As far as the breathalyzer required by French authorities, a US$2.00 disposable item will be acceptable, but already everyone is being encouraged to buy such items in pairs so that one can be used to test, or for a friend to use, and still to have the required one to drive home with.
To which you replied:
Those things are expensive, and beyond the means of some people who own cars.
I wonder who these people who can afford French petrol and diesel prices, but can't afford $4 are.
Ingredients are cheap, but you have to cook them, which requires time. Oh and does a loaf of bread really cost $3-4 where you live? The last time I spent that much on a loaf of bread it was a focaccia with sun dried tomatoes and olives. A baked-in-store supermarket loaf costs about half that. I do bake my own bread, but mostly because it's nicer when it's cooked 10 minutes ago than when it's cooked that morning, not because it's cheaper. Given the current price of flour and electricity, I don't think my home-baked bread is much cheaper than buying it.
The problem is, with the stock android install unlike, for example, Symbian, you can't just say 'no, the app can't have this permission but install it anyway'. I was looking for an app to read QR codes a while ago. The first five I found on the market all required full access to my address book. WTF? I skipped installing them, but I'm sure that they'd have worked without this capability. The other big UI problem is that the apps don't say WHY they need these privileges.
ESR, one of the finest engineers behind the open source movement and much of the software we use everyday
ESR is a shameless self publicist, who wrote a book once. If he's one of the finest engineers of the open source movement, then the movement is in serious trouble. As far as I can tell, he has never written any code that people actually use.
When there is only one car, and it has lights, it is easy to spot. Driving on country lanes at night is often safer than during the day, because you know where cars are long before you see them because of their headlights. When there is a lot of traffic, there is a lot of ambient light and it's harder to spot individual vehicles.
It is this attitude that puts billions of dollars in the pockets of Apple and Microsoft each quarter.
No, the inability to properly estimate costs does. Development costs are not free. You have three choices:
Pay Microsoft or Apple for every seat and pay again for upgrades to fund their development.
Pay for the features that you need to be added to an open source project and then have no per-seat costs
Hope that someone else will do the paying bit of option 2 for you.
In the long run, option 2 is almost certainly cheaper than option 1, especially for a big company. There are a lot of companies that pay over a million dollars annually for Office licenses. If each one of these hired 10 full-time LibreOffice developers instead, they'd be paying about the same, but any bug that affected them would get top priority, as would any feature they needed. Instead, they pay Microsoft and hope that the features they want will appear in the next version. They don't get the priority though - $1m/year isn't enough for Microsoft to do more than occasionally send a rep to placate you with promises...
Oracle's mismanagement seems to have been good for a few projects. Both Solaris^WIllumos and Open^WLibreOffice have benefitted from the fact that there were briefly a lot of unemployed developers with experience with the codebase. Other companies snapped them up pretty quickly, and now neither project is controlled by a single organisation, making it easier to encourage new developers. When Sun employed 90% of the people with Solaris kernel experience, no one wanted to be a junior partner. When 70% of them quit in protest over Oracle's open source strategy, it became a lot more interesting because now they're scattered over half a dozen companies with no single corporation dictating strategy.
I visited ARM last week. It's really astonishing how tiny the company is. You could fit the entire workforce inside one of Apple's buildings, and still have a lot of space left. It's really impressive how much impact such a small company has. I'm not sure exactly what $12B works out to per employee, but it's a lot of money.
Seriously? So far the Liberal Democrats, with about 30% of the popular vote and about 20% of the seats in Parliament have achieved about 70% of their manifesto pledges. And yet somehow the press lambasts them for not achieving everything. Meanwhile, no one complains at the number of election pledges that Tories have broken...
Name all EU countries? No. Name the major US allies and trading partners and their categories, yes. US states? Sure, any EU citizen can name all of the ones that are constitutionally allowed to define foreign policy on their own...
It makes a difference because of the relative danger to society. If someone is beating you up because they don't like you then they are less of a threat to the general public than if they beat you up because you're the nearest available member of a certain group.
First, I suspect that you are wrong and most crimes are motivated by greed rather than hate. Someone robbing a store doesn't usually hate the owners, he just wants their stuff. The point of a hate crime, however, is not that it is motivated by hate, but that it is motivated by hate of a group, rather than an individual. The question that determines whether something is a hate crime is whether the criminal would have committed the same crime if the victim had been another member of the same group, but would not if it had been a member of a different group. For example, if you beat up a gay person because you hate him, this is not a hate crime. If you beat him up because you hate gays, it is. In the first case, the victim was chosen because of your personal relationship. In the second, you could have substituted any other homosexual and the crime would still have taken place. It's not a difficult concept to grasp. Well, unless you are a member of the judiciary, apparently...
The problem is that this means any app that wants to access any data needs to ask for permission to do so. I don't see how prompting users for permission for every app that wants permission will help.
There are basically three things that most apps need to access. Shared libraries, a scratch location, and user documents. Shared libraries are stored in the binary and rtld can grant access to them. A scratch location is easy - every application can be granted access to/tmp/{app name} or similar. User documents are easy to pass in from another process. You invoke the standard file chooser and it runs in an external process and gives you a file descriptor for the selected location.
The important thing with security is not having a solution that is applicable for every application, but having one that is simple and works in most cases. This means that people will actually enable it by default...
Ah, I misunderstood the original claim. The original AC seems to think that only linking to the NDK means that you can't do anything malicious, which the second AC points out is nonsense because it can still do anything it wants by issuing system calls directly. I think Android does some chroot() stuff to ensure that NDK applications can't do this (they can only access most of the system by going via Dalvik). That said, if Android used FreeBSD, Capsicum could be used to enforce the Dalvik permissions at the OS level. This would mean that a bug in Dalvik that let a malicious application run arbitrary code would no longer mean a security compromise, it would just make the app crash.
The problem is, this kind of acquisition often doesn't make sense. For example, one proposal was that Apple would buy ARM. They could afford to without making a significant dent in their cash reserves, even if they paid double the current market cap. But would Samsung want to license CPU designs from Apple? Almost certainly not - they'd just drive the other mobile device makers to designs licensed from MIPS or even Intel. The net result would be that Apple would end up paying a much larger share of the R&D costs. This was one of the main reasons why they switched to Intel chips in Macs: they were IBM's only laptop / desktop CPU customer and so were paying for all of the R&D, while they only pay something like 5-10% of Intel's R&D costs. Buying other companies on their supply chain would have the same problems.
If I were in their position, I would do the same thing a number of other successful tech companies have done and set up an in-house VC program. If an employee has a cool idea that is not a market that Apple currently wants to be in, then Apple should front them the cash to set up their own company, own 50% of the shares, and let the employee go on sabbatical and return if the company fails.
Then I don't understand the question. Capsicum is a kernel extension. It checks capability rights on file descriptors in the kernel. Nothing stops the process from making system calls - that's the point. Capsicum just stops certain system calls from doing anything...
Open a terminal. Type 'java'. Does it say command not found, or does it give you the help info for Java? I have Java installed for a couple of local apps, but you can disable it in Safari easily (preferences, security, uncheck enable java).
The point is that if you are programming in java, you can offer arbitrary security models to applications running inside the VM, without the need for any special operating system support
This is true if and only if your JVM is 100% bug free. Do a CVE search for JVM, Flash, or JavaScript to see how likely that is. With Capsicum, the JVM can restrict itself to the capabilities that the Java code should have, so even if the VM itself is compromised, the Java code can't escape from the sandbox.
Not really. CTSRD (pronounced 'custard') is a related project. It involves a custom MIPS-based chip and will be using capsicum as a benchmark. The aim is to see how systems like capsicum could be improved by adding some hardware support. Capsicum itself is largely finished as a research project, but that doesn't mean it's dead, quite the reverse. It's now shipped in the standard FreeBSD 9 install and it's being used outside the lab. There is still some Capsicum-related research going on, but this is largely related to libcapsicum and automatic refactoring of applications to take advantage of capabilities-based sandboxes (e.g. static and dynamic analysis to introduce privsep).
In a room full of fire, the strongest person will curry the weakest one.
Only in some of the less civilised parts of India, I believe.
If it's going to cost $2 every time I want to start my car, that would significantly increase the costs of running a vehicle.
If you run over a unicorn then the monsters will come and eat you. See, ex falso quodlibet works for me too!
As far as the breathalyzer required by French authorities, a US$2.00 disposable item will be acceptable, but already everyone is being encouraged to buy such items in pairs so that one can be used to test, or for a friend to use, and still to have the required one to drive home with.
To which you replied:
Those things are expensive, and beyond the means of some people who own cars.
I wonder who these people who can afford French petrol and diesel prices, but can't afford $4 are.
An organisation doesn't survive a couple of millennia without being very good at PR...
I am pseudonymous!
Ingredients are cheap, but you have to cook them, which requires time. Oh and does a loaf of bread really cost $3-4 where you live? The last time I spent that much on a loaf of bread it was a focaccia with sun dried tomatoes and olives. A baked-in-store supermarket loaf costs about half that. I do bake my own bread, but mostly because it's nicer when it's cooked 10 minutes ago than when it's cooked that morning, not because it's cheaper. Given the current price of flour and electricity, I don't think my home-baked bread is much cheaper than buying it.
The problem is, with the stock android install unlike, for example, Symbian, you can't just say 'no, the app can't have this permission but install it anyway'. I was looking for an app to read QR codes a while ago. The first five I found on the market all required full access to my address book. WTF? I skipped installing them, but I'm sure that they'd have worked without this capability. The other big UI problem is that the apps don't say WHY they need these privileges.
ESR, one of the finest engineers behind the open source movement and much of the software we use everyday
ESR is a shameless self publicist, who wrote a book once. If he's one of the finest engineers of the open source movement, then the movement is in serious trouble. As far as I can tell, he has never written any code that people actually use.
When there is only one car, and it has lights, it is easy to spot. Driving on country lanes at night is often safer than during the day, because you know where cars are long before you see them because of their headlights. When there is a lot of traffic, there is a lot of ambient light and it's harder to spot individual vehicles.
It is this attitude that puts billions of dollars in the pockets of Apple and Microsoft each quarter.
No, the inability to properly estimate costs does. Development costs are not free. You have three choices:
In the long run, option 2 is almost certainly cheaper than option 1, especially for a big company. There are a lot of companies that pay over a million dollars annually for Office licenses. If each one of these hired 10 full-time LibreOffice developers instead, they'd be paying about the same, but any bug that affected them would get top priority, as would any feature they needed. Instead, they pay Microsoft and hope that the features they want will appear in the next version. They don't get the priority though - $1m/year isn't enough for Microsoft to do more than occasionally send a rep to placate you with promises...
Have you tried using LibreOffice on ARM? I tried it on my 800MHz Cortex A8 smartbook. Oh, the pain...
Oracle's mismanagement seems to have been good for a few projects. Both Solaris^WIllumos and Open^WLibreOffice have benefitted from the fact that there were briefly a lot of unemployed developers with experience with the codebase. Other companies snapped them up pretty quickly, and now neither project is controlled by a single organisation, making it easier to encourage new developers. When Sun employed 90% of the people with Solaris kernel experience, no one wanted to be a junior partner. When 70% of them quit in protest over Oracle's open source strategy, it became a lot more interesting because now they're scattered over half a dozen companies with no single corporation dictating strategy.
I visited ARM last week. It's really astonishing how tiny the company is. You could fit the entire workforce inside one of Apple's buildings, and still have a lot of space left. It's really impressive how much impact such a small company has. I'm not sure exactly what $12B works out to per employee, but it's a lot of money.
Seriously? So far the Liberal Democrats, with about 30% of the popular vote and about 20% of the seats in Parliament have achieved about 70% of their manifesto pledges. And yet somehow the press lambasts them for not achieving everything. Meanwhile, no one complains at the number of election pledges that Tories have broken...
Name all EU countries? No. Name the major US allies and trading partners and their categories, yes. US states? Sure, any EU citizen can name all of the ones that are constitutionally allowed to define foreign policy on their own...
It makes a difference because of the relative danger to society. If someone is beating you up because they don't like you then they are less of a threat to the general public than if they beat you up because you're the nearest available member of a certain group.
First, I suspect that you are wrong and most crimes are motivated by greed rather than hate. Someone robbing a store doesn't usually hate the owners, he just wants their stuff. The point of a hate crime, however, is not that it is motivated by hate, but that it is motivated by hate of a group, rather than an individual. The question that determines whether something is a hate crime is whether the criminal would have committed the same crime if the victim had been another member of the same group, but would not if it had been a member of a different group. For example, if you beat up a gay person because you hate him, this is not a hate crime. If you beat him up because you hate gays, it is. In the first case, the victim was chosen because of your personal relationship. In the second, you could have substituted any other homosexual and the crime would still have taken place. It's not a difficult concept to grasp. Well, unless you are a member of the judiciary, apparently...
The problem is that this means any app that wants to access any data needs to ask for permission to do so. I don't see how prompting users for permission for every app that wants permission will help.
There are basically three things that most apps need to access. Shared libraries, a scratch location, and user documents. Shared libraries are stored in the binary and rtld can grant access to them. A scratch location is easy - every application can be granted access to /tmp/{app name} or similar. User documents are easy to pass in from another process. You invoke the standard file chooser and it runs in an external process and gives you a file descriptor for the selected location.
The important thing with security is not having a solution that is applicable for every application, but having one that is simple and works in most cases. This means that people will actually enable it by default...
Ah, I misunderstood the original claim. The original AC seems to think that only linking to the NDK means that you can't do anything malicious, which the second AC points out is nonsense because it can still do anything it wants by issuing system calls directly. I think Android does some chroot() stuff to ensure that NDK applications can't do this (they can only access most of the system by going via Dalvik). That said, if Android used FreeBSD, Capsicum could be used to enforce the Dalvik permissions at the OS level. This would mean that a bug in Dalvik that let a malicious application run arbitrary code would no longer mean a security compromise, it would just make the app crash.
The problem is, this kind of acquisition often doesn't make sense. For example, one proposal was that Apple would buy ARM. They could afford to without making a significant dent in their cash reserves, even if they paid double the current market cap. But would Samsung want to license CPU designs from Apple? Almost certainly not - they'd just drive the other mobile device makers to designs licensed from MIPS or even Intel. The net result would be that Apple would end up paying a much larger share of the R&D costs. This was one of the main reasons why they switched to Intel chips in Macs: they were IBM's only laptop / desktop CPU customer and so were paying for all of the R&D, while they only pay something like 5-10% of Intel's R&D costs. Buying other companies on their supply chain would have the same problems.
If I were in their position, I would do the same thing a number of other successful tech companies have done and set up an in-house VC program. If an employee has a cool idea that is not a market that Apple currently wants to be in, then Apple should front them the cash to set up their own company, own 50% of the shares, and let the employee go on sabbatical and return if the company fails.
Then I don't understand the question. Capsicum is a kernel extension. It checks capability rights on file descriptors in the kernel. Nothing stops the process from making system calls - that's the point. Capsicum just stops certain system calls from doing anything...
Open a terminal. Type 'java'. Does it say command not found, or does it give you the help info for Java? I have Java installed for a couple of local apps, but you can disable it in Safari easily (preferences, security, uncheck enable java).
But the Trojans were actually from Troy, which is in Turkey, not France, though apparently they didn't mind it Greek style occasionally.
Way off topic, but the Greeks actually refer to that as 'Turkish style'...
The point is that if you are programming in java, you can offer arbitrary security models to applications running inside the VM, without the need for any special operating system support
This is true if and only if your JVM is 100% bug free. Do a CVE search for JVM, Flash, or JavaScript to see how likely that is. With Capsicum, the JVM can restrict itself to the capabilities that the Java code should have, so even if the VM itself is compromised, the Java code can't escape from the sandbox.
Not really. CTSRD (pronounced 'custard') is a related project. It involves a custom MIPS-based chip and will be using capsicum as a benchmark. The aim is to see how systems like capsicum could be improved by adding some hardware support. Capsicum itself is largely finished as a research project, but that doesn't mean it's dead, quite the reverse. It's now shipped in the standard FreeBSD 9 install and it's being used outside the lab. There is still some Capsicum-related research going on, but this is largely related to libcapsicum and automatic refactoring of applications to take advantage of capabilities-based sandboxes (e.g. static and dynamic analysis to introduce privsep).