The only way to stop this is to put a ban on this. Obviously the products look shiny, but they are difficult to handle, dangerous, difficult to return and unfriendly to the environment. Most of the time I don't even see the idiotic plastic casing until after I've asked the store for the product. If you are ordering online, the chances of seeing the packaging is almost zero. So to level the playing field, this kind of packaging (where the bulk of the waste is not even in the product) should be banned. Lets see what they come up with if they cannot sell anymore in the US or in Europe. Just use a small plastic front that you can slide out between two layers of cardboard for instance, this is already much in use and works perfectly well.
"The risk of the user circumventing DRM. In a virtual machine, your "sound board" may be sending everything played right to a.wav file, clean of DRM. Same for movies. And Microsoft don't want to give its customers the way to break the law!"
There are probably quite some hardware sound boards that do - or can be made to do - exactly the same thing. The virtual sound card drivers will be not be digitally signed by MS for DRM, and will therefore not be able to be used to playback DRM files. Of course, some sound drivers will have this capability anyway or will be hacked to provide the capability. So piracy will continue to be there, but it will get more professionalized by criminal organizations. At least, that is the way you would normally approach such a scheme. In general, I would be very surprised if virtualized HW would be able to playback DRM *at all* - without modifications, that is.
And only singling out the home version does not make too much sense either.
As a story then, what part of the creationalism am I supposed to believe? If I do not have to believe it, then what's its significance? If the earth really so old, what does the story have to do in the bible anyway? A single sentence should be there, such as "god created the universe". Not that it speaks about universes or anything like that. If the bible does not allow observation and reasoning, then what conclusions can we drawn from it? That's why I always have trouble with people that say they are scientists and believers. The reason why these extremists exist is that they are driven there: science and religion rule each other out. If you say one part of a religion is based on non-sense, where does it end?
"I haven't RTFA yet, but local attacks are often problematic for systems used by multiple people, especially if not all people know good security practices"
For this special attack, I don't think it would matter too much if the users know good security practices. If you start up SSL, it probably start off with a sequence that can be easily detected (e.g. by simply watching what's running on a machine). Then the spy application would kick in. It's something to be solved by the software implementors more than anything else...
"Wouldn't you rather have a house that was built by one contractor and then inspected by thousands of others who were able to find and fix some issues with it than a house that was only inspected by the same contractor who built it?"
Are you trying to be funny? Because I would never like to live in that first house. First of all, it would never get finished, disputes will break out and I would never get one ounce of peace. Fortunately, even with such hugely successfull applications, the number of real developers and fixers will be rather small. But other than that rather flawed analogy, I get your point:0
There are many, most of them with rather easy to remember and to the point names: MultOS, CardOS, ACOS etc. Of course, since most of these applications won't be available at the same time and there is little or no communication between them, Multi-application cards are not that hard to implement. Obviously, Java card has the advantage that the interface between Card applets is pretty well defined and secure. Not to say that it's perfect, there are quite a few shortcomings in the Java Card and Global Platform specifications. Anyway, Java Card seems to be growing and growing, so even if these card don't use the technology now, they probably will in the future.
Then again, if you can run an entire Platform + IDE within GJC/classpath (Eclipse), then you must do something right. I had some small problems with it, but nothing that makes it unusable. That's -uh- hardly a trivial app, don't you agree?
I think you grosly underestimate the number of VM's in Smart Cards. Both VISA/Mastercard use Java Card as underlying technology, the DoD uses Java Cards, and even some e-Passports are using Java within. There is a bit of chance that even the chip of your telephone company uses Java within, doubling the number of VM's in that particular phone. Of course, these are VM's with pretty limited functionality, but they do sport buffer overrun protection and a 8 bit byte code interpreter and garbage collection, exceptions etc. Real time Java is making great strides as well, so expect more and more embedded devices running Java as well.
Securing all wireless networks out of the box? The first manufacturer that tries *that* is going to be out of business. Their products will be returned to the stores, and their support lines will be swamped.
Maybe there should be a "open network" bit somewhere in the protocol, so that people can see if a network is private. Then you can easily determine if a wireless network is meant to be shared, *regardless* of the security settings. Anyone that connects to a closed network is then doing something wrong. As another slashdotter mentioned, for now you could just set your SSID to "welcome" or something similar.
Of course, if you leave your network open for others to use your internet connection, I would: - make sure that their network priority is about 0, or that they can use only so many KB/sec - make sure that your other computers are not accessible Since there is no good way for people to know what you think is malicious.
Yes, but you are working with individuals, and Blaster even got to ATM's. This is not a perfect world, so you need to do everything to get it as secure as possible. Not everyone will take security seriously in a company. There is no reason to let everything just fail when one cmoputer gets compromised.
Yes, you need to update them, since they are networked, just not on the internet. You'll never know what kind of crap can get on one of these computers, even though the machines are separated by VLAN's as well. An intranet is just a smaller version of the internet, which can have the same effect on your security, even if it's on a smaller scale. Many new virusses etc. are using multiple attack vectors, if only one hole is found, everything that is not fully patched may be doomed.
Yup, almost by definition, Java VM only uses references, not pointers as such. Pointer arithmetic is not supported. Now you *could* rewrite every C/C++ app and toss all the pointers out, but don't expect too much support from anybody... Java bytecode lives on a rather higher level than normal machine code. For instance, exceptions are handled in Java bytecode, while the x86 instruction set doesn't even know the concept. This is OK, since one of the main focusses of Java and the Java VM is for applications to focus on productivity, instead of low level features. Of course this is restrictive, it *has* to be.
"They feel that because these fixes are available through the auto-update that there's less need to create a service pack."
Yes, much more fun for all those admins at high secure locations (without internet access). It is almost impossible to install a new Windows machine using XP, since you will have to do a lot of updating after the installation itself. Even if you have a dedicated server this is a real pain, since you will have to wait for all the tiny updates to complete. It's hard enough to get Internet Explorer or DirectX installed as it is.
And those with only a modem will really enjoy this. Previously you just bought a CD-ROM with the service pack. Not anymore it seems.
When I visited my father(+) in hospital there was this girl of about 21/22 years old. She was just having a normal day when her brain "reversed". Apparently, the brain discovered that something was not going right, and decided to do a full reset. She simply collapsed. The good news was that it should be possible for her to get a full recovery. She was able to speak fine, and actually she was doing some work on her laptop while in hospital, but she had to relearn how to walk. That was her story anyway.
The brain sure can do strange things sometimes. I hope I never have to experience what she experienced, just collapsing out of the blue. I collapsed because of too low blood presure once, and that was scary enough.
The average life-span here in the Netherlands is about 76. In 40 years it is estimated to be around 85/87. I don't think there is any point in history that comes even a bit close to that. Sure, some people grew very old, but those were the exceptions. A friend of mine is working on a cure for some heart deceases using gen-therapy. He's using a special strand of the influenca virus for distributing it into cells (if I got that correctly, I understand as much about those techniques as he does on cryptography:). It's not ready yet, but you can hardly compare that to cutting into bodies with a knife now, can you? Besides that, if a knife or aspirin works, well, what's the problem?
Nope, these cards are readily available. They do AES/DES on one on-die crypto-coprocessor and RSA/EC on another and have a secure random number generator on board as well. They use the ISO 14443 standard to communicate. These are exactly the cards used by VISA/Mastercard. NXP (former Philips), Infineon are probably the biggest vendors. Rest assured that these work, although they do need good readers and distance (4 cm or less for normal antenna's) to perform RSA operations.
"Of course they cannot. Bacteria (and life in general) work only in the domain of electromagnetic and gravitational forces. They cannot influence the rate of decay of any nucleus in any way."
Unless they centrifuge it and use it as tiny bars and use those bars in tiny, tiny nuclear power plants. In that case the question is: should we boycot them?
s a number between 0 and 100, representing how aggressive the swap policy of the kernel is, or where is the balance between swapping applications and freeing cache.
When an application needs memory and all the RAM is fully occupied, the kernel has two ways to free some memory at its disposal: it can either reduce the disk cache in the RAM by eliminating the oldest data, or it may swap some less used pages of programs out to the swap partition on disk. It is not easy to predict which method would be more efficient. The kernel makes a choice by roughly guessing the effectiveness of the two methods at a given instant, based on the recent history of activity.
The default swappiness is 60. With a value of 100, the kernel will always prefer to find inactive pages and swap them out. With a value of 0, applications that want memory can shrink the disk cache to a tiny fraction of RAM. For laptops which would prefer to let their disk spin down, a value of 20 or less is recommended.
Yeah, but these drives are notebook drives, where spin-up times, power and noise are a major issue. If these drives can make a dent there, it might be worth it. Of course, since these drives have relative small memories (thus limited capacity to write to different locations), using them as a swap partition or something other write heavy would probably not be a good idea.
Slashdot Mirror
The only way to stop this is to put a ban on this. Obviously the products look shiny, but they are difficult to handle, dangerous, difficult to return and unfriendly to the environment. Most of the time I don't even see the idiotic plastic casing until after I've asked the store for the product. If you are ordering online, the chances of seeing the packaging is almost zero. So to level the playing field, this kind of packaging (where the bulk of the waste is not even in the product) should be banned. Lets see what they come up with if they cannot sell anymore in the US or in Europe. Just use a small plastic front that you can slide out between two layers of cardboard for instance, this is already much in use and works perfectly well.
You guys don't get it, this storage facility is write-only, so there is no need for a scanner.
"The risk of the user circumventing DRM. In a virtual machine, your "sound board" may be sending everything played right to a .wav file, clean of DRM. Same for movies. And Microsoft don't want to give its customers the way to break the law!"
There are probably quite some hardware sound boards that do - or can be made to do - exactly the same thing. The virtual sound card drivers will be not be digitally signed by MS for DRM, and will therefore not be able to be used to playback DRM files. Of course, some sound drivers will have this capability anyway or will be hacked to provide the capability. So piracy will continue to be there, but it will get more professionalized by criminal organizations. At least, that is the way you would normally approach such a scheme. In general, I would be very surprised if virtualized HW would be able to playback DRM *at all* - without modifications, that is.
And only singling out the home version does not make too much sense either.
As a story then, what part of the creationalism am I supposed to believe? If I do not have to believe it, then what's its significance? If the earth really so old, what does the story have to do in the bible anyway? A single sentence should be there, such as "god created the universe". Not that it speaks about universes or anything like that. If the bible does not allow observation and reasoning, then what conclusions can we drawn from it? That's why I always have trouble with people that say they are scientists and believers. The reason why these extremists exist is that they are driven there: science and religion rule each other out. If you say one part of a religion is based on non-sense, where does it end?
"I haven't RTFA yet, but local attacks are often problematic for systems used by multiple people, especially if not all people know good security practices"
For this special attack, I don't think it would matter too much if the users know good security practices. If you start up SSL, it probably start off with a sequence that can be easily detected (e.g. by simply watching what's running on a machine). Then the spy application would kick in. It's something to be solved by the software implementors more than anything else...
"Wouldn't you rather have a house that was built by one contractor and then inspected by thousands of others who were able to find and fix some issues with it than a house that was only inspected by the same contractor who built it?"
:0
Are you trying to be funny? Because I would never like to live in that first house. First of all, it would never get finished, disputes will break out and I would never get one ounce of peace. Fortunately, even with such hugely successfull applications, the number of real developers and fixers will be rather small. But other than that rather flawed analogy, I get your point
There are many, most of them with rather easy to remember and to the point names: MultOS, CardOS, ACOS etc. Of course, since most of these applications won't be available at the same time and there is little or no communication between them, Multi-application cards are not that hard to implement. Obviously, Java card has the advantage that the interface between Card applets is pretty well defined and secure. Not to say that it's perfect, there are quite a few shortcomings in the Java Card and Global Platform specifications. Anyway, Java Card seems to be growing and growing, so even if these card don't use the technology now, they probably will in the future.
Then again, if you can run an entire Platform + IDE within GJC/classpath (Eclipse), then you must do something right. I had some small problems with it, but nothing that makes it unusable. That's -uh- hardly a trivial app, don't you agree?
I think you grosly underestimate the number of VM's in Smart Cards. Both VISA/Mastercard use Java Card as underlying technology, the DoD uses Java Cards, and even some e-Passports are using Java within. There is a bit of chance that even the chip of your telephone company uses Java within, doubling the number of VM's in that particular phone. Of course, these are VM's with pretty limited functionality, but they do sport buffer overrun protection and a 8 bit byte code interpreter and garbage collection, exceptions etc. Real time Java is making great strides as well, so expect more and more embedded devices running Java as well.
:)
Mobile phones? Pff, only a billion or so
"Can you say superconductors?"
Supercondocto...no, wait, supercondi...darn.......superconductors!
Securing all wireless networks out of the box? The first manufacturer that tries *that* is going to be out of business. Their products will be returned to the stores, and their support lines will be swamped.
Maybe there should be a "open network" bit somewhere in the protocol, so that people can see if a network is private. Then you can easily determine if a wireless network is meant to be shared, *regardless* of the security settings. Anyone that connects to a closed network is then doing something wrong. As another slashdotter mentioned, for now you could just set your SSID to "welcome" or something similar.
Of course, if you leave your network open for others to use your internet connection, I would:
- make sure that their network priority is about 0, or that they can use only so many KB/sec
- make sure that your other computers are not accessible
Since there is no good way for people to know what you think is malicious.
Yes, but you are working with individuals, and Blaster even got to ATM's. This is not a perfect world, so you need to do everything to get it as secure as possible. Not everyone will take security seriously in a company. There is no reason to let everything just fail when one cmoputer gets compromised.
Yes, you need to update them, since they are networked, just not on the internet. You'll never know what kind of crap can get on one of these computers, even though the machines are separated by VLAN's as well. An intranet is just a smaller version of the internet, which can have the same effect on your security, even if it's on a smaller scale. Many new virusses etc. are using multiple attack vectors, if only one hole is found, everything that is not fully patched may be doomed.
Yup, almost by definition, Java VM only uses references, not pointers as such. Pointer arithmetic is not supported. Now you *could* rewrite every C/C++ app and toss all the pointers out, but don't expect too much support from anybody... Java bytecode lives on a rather higher level than normal machine code. For instance, exceptions are handled in Java bytecode, while the x86 instruction set doesn't even know the concept. This is OK, since one of the main focusses of Java and the Java VM is for applications to focus on productivity, instead of low level features. Of course this is restrictive, it *has* to be.
Anybody who is *still* wondering what this is, there is a leetkey plugin for firefox that can "decrypt" such messages for you:
https://addons.mozilla.org/firefox/770/
"They feel that because these fixes are available through the auto-update that there's less need to create a service pack."
Yes, much more fun for all those admins at high secure locations (without internet access). It is almost impossible to install a new Windows machine using XP, since you will have to do a lot of updating after the installation itself. Even if you have a dedicated server this is a real pain, since you will have to wait for all the tiny updates to complete. It's hard enough to get Internet Explorer or DirectX installed as it is.
And those with only a modem will really enjoy this. Previously you just bought a CD-ROM with the service pack. Not anymore it seems.
When I visited my father(+) in hospital there was this girl of about 21/22 years old. She was just having a normal day when her brain "reversed". Apparently, the brain discovered that something was not going right, and decided to do a full reset. She simply collapsed. The good news was that it should be possible for her to get a full recovery. She was able to speak fine, and actually she was doing some work on her laptop while in hospital, but she had to relearn how to walk. That was her story anyway.
The brain sure can do strange things sometimes. I hope I never have to experience what she experienced, just collapsing out of the blue. I collapsed because of too low blood presure once, and that was scary enough.
The average life-span here in the Netherlands is about 76. In 40 years it is estimated to be around 85/87. I don't think there is any point in history that comes even a bit close to that. Sure, some people grew very old, but those were the exceptions. A friend of mine is working on a cure for some heart deceases using gen-therapy. He's using a special strand of the influenca virus for distributing it into cells (if I got that correctly, I understand as much about those techniques as he does on cryptography:). It's not ready yet, but you can hardly compare that to cutting into bodies with a knife now, can you? Besides that, if a knife or aspirin works, well, what's the problem?
Yes, and then there was Belgium where all these cards worked without any PIN entry. Brilliant. Fortunately, those days are over now (afiak).
Nope, these cards are readily available. They do AES/DES on one on-die crypto-coprocessor and RSA/EC on another and have a secure random number generator on board as well. They use the ISO 14443 standard to communicate. These are exactly the cards used by VISA/Mastercard. NXP (former Philips), Infineon are probably the biggest vendors. Rest assured that these work, although they do need good readers and distance (4 cm or less for normal antenna's) to perform RSA operations.
You need muscles if you want to show emotions.
"Of course they cannot. Bacteria (and life in general) work only in the domain of electromagnetic and gravitational forces. They cannot influence the rate of decay of any nucleus in any way."
Unless they centrifuge it and use it as tiny bars and use those bars in tiny, tiny nuclear power plants. In that case the question is: should we boycot them?
"The big bang created hydrogen and a little helium; we have stars to thank for everything else."
As long as they don't expect us to thank each and every one of them personally...
s a number between 0 and 100, representing how aggressive the swap policy of the kernel is, or where is the balance between swapping applications and freeing cache.
When an application needs memory and all the RAM is fully occupied, the kernel has two ways to free some memory at its disposal: it can either reduce the disk cache in the RAM by eliminating the oldest data, or it may swap some less used pages of programs out to the swap partition on disk. It is not easy to predict which method would be more efficient. The kernel makes a choice by roughly guessing the effectiveness of the two methods at a given instant, based on the recent history of activity.
The default swappiness is 60. With a value of 100, the kernel will always prefer to find inactive pages and swap them out. With a value of 0, applications that want memory can shrink the disk cache to a tiny fraction of RAM. For laptops which would prefer to let their disk spin down, a value of 20 or less is recommended.
Source: http://beranger.org/index.php?article=1547
Yeah, but these drives are notebook drives, where spin-up times, power and noise are a major issue. If these drives can make a dent there, it might be worth it. Of course, since these drives have relative small memories (thus limited capacity to write to different locations), using them as a swap partition or something other write heavy would probably not be a good idea.