'This release of technology really enables all kinds of new scenarios that are emerging now,'
We need to remember that Microsoft is selling DRM to content producers, not to endusers. So for the RIAA and MPAA, yes, new scenarios are emerging for them to control what the endusers do. Unfortunately it means that endusers have less control over what they purchase.
Did anyone else read the headline as we attacked Mars?
Maybe if an updated modern-day equivalent reading (perhaps, special effects on the news) were to happen today, we could scare the current administration into launching a manned Mars mission...even if only to get the Martian Terrorists.
One fact not mentioned in the article that would support SGI being the next target is the malloc code they claimed was infringing at this years SCOForum was copyrighted SGI
Second, in an August presentation at which SCO detailed some of its complaints about Linux code, Sontag described SGI file system software called XFS in a list of "examples of significant infringing derivative works" contributed to versions 2.4 or 2.5 of the heart, or kernel, of Linux.
One of the examples in the presentation linked to by the article, was of course the SGI copyrighted malloc implementation.
If domain administrators could also publish the addresses of their outgoing mail servers, then the receipt of a suspected forgery could trigger a relatively simple, automated verification process. Incoming servers would then be able to confirm whether senders are who they say they are.
So, does this mean all SMTP servers would need some sort of registration or domain name?
Although it would certainly be easy from a business standpoint to demand that all e-mail be sent from clearly acknowledged mail servers (like Hotmail or Yahoo) that can be contacted to enforce anti-spam laws, I don't want my friends' Outlook 2003 to destroy all the e-mail I send just because I run my own sendmail. Surely there are other methods of fighting spam than dominating the entire e-mail infrastructure...
1. MS holds all the keys to Palladium. I'm sure its got backdoors (either because they write insecure code or they intentionally want a back door).
Actually, a chip on the motherboard holds the keys for any application which wants to store keys there. Authentication of the application is based on a hash of the binary. Microsoft holds no keys, only a guarantee that unchanged Microsoft binaries will have exclusive access to their own keys.
2. The APIs for this will probably be under lock and key. The next Jon Johansen wont have access to the API calls to interface with palladium.
Doubtful, Microsoft has a good track record to providing useful development tools to developers, even if not absolutely complete. I imagine that the right API calls will be provided in Visual Studio.NET Palladium Edition.
3. Why use palladium when you can use waste or something similar.
Hardware encryption is nice. Also, you can be sure that an RIAA or MPAA hacked version of your P2P client can't access the P2P network.
AOL receives a long-term, nonexclusive license to use Microsoft's Windows Media 9 software, which offers playback, delivery and rights management for digital media.
AOL will receive a seven-year, royalty-free license to continue using Internet Explorer on its flagship online service. Microsoft will provide beta tests of future Windows versions and allow AOL to participate in tests of its upcoming "Longhorn" operating system at the same time and on the same terms as other software vendors.
The companies will explore ways for AOL and MSN Messenger to interoperate, which Microsoft has sought for years.
Sounds like Microsoft is getting everything they want...
NGSCB, AKA Palladium makes no assertion about the security of a system if the hardware is compromised. Their whole initiative is for building a trusted, secure software platform that's enabled by hardware. As we've seen with modchips, having a security requirement extend to the integrity of the hardware is several orders of magnitude harder.
Of course not. However, what would be an appropriate response for the US when an Iraqi or Al-Queda "civilian" releases a virus or DOS attack against military targets? Besides of course, switching to Linux. =)
Just trying to start some kind of discussion on this lifeless thread...
I think this raises some new interesting questions.
For example, the US military claimed that Iraqi TV, as it was providing information and instruction to Iraqi troops, was a legitimate military command and control target. Would similar online media outlets be similarly classified?
More importantly, would hackers, even script kiddies, be considered combatants if they attack such a military target in a time of war?
I don't think this has any practical implications, just philosophical...
Although I personally had the opportunity of two Microsoft internships, I decided to work elsewhere full-time.
At Raytheon, an aerospace defense contractor, there are plenty of high-tech positions opening all the time. Many of these opportunities are for interns. One intern I worked with was treated like a full-time employee with pay and paid time off. We were working on the same project (he had a lot of involvement) and said he really enjoyed the experience.
Although I don't really know, I imagine that other companies in the industry are offering similar programs.
1. Create files with backup data.
2. Encrypt said files using the public key.
3. Compute hash of encrypted file.
4. Encrypt hash with private key.
5. Send encrypted file #2 and encrypted hash #4 to recipient.
I believe the idea of the poster for making this a filesharing system, was that you could share your encryption key with select individuals.
For example, say you encrypt the data with AES, you keep the AES key secret. And like above, you could digitally sign the file to verify integrity. But all you would need is another level of encryption, where your friend could send you their public key, you encrypt your secret AES key, and then voila- you can send the secret AES key and they can open the files you stored with them. This is only an evolutionary step.
As far as I can see, this scheme would readily prevent the *AA from knowing the contents of the files that you share. Unfortunately I can't see any way of indexing the files for searching that keeps the files you share private and secret.
I didn't think you could apply for a patent in secret. Doesn't it become part of public domain? It then becomes the responsibility of the other chip manufacturers to be aware of existing patents whilst (ideally) applying for their own.
I really like this analytic approach. I've been using Hotmail's spam filtering, which merely removes e-mails from addresses not in my address book. While this is most of the time effective and very easy to implement, there does seem to be a major problem with false positives. ie I give my e-mail to someone, who's not in my address book.
Does anyone think AOL or Hotmail could start using such a system as the one outlined in the article?
I'm surprised there aren't more alum touting their schools!
I'm in an excellent program right now working on my Master's in Computer Engineering at USC, and it's all distance education through the internet. Check out http://den.usc.edu for more info if you're interested.
Slashdot Mirror
'This release of technology really enables all kinds of new scenarios that are emerging now,'
We need to remember that Microsoft is selling DRM to content producers, not to endusers. So for the RIAA and MPAA, yes, new scenarios are emerging for them to control what the endusers do. Unfortunately it means that endusers have less control over what they purchase.
Did anyone else read the headline as we attacked Mars?
...even if only to get the Martian Terrorists.
Maybe if an updated modern-day equivalent reading (perhaps, special effects on the news) were to happen today, we could scare the current administration into launching a manned Mars mission
Wow, you are paranoid. The poster was asking about a VIP, not VP. You know, like an important customer?
One fact not mentioned in the article that would support SGI being the next target is the malloc code they claimed was infringing at this years SCOForum was copyrighted SGI
Second, in an August presentation at which SCO detailed some of its complaints about Linux code, Sontag described SGI file system software called XFS in a list of "examples of significant infringing derivative works" contributed to versions 2.4 or 2.5 of the heart, or kernel, of Linux.
One of the examples in the presentation linked to by the article, was of course the SGI copyrighted malloc implementation.
If domain administrators could also publish the addresses of their outgoing mail servers, then the receipt of a suspected forgery could trigger a relatively simple, automated verification process. Incoming servers would then be able to confirm whether senders are who they say they are.
So, does this mean all SMTP servers would need some sort of registration or domain name?
Although it would certainly be easy from a business standpoint to demand that all e-mail be sent from clearly acknowledged mail servers (like Hotmail or Yahoo) that can be contacted to enforce anti-spam laws, I don't want my friends' Outlook 2003 to destroy all the e-mail I send just because I run my own sendmail. Surely there are other methods of fighting spam than dominating the entire e-mail infrastructure...
Unless you're Microsoft.
Funniest thing I've read all day...
1. MS holds all the keys to Palladium. I'm sure its got backdoors (either because they write insecure code or they intentionally want a back door).
Actually, a chip on the motherboard holds the keys for any application which wants to store keys there. Authentication of the application is based on a hash of the binary. Microsoft holds no keys, only a guarantee that unchanged Microsoft binaries will have exclusive access to their own keys.
2. The APIs for this will probably be under lock and key. The next Jon Johansen wont have access to the API calls to interface with palladium.
Doubtful, Microsoft has a good track record to providing useful development tools to developers, even if not absolutely complete. I imagine that the right API calls will be provided in Visual Studio.NET Palladium Edition.
3. Why use palladium when you can use waste or something similar.
Hardware encryption is nice. Also, you can be sure that an RIAA or MPAA hacked version of your P2P client can't access the P2P network.
AOL receives a long-term, nonexclusive license to use Microsoft's Windows Media 9 software, which offers playback, delivery and rights management for digital media.
AOL will receive a seven-year, royalty-free license to continue using Internet Explorer on its flagship online service. Microsoft will provide beta tests of future Windows versions and allow AOL to participate in tests of its upcoming "Longhorn" operating system at the same time and on the same terms as other software vendors.
The companies will explore ways for AOL and MSN Messenger to interoperate, which Microsoft has sought for years.
Sounds like Microsoft is getting everything they want...
NGSCB, AKA Palladium makes no assertion about the security of a system if the hardware is compromised. Their whole initiative is for building a trusted, secure software platform that's enabled by hardware. As we've seen with modchips, having a security requirement extend to the integrity of the hardware is several orders of magnitude harder.
.... it will be a while before the software catches up ....
And once there's an operating system and microprocessor in place (maybe even mainstream), then there will be a viable market for 64-bit applications.
No point in writing software if no platform can run it.
I'll be able to watch my snapstream tv shows on my linux box!
Of course not. However, what would be an appropriate response for the US when an Iraqi or Al-Queda "civilian" releases a virus or DOS attack against military targets? Besides of course, switching to Linux. =)
Just trying to start some kind of discussion on this lifeless thread...
I think this raises some new interesting questions.
For example, the US military claimed that Iraqi TV, as it was providing information and instruction to Iraqi troops, was a legitimate military command and control target. Would similar online media outlets be similarly classified?
More importantly, would hackers, even script kiddies, be considered combatants if they attack such a military target in a time of war?
I don't think this has any practical implications, just philosophical...
Although I personally had the opportunity of two Microsoft internships, I decided to work elsewhere full-time.
At Raytheon, an aerospace defense contractor, there are plenty of high-tech positions opening all the time. Many of these opportunities are for interns. One intern I worked with was treated like a full-time employee with pay and paid time off. We were working on the same project (he had a lot of involvement) and said he really enjoyed the experience.
Although I don't really know, I imagine that other companies in the industry are offering similar programs.
I suppose repackaging existing technology in yet another form factor is a more cost effective product development plan...
...a version for after I shave?
1. Create files with backup data.
2. Encrypt said files using the public key.
3. Compute hash of encrypted file.
4. Encrypt hash with private key.
5. Send encrypted file #2 and encrypted hash #4 to recipient.
I believe the idea of the poster for making this a filesharing system, was that you could share your encryption key with select individuals.
For example, say you encrypt the data with AES, you keep the AES key secret. And like above, you could digitally sign the file to verify integrity. But all you would need is another level of encryption, where your friend could send you their public key, you encrypt your secret AES key, and then voila- you can send the secret AES key and they can open the files you stored with them. This is only an evolutionary step.
As far as I can see, this scheme would readily prevent the *AA from knowing the contents of the files that you share. Unfortunately I can't see any way of indexing the files for searching that keeps the files you share private and secret.
Oh well.
I didn't think you could apply for a patent in secret. Doesn't it become part of public domain? It then becomes the responsibility of the other chip manufacturers to be aware of existing patents whilst (ideally) applying for their own.
The economy's worse than I thought...Nasdaq is listing negative stock prices.
I really like this analytic approach. I've been using Hotmail's spam filtering, which merely removes e-mails from addresses not in my address book. While this is most of the time effective and very easy to implement, there does seem to be a major problem with false positives. ie I give my e-mail to someone, who's not in my address book.
Does anyone think AOL or Hotmail could start using such a system as the one outlined in the article?
I'm surprised there aren't more alum touting their schools! I'm in an excellent program right now working on my Master's in Computer Engineering at USC, and it's all distance education through the internet. Check out http://den.usc.edu for more info if you're interested.