messages that came in from Bonnie" rather than have a seperate file storage device for e-mail, IMs, voicemails, etc.
You might think it's simpler to have a physical device manage each communications protocol you use, and I'm sure product manufacturers will continue to support you with products based on that concept. However, most users would rather have their computers keep the difference between protocols to itself.
It doesn't matter how the information gets to the computer as much as what the information is and which person or organization is credited as the author. That's the best way to present information to a user who doesn't care about tech stuff.
If we always adopted new ways of doing things we wouldn't be typing at QWERTY-style keyboards anymore. Afterall, QWERTY was designed to slow down too-fast typists on a typewriter, none of us have to worry about hammers jamming on our computers. But the costs and annoyance of having to disrupt QWERTY's installed base is enough to justify not replacing the existing standard. Just because they built this doesn't mean anybody's gonna come.
What they have completely forgotten is that the current ZIP code system does not represent the actual lattitude/logitude position of the city or town, but instead the main routing office that the letter needs to get to, and then the sub-office it should be routed to from there to reach the route that this letter needs to be on. The +4 extention tells in which route it needs to be placed, and where the postman encounters the address within that route... Any relationship between ZIP Codes and GPS coordinates are purely coinsidental, and the numbers might seem completely random to an outsider, but it makes perfect since to the people who run the postal system. They've got no reason to break their already set up system to go to this... the ZIP code is more useful to them.
Come on... all NAC has really invented here is a base-36 expression of the same latitude and longitude numbers that we've been measuring in degrees, hours, minutes, and seconds, and they've come to the stunning conclusion that their system specifies the same location in fewer characters... duh. No stunning breakthrough here, just marketing hype.
1. Propose new addressing scheme.
2. ??????
3. Profit!
TiVo doesn't sue people for using their TiVo without a subscription. They just make the system mighty useless without one.
If you connect to their service without a subscription, then you're stealing their service... that they'll sue you for.
You left the part of your message off where you explained why you think this is a bad thing.
I didn't leave that part out... I don't think this is a bad thing.
This is the opposite of the model most business are using when it comes to hacking their products, which is a simple "zero tolerance" plan for hacks of all kinds. TiVo is welcoming most forms of hacking, so long as the hackers agree to stay out of the troublemaking zones. Most TiVo hackers are playing by those rules willingly, so everybody's happy.
Compared with Microsoft's policy towards hacking the Xbox, TiVo seems to be having much greater success by keeping the hackers busy with something else...
TiVo sells most of their units at a loss with the expectation they will make the money back on the service plans. If you were to connect your TiVo to another source, you would have broken no laws, but you would have deprived TiVo of their revenues.
That's why TiVo has to resort to programming-based protections to put the unit into "Boat Anchor Mode" when it isn't subscribed to TiVo's services. Yeah, somebody could make the hacks to do that, but TiVo would then make a design change to break that hack. They're not gonna help you with this one at all.
There have always been rumors that TiVo has created the code in order to duplicated ReplayTV's show-sending features, but is holding all of them back until the lawsuits are settled.
If ReplayTV should ever win a lawsuit, TiVo would then be able to instantly roll out the feature without having to have won the legal fight themselves. If ReplayTV loses, they're the ones who have to pay the consequences.
Kinda a smart thing for them to do... staying away from the controversial issues until somebody else sorts them out.
TiVo welcomes hacks that take the unit in a direction that they want to go... they sponsor the tivocommunity.com message boards where people can freely discuss hacks such as adding a bigger hard drive or a caller ID display feature.
However, any hack that bypasses the need for a subscription or allows for video extraction is in a marked no-man's-zone. TiVo intentionally breaks these hacks, and doesn't allow discussion of these on the message board they sponsor.
In short, they encurage hackers to play within their bounds, but also leave plenty of room within the bounds to still have fun.
What's wrong with video extraction is that it would expose TiVo to the ReplayTV-like lawsuits from the media industry.
TiVo tries to be all things to all people, being cozy with both the media industy and users who want to control their TVs at the same time. It's quite a tight rope to walk...
TiVo seems to have a dual-faced plan for dealing with hackers. The hacks that they want to let happen seem to be too easy, while they make the hacks they don't want to happen hard. As a result, the hackers who take the path of least resistance get all the credit, the hackers who go into the marked red zones get shunned.
In most single-drive models TiVo just happens to provide a perfect mounting point for that second drive... in network-less models they just happen to provide a slot in which an add-on card can be installed... when you give you TiVo Internet access, they just happen to have left their data server exposed to the 'net and let you do your "daily call" that way... for some reason they just happen to use modems that support Caller ID decoding... and let's not forget all of the "cheat code" hacks you can do with your remote control...
But when you stray into the areas that threaten TiVo's business model, subscription theft and video extraction from the box, things stop getting so easy. In fact, TiVo starts actively programming to break such hacks in required updates if they are ever found to exist. These people are also shunned by the main TiVo-hacking community, so even if they discover something there's nobody who cares.
The result is that TiVo controls their hackers by letting them improve their units, but only in the way that TiVo has appoved. This strategy makes them appear hacker-friendly, when really there are two hacks that they specifcally forbid. By letting the hackers have the little things, they seem to have found the most effective way of preventing hackers from going after the big things...