Half-wrong. The patent covers both, but Unisys has said in the past (with their track record, they may change their minds...) that they would only license the compressors (since it is easier to go after every web publisher/professional graphics pacakge than every user/viewer). Plus, ultimately, web sites have to offer what users demand. Up until recently users with older browsers demanded GIFs. If Unisys tried to charge every person with a browser they would demand PNG. Of course, MS and NS could have licensed it from them (like they did with RSA) but it still would have been a major stumbling block.
the compression schemes used in gzip and bzip2 offer superior compression to LZW (used in the venerable UNIX compress) in almost all non-trivial cases.
>Companies exist to maximize profit. That's the >nature of the beast
Yes, but governments exist to insure the betterment of their citizens. Questions of the effectiveness of any given instance aside, one way that we found works pretty well is to allow companies to compete in an open market under profit maximization goals. However, when this does not coincide with the best interests of the citizenry as a whole, people should take precidence.
High-ranking members of large corporations would love to make us think that things work the other way around, and that the goal of whole excercise is to (in the paraphrased words of a promenent software company executive) "Allow and encourage every company to compete as hard as it possibly can". This is because on an individual level, allowing large companies to stomp on the rights of "ordinary citizens" maximizes the value for those same executives, who while counting at least 7% human, do not count as a majority opition. People other than those executives who still repeat the mantras have been brainwashed into missing the point that this whole country was founded on the principle of making life better for them (along with the rest of the population)
A real problem is that in the interest of fairness, every tool the goverment has come up with to allow individuals or small companies to compete fairly against the giants (patents, copyrights, lawsuits, class action suits) has been designed to be equally available to everyone. Unfortunately, time has proven over and over, all other things being equal, a large company has the resources and influence. to more effectively use such legal tools against the very people they are (were) meant to help.
What we need to do is to stop giving the Goliaths of the world slingshots. Here is an idea for balancing out legal costs in lawsuits:
Following a suit, regardless of who wins, each party must pay to the other party an ammount equal to their total legal expenditures related to the suit. This means that 1) if I am involved in a lawsuit against any company, I am guaranteed able to afford legal costs of half that of the company. 2) If both sides of a suit spend the same amount (roughly) it all works out to a wash 3) If a company files a frivolous lawsuit against a person to annoy and harras them, then tries to spend a huge amount on insuring a favorable decision in spite of law and precident (in order to make an example of someone or set a new precident), either the individual can afford a legal defense, or they may *make* money off of it if they don't requre such substantial legal effort to avoid losing the case. 4) There would be a much higher incentive to reduce overall legal costs, reducing the load on our judicial system and hopefully allowing cases with merit more consideration by the courts.
It also would be good if patents and copyrights could only be assigned to an individual, rather than a corporation (and only the original creator or inventor), and the patent/copyright holder would be able to grant or sell non-exclusive licenses to anyone they choose. Stipulations rendering contracts requiring sale or exclusive licensing invalid, could be added. If that is too harsh, we could allow exclusive licenses, but only lasting the duration of the IP holders' employment with the licenser. This would force companies to compete for the right to license something from a person, and would reduce the desire to patent trivial ideas.
Another huge idea would be 100% socialized medical care + abolishments of all forms of insurance. If socialized medical care could be made effective, removing insurance would save more pain and suffering than anything else I can think of. It might even restore personal responsibility and reduce the "sue it" reflex in so many people.
I recognize that both of these ideas have major flaws, but perhaps they could be worked on to provide a system where David and his slingshot *could* compete with Goliath and his battle axe.
Now if someone can find a way to prevent lawyers from getting rich off of friviolous class action suits while the member of the class get nothing...
Also, despite Unisys's attempts to claim to the contrary, they have not uniformily enforced their patent over its lifetime. Also, they keep changing their licensing guidelines while saying "they are just clarifying, their basic policy has always been the same". While this might be tolerable if they were the only vendors of GIF and had a few large licensees who knew what they were getting into, it is nothing short of extorsion and blackmail when a technology has grown to be a published worldwide standard in the absense of enforcement.
The fact is, Unisys has abused the patent system beyond all hope of sympathy.
Hopefully this will encourage standards organizations such as ISO and the IETF to adopt policies whereby only open, unencumberd algorithms can be specified in a standards document. Both RSA and MP3 have caused similar problems, though at least Fraunhoffer was never (IMO) dishonest about their patent and license restrictions.
At a higher level, a fundamental truth is that "whatever the Internet wants, it takes". This is not meant to imply any moral tone, it is just a fact of life. web browsers, MP3, IM, Linux, and streaming media are all examples of components that in some anthropomorphic way, the internet decided it needed. Where those technologies were freely given (Linux, IE, ICQ, WinAmp, WMP) they flourished. Where people attempted to withold them (Netscape, RSA/SSL, MP3, Real) they were taken anyway, and usually to the detriment of the companies behind them.
The moral of the story is, right or wrong, legal or not, if you try to keep something from the internet whose time has come, you are doomed to failure. Unfortunately, people want to make money, and in general, the people who gave their stuff away haven't made a whole lot of money off of it (exception: MS, who can include the R&D costs in their OS) However, the people who give stuff away have a lot more fun in the process, and eventually get bought by AOL for millions in its continuing progress towards being the only provider of content *via* those technologies on the internet...
Actually, though, most of this is already handled. Not just files, but all object (descriptors) have labels. Since an X client must have r/w access to the socket to the X server, it cannot change its sensitivity level. Also, unless you are on a terminal device specified as multilevel, the shell cannot change its sensitivity label.
As long as you stay on one machine, the actual implementation of MAC isn't too difficult, the hard part is all the integration work to assign labels and privs to everything, and ending up with a working system. However unless you inadvertantly give a program privs. it shouldn't have, none of that has particular system securtity implications, it is all more along the lines of "if you didn't do it right, it will fail".
One thing it does is that if a user at a low sensitivity level manages to insert a trojan into a higher sensitivity level users path (for instance, any way of getting it to execute is fine), that program cannot send the data back down to someone at a lower level. MAC based integrity does a better job of this, in which a process operating with a given integrity requirement acts as if all entities of lower integrity didn't exist.
As a requirement for security, physical access control is also necessary, so for instance, a highly sensitive level might have only a single terminal associated with it, which was physically secure, so that it was possible to verify that you did not take any written data out. You can still memorize it, but the scope of possible causes for information leaks is greatly diminished. Hell, just preventing a buggy program from crashing and putting sensitive data in/tmp is a good start.
Finally all of these trusted systems also implement extensive auditing capabilites, so in the event of a security comprimize, accesses to any particular object can be traced and examined.
When you get right down to it, DAC is really designed from the perspective of preventing people from writing data they shouldn't. MAC primarily focuses on preventing people from reading data they shouldn't.
If the process is "cleared" for the level of file A (call it high), it by definition may not write to a file of lower level, including B (which is at level "low"). It does not particularly address the fact that you can memorize the data and type it in again on a seperate terminal, though there are some guidelines for export to external systems (ie, printers should mark the sensitivity of all data being printed).
In a more formal sense, mandatory access control is implemented by assigning every object (file, socket, device, fifo) a sensitivity label, and every subject(process/user) a clearence label. A subject with clearence label X may only write to an object with a sensitivity level of X or higher, and may only read from objects with a sensitivity level of X or lower. Thus, any data flow path within the system is restricted to only flowing from less sensitive to more sensitive. There a few twists (sensitivity labels are only partially ordered -- there may be levels which are incomprable, and no access paths exist between them).
And if certain UNIX vendors use (say, one whose name ends in P) valuable partnerships to try to strong-arm you into using a B1 certified system when you don't need one, run away. No amount of money is worth it.
Lets not be hasty and assume that "build your own" involves plugging a coulple of boards together and installing some software... The necessary drawings are available, and while the components and tools are not sitting in most people's basements, the kind of person likely to build one of these can probably get a hold of some.
Just like how we all now have to specify http1.1://www.slashdot.org to make sure we get the benifit of persistant connections and pipelined requests...
And in exactly the same way that quicktime is totally unable to account for new advances in video decompression by having plugable codec modules.
Get real, the IETF is not going to specify a protocol as tv:// that is not extensable.
Well, various implementations of IPsec allow opportunistic encryption, either host to host, router to router, or host to router. That is basically what your are describing, and the performance hit wouldn't necessarily be that bad, especially if you are willing to use router-to-router encryption only with hardware accelerated crypto...
How is firewire any easier to use than Ethernet? You plug the wire into the computer, and it works, doesn't it? Since most (all?) Macs have ethernet built in, and most PCs dont' have Firewire, it doesn't seem like it is that much difference. I assume that you have to enter your TCP/IP settings either way (or use DHCP).
I want a version of Linux my grandma can use so that when she screws it up anyway, I can telnet in and fix it (assuming the network connection is up) Besides, CLI's are much easier to talk someone through over the phone, even if it is a little slow when you have to read each character.
So, the ideal solution is a nice, user-friendly, hard to do anything serious/dangerous GUI, along with a telnetd (better yet, sshd), and a key sequence to bring up an xterm.
For myself, I don't really mind using linux at home, HP-UX at work, windows for halflife, a mainframe for mainframe stuff, and PalmOS on my PDA, but on the other hand, I would just as soon get a directory listing the same way on all of them, and right now it looks like Linux has the best chance at being the base system from which all of those environments can be built.
The right tool for the right job is fine as far as it goes, but if they can all be built from Linux, so much the easier. The problem with Windows being that it is too tied to its UI, which isn't appropriate in all situations--there is no way that a 95 explorer style interface belongs on a PDA, nor does any GUI at all make sense on a rack mount web server.
A B2 secure rated system requires that a program authorized to read sensitive data must not be allowed to *give* that data to a process with lower clearance. In theory, a trojan which infiltrated the secure levels of a system would possibly be able to read/modify/destroy that data (though other mechanisms exist to prevent that), but not communicate it to an untrusted party. However, with a covert channel such as this, that protection doesn't work.
Yes. That was a system (VMS?) which has privledged shared libraries. There was a priveledged method in one of those libraries that verified the password. Its implementation read the password passed one character at a time until it got to the end or found a mismatch (passwords were stored in the clear)... So by placing the "trial" password buffer over a page boundary, you could determine when you had all characters before the boundary correct.
This particular exploit actually used the "page faults per process" metric provided by the OS, rather than the timing information, IIRC.
Actually, one of the main advantages of glass is that high quality glass flows much more slowly than aluminum, which as a relatively soft metal deforms quite a bit under 7500 RPM.
Actually, the reason A) you are wrong, B) I was wrong below, and C) This is actually a really cool idea, rather than a simple application of stenography is all the same.
I don't remember all the right terms, but the way it works is that you know the exact sequence before and after your message, which could be encoded on one small part of thousands of similar DNA strands. You then manufacture the complimentary nucleotide sequences of the prelude and postlude strings in mass, tag them with some flourecent molecules or something, mix it in with the DNA, do some more magic, and they automatically line up to the right sequences. Rinse the excess, hit it with some UV, and look for the flourescing DNA molecule.
In computer terms, this works because nature has given us a mechanism to do a constant-string grep on DNA many orders of magnitude faster than we can do a linear scan.
The drawback is that if someone finds an equally novel way to search for something a little more ambigious (a molecular NDFA/regexp matcher!) then you are hosed. This is very much like RSA--if large composite numbers are easily factorable, it is not secure, but in the mean time it is a really cool algorithm. And it is very cool, though perhaps a little impractical for everyday use.
The point is, unless your DNA *normally* looks like "JUNE8_INVASION: DEMNARK JUL4_INVASION: ELBONIA" you are going to notice a message if it isn't hidden better than that. A real-ish way to do this is to have the first key be the lead in sequence, and the second be a key for a pseudo-random number generator that gives you positive increments of "where the next letter is". Thus to decode it you need to find the lead in sequence, and then follow the jumps dictated by the psuedo-random sequence. Unless you know both, it only looks like DNA.
Unfortunately, the more you spread it out, the more difficult it is to dodge the significant parts of DNA (assuming you mind). It is also much more expensive requiring many more splices and more sequencing, and is less damage tolerant because any insertion or deletion defect (if the DNA is actually reproducing) will cause the sequence to be corrupted.
A realtime system is one where you have a fixed amount of time to deal with an event, after which the data is either useless, or something has goon wrong. For instance if you are doing audio signal processing in real time (ie, live) if you cannot generate the next output sample by the time the DAC wants it, you have to punt on that sample. In that case, losing an occasional sample is tolerable, in others, you must do *something*. An OS designed for these applications needs to have properties of bounded + known latency on every operation, and be able to guarantee that each process will be scheduled in time.
Slashdot Mirror
Half-wrong. The patent covers both, but Unisys has said in the past (with their track record, they may change their minds...) that they would only license the compressors (since it is easier to go after every web publisher/professional graphics pacakge than every user/viewer). Plus, ultimately, web sites have to offer what users demand. Up until recently users with older browsers demanded GIFs. If Unisys tried to charge every person with a browser they would demand PNG. Of course, MS and NS could have licensed it from them (like they did with RSA) but it still would have been a major stumbling block.
the compression schemes used in gzip and bzip2 offer superior compression to LZW (used in the venerable UNIX compress) in almost all non-trivial cases.
LZW should have died a long time ago.
>Companies exist to maximize profit. That's the >nature of the beast
Yes, but governments exist to insure the betterment of their citizens. Questions of the effectiveness of any given instance aside, one way that we found works pretty well is to allow companies to compete in an open market under profit maximization goals. However, when this does not coincide with the best interests of the citizenry as a whole, people should take precidence.
High-ranking members of large corporations would love to make us think that things work the other way around, and that the goal of whole excercise is to (in the paraphrased words of a promenent software company executive) "Allow and encourage every company to compete as hard as it possibly can". This is because on an individual level, allowing large companies to stomp on the rights of "ordinary citizens" maximizes the value for those same executives, who while counting at least 7% human, do not count as a majority opition. People other than those executives who still repeat the mantras have been brainwashed into missing the point that this whole country was founded on the principle of making life better for them (along with the rest of the population)
A real problem is that in the interest of fairness, every tool the goverment has come up with to allow individuals or small companies to compete fairly against the giants (patents, copyrights, lawsuits, class action suits) has been designed to be equally available to everyone. Unfortunately, time has proven over and over, all other things being equal, a large company has the resources and influence. to more effectively use such legal tools against the very people they are (were) meant to help.
What we need to do is to stop giving the Goliaths of the world slingshots. Here is an idea for balancing out legal costs in lawsuits:
Following a suit, regardless of who wins, each party must pay to the other party an ammount equal to their total legal expenditures related to the suit. This means that
1) if I am involved in a lawsuit against any company, I am guaranteed able to afford legal costs of half that of the company.
2) If both sides of a suit spend the same amount (roughly) it all works out to a wash
3) If a company files a frivolous lawsuit against a person to annoy and harras them, then tries to spend a huge amount on insuring a favorable decision in spite of law and precident (in order to make an example of someone or set a new precident), either the individual can afford a legal defense, or they may *make* money off of it if they don't requre such substantial legal effort to avoid losing the case.
4) There would be a much higher incentive to reduce overall legal costs, reducing the load on our judicial system and hopefully allowing cases with merit more consideration by the courts.
It also would be good if patents and copyrights could only be assigned to an individual, rather than a corporation (and only the original creator or inventor), and the patent/copyright holder would be able to grant or sell non-exclusive licenses to anyone they choose. Stipulations rendering contracts requiring sale or exclusive licensing invalid, could be added. If that is too harsh, we could allow exclusive licenses, but only lasting the duration of the IP holders' employment with the licenser. This would force companies to compete for the right to license something from a person, and would reduce the desire to patent trivial ideas.
Another huge idea would be 100% socialized medical care + abolishments of all forms of insurance. If socialized medical care could be made effective, removing insurance would save more pain and suffering than anything else I can think of. It might even restore personal responsibility and reduce the "sue it" reflex in so many people.
I recognize that both of these ideas have major flaws, but perhaps they could be worked on to provide a system where David and his slingshot *could* compete with Goliath and his battle axe.
Now if someone can find a way to prevent lawyers from getting rich off of friviolous class action suits while the member of the class get nothing...
Also, despite Unisys's attempts to claim to the contrary, they have not uniformily enforced their patent over its lifetime. Also, they keep changing their licensing guidelines while saying "they are just clarifying, their basic policy has always been the same". While this might be tolerable if they were the only vendors of GIF and had a few large licensees who knew what they were getting into, it is nothing short of extorsion and blackmail when a technology has grown to be a published worldwide standard in the absense of enforcement.
The fact is, Unisys has abused the patent system beyond all hope of sympathy.
Hopefully this will encourage standards organizations such as ISO and the IETF to adopt policies whereby only open, unencumberd algorithms can be specified in a standards document. Both RSA and MP3 have caused similar problems, though at least Fraunhoffer was never (IMO) dishonest about their patent and license restrictions.
At a higher level, a fundamental truth is that "whatever the Internet wants, it takes". This is not meant to imply any moral tone, it is just a fact of life. web browsers, MP3, IM, Linux, and streaming media are all examples of components that in some anthropomorphic way, the internet decided it needed. Where those technologies were freely given (Linux, IE, ICQ, WinAmp, WMP) they flourished. Where people attempted to withold them (Netscape, RSA/SSL, MP3, Real) they were taken anyway, and usually to the detriment of the companies behind them.
The moral of the story is, right or wrong, legal or not, if you try to keep something from the internet whose time has come, you are doomed to failure. Unfortunately, people want to make money, and in general, the people who gave their stuff away haven't made a whole lot of money off of it (exception: MS, who can include the R&D costs in their OS) However, the people who give stuff away have a lot more fun in the process, and eventually get bought by AOL for millions in its continuing progress towards being the only provider of content *via* those technologies on the internet...
As long as you don't mind carying a 26" sattelite dish around with you.
They do. Their FAQ says "we plan on supporting all platforms... Basically ISky is just like a normal LAN" I read that as TCP/IP over ethernet...
Actually, though, most of this is already handled. Not just files, but all object (descriptors) have labels. Since an X client must have r/w access to the socket to the X server, it cannot change its sensitivity level. Also, unless you are on a terminal device specified as multilevel, the shell cannot change its sensitivity label.
As long as you stay on one machine, the actual implementation of MAC isn't too difficult, the hard part is all the integration work to assign labels and privs to everything, and ending up with a working system. However unless you inadvertantly give a program privs. it shouldn't have, none of that has particular system securtity implications, it is all more along the lines of "if you didn't do it right, it will fail".
One thing it does is that if a user at a low sensitivity level manages to insert a trojan into a higher sensitivity level users path (for instance, any way of getting it to execute is fine), that program cannot send the data back down to someone at a lower level. MAC based integrity does a better job of this, in which a process operating with a given integrity requirement acts as if all entities of lower integrity didn't exist.
/tmp is a good start.
As a requirement for security, physical access control is also necessary, so for instance, a highly sensitive level might have only a single terminal associated with it, which was physically secure, so that it was possible to verify that you did not take any written data out. You can still memorize it, but the scope of possible causes for information leaks is greatly diminished. Hell, just preventing a buggy program from crashing and putting sensitive data in
Finally all of these trusted systems also implement extensive auditing capabilites, so in the event of a security comprimize, accesses to any particular object can be traced and examined.
When you get right down to it, DAC is really designed from the perspective of preventing people from writing data they shouldn't. MAC primarily focuses on preventing people from reading data they shouldn't.
If the process is "cleared" for the level of file A (call it high), it by definition may not write to a file of lower level, including B (which is at level "low"). It does not particularly address the fact that you can memorize the data and type it in again on a seperate terminal, though there are some guidelines for export to external systems (ie, printers should mark the sensitivity of all data being printed).
In a more formal sense, mandatory access control is implemented by assigning every object (file, socket, device, fifo) a sensitivity label, and every subject(process/user) a clearence label. A subject with clearence label X may only write to an object with a sensitivity level of X or higher, and may only read from objects with a sensitivity level of X or lower. Thus, any data flow path within the system is restricted to only flowing from less sensitive to more sensitive. There a few twists (sensitivity labels are only partially ordered -- there may be levels which are incomprable, and no access paths exist between them).
And if certain UNIX vendors use (say, one whose name ends in P) valuable partnerships to try to strong-arm you into using a B1 certified system when you don't need one, run away. No amount of money is worth it.
Actually, those are both very valuble things they could learn...
Lets not be hasty and assume that "build your own" involves plugging a coulple of boards together and installing some software... The necessary drawings are available, and while the components and tools are not sitting in most people's basements, the kind of person likely to build one of these can probably get a hold of some.
Just like how we all now have to specify http1.1://www.slashdot.org to make sure we get the benifit of persistant connections and pipelined requests...
And in exactly the same way that quicktime is totally unable to account for new advances in video decompression by having plugable codec modules.
Get real, the IETF is not going to specify a protocol as tv:// that is not extensable.
If you take a look at the links he gives, it is something of a dead giveaway...
>90% of anaonymous messaging I have seen have been > used for pirating, porn, flaming or just
/. how, exactly? ;)
> pointless drivel
This is different from
Well, various implementations of IPsec allow opportunistic encryption, either host to host, router to router, or host to router. That is basically what your are describing, and the performance hit wouldn't necessarily be that bad, especially if you are willing to use router-to-router encryption only with hardware accelerated crypto...
How is firewire any easier to use than Ethernet? You plug the wire into the computer, and it works, doesn't it? Since most (all?) Macs have ethernet built in, and most PCs dont' have Firewire, it doesn't seem like it is that much difference. I assume that you have to enter your TCP/IP settings either way (or use DHCP).
I want a version of Linux my grandma can use so that when she screws it up anyway, I can telnet in and fix it (assuming the network connection is up) Besides, CLI's are much easier to talk someone through over the phone, even if it is a little slow when you have to read each character.
So, the ideal solution is a nice, user-friendly, hard to do anything serious/dangerous GUI, along with a telnetd (better yet, sshd), and a key sequence to bring up an xterm.
For myself, I don't really mind using linux at home, HP-UX at work, windows for halflife, a mainframe for mainframe stuff, and PalmOS on my PDA, but on the other hand, I would just as soon get a directory listing the same way on all of them, and right now it looks like Linux has the best chance at being the base system from which all of those environments can be built.
The right tool for the right job is fine as far as it goes, but if they can all be built from Linux, so much the easier. The problem with Windows being that it is too tied to its UI, which isn't appropriate in all situations--there is no way that a 95 explorer style interface belongs on a PDA, nor does any GUI at all make sense on a rack mount web server.
A B2 secure rated system requires that a program authorized to read sensitive data must not be allowed to *give* that data to a process with lower clearance. In theory, a trojan which infiltrated the secure levels of a system would possibly be able to read/modify/destroy that data (though other mechanisms exist to prevent that), but not communicate it to an untrusted party. However, with a covert channel such as this, that protection doesn't work.
Yes. That was a system (VMS?) which has privledged shared libraries. There was a priveledged method in one of those libraries that verified the password. Its implementation read the password passed one character at a time until it got to the end or found a mismatch (passwords were stored in the clear)... So by placing the "trial" password buffer over a page boundary, you could determine when you had all characters before the boundary correct.
This particular exploit actually used the "page faults per process" metric provided by the OS, rather than the timing information, IIRC.
Yes, RMS is far out on the lunatic fringe for suggesting that people encourage companies to behave ethically. What a nutcase!
Actually, one of the main advantages of glass is that high quality glass flows much more slowly than aluminum, which as a relatively soft metal deforms quite a bit under 7500 RPM.
Actually, the reason A) you are wrong, B) I was wrong below, and C) This is actually a really cool idea, rather than a simple application of stenography is all the same.
I don't remember all the right terms, but the way it works is that you know the exact sequence before and after your message, which could be encoded on one small part of thousands of similar DNA strands. You then manufacture the complimentary nucleotide sequences of the prelude and postlude strings in mass, tag them with some flourecent molecules or something, mix it in with the DNA, do some more magic, and they automatically line up to the right sequences. Rinse the excess, hit it with some UV, and look for the flourescing DNA molecule.
In computer terms, this works because nature has given us a mechanism to do a constant-string grep on DNA many orders of magnitude faster than we can do a linear scan.
The drawback is that if someone finds an equally novel way to search for something a little more ambigious (a molecular NDFA/regexp matcher!) then you are hosed. This is very much like RSA--if large composite numbers are easily factorable, it is not secure, but in the mean time it is a really cool algorithm. And it is very cool, though perhaps a little impractical for everyday use.
The point is, unless your DNA *normally* looks like "JUNE8_INVASION: DEMNARK JUL4_INVASION: ELBONIA" you are going to notice a message if it isn't hidden better than that. A real-ish way to do this is to have the first key be the lead in sequence, and the second be a key for a pseudo-random number generator that gives you positive increments of "where the next letter is". Thus to decode it you need to find the lead in sequence, and then follow the jumps dictated by the psuedo-random sequence. Unless you know both, it only looks like DNA.
Unfortunately, the more you spread it out, the more difficult it is to dodge the significant parts of DNA (assuming you mind). It is also much more expensive requiring many more splices and more sequencing, and is less damage tolerant because any insertion or deletion defect (if the DNA is actually reproducing) will cause the sequence to be corrupted.
A realtime system is one where you have a fixed amount of time to deal with an event, after which the data is either useless, or something has goon wrong. For instance if you are doing audio signal processing in real time (ie, live) if you cannot generate the next output sample by the time the DAC wants it, you have to punt on that sample. In that case, losing an occasional sample is tolerable, in others, you must do *something*. An OS designed for these applications needs to have properties of bounded + known latency on every operation, and be able to guarantee that each process will be scheduled in time.