Usually the technology is reversed - the US have neat gadgets for a long period before it gets introduced into europe.
The advent of Digital TV has really pushed the sales of widescreen though - on digital boxes you can format your signal to match whatever your TV can do. If you have widescreen you get all (or most) channels in lovely widescreen format.
All the BBC digital channels broadcast in widescreen.
Soon you'll have to register your domain name in every country in the world, in a dozen languages and in all the TLD's to have a quiet life.
This is just getting silly. People should be happy with what they have, or else they should have thought of that in the first place, and registered the name then.
I want to propose a rule stating that getting a lawyer to try and get a domain off someone else is ground for getting barred from registering domain names.
Kinda like Groucho Marx's quote that he wouldn't be a member of any club that accepted the likes of him....
Vernor Vinge wrote a story several years ago that mentioned something similar. Getting it to 2mm is pretty mindblowing. Once they get near thier destined size it will be truely something incredible.
I hope this research continues in the open before some three letter agency takes it and classifies it.
True: Linux may not have many standards, but you can standardise on a distrobution. Decide on what one you think is best for your operation then stick with it.
The same argument could be used for Microsoft people. Nobody varies off thier microsoft os once installed - people either use NT, DOS or Windows - you install and then don't change much from that.
Its a well researched article but still echos some well known microsoft FUD: "The lack of standards in the Linux community, coupled with a lack of key productivity applications and with Unix complexity, will continue to make Linux a poor choice for the mainstream business productivity user."
Its unclear what standards they refer to. Is it desktop? is it distros? is it package management? again these are things you pick the one you think works best for you and stay with it. I'm most cases it won't change radically in outward appearance over the years, unlike certain vendors if you go from a 3.x to a 4.x release you won't have to retrain your users because they thought a new layout would be nice, and you won't have to pay out multi-hundreds of dollars to replace all your obsolete development tools to support the new layout.
In all for such a large scale project as linux people have settled into a pretty good set of standards. Most apps will run on SuSE, RedHat, Debian etc...
The arguements put forward in the report are the ones that Linux will have to overcome in the next few years for it to truely succeed.
Finally, I do think the HP spokeman mentioned on the report needs to browse on over to freshmeat.net and see what apps are available. Someone needs to point out the vendors that have and will be producing major database apps for Linux. In many cases people are using a Linux engine without realising it, so I think the productivity argument is not a valid one.
It shows how bad NT is at real world computing. Terrifying really.
It tells you to "Windows 95/98 machine handy for your games" but warns you against trying to run 95 or 98 on the same machine.
Many of the things on the list are pretty basic things that other systems have fixed (and I'm just not talking Unix here).
I love number 5 - "People make the mistake of letting Windows NT suggest the default Pagefile size for your system." Given that every other OS on the planet can do this without too much hassle I'm surprised that this is a big a problem. Pagefile size is a pretty basic formula for most systems, not "amount of system memory + 12mb".
Most other operating systems that aim for the lofty ideals of NT do a lot of these things automatically, eg page sizing, hardware detection, patch installs, network setup, file system setup etc.
Most operating systems have a single user mode that allow users to change the superuser password from the console without needing to reinstall the whole system.
This article points out more that just the dumb things that users do. It points out the dumb things that microsoft does. In operating system terms NT is about 8 years behind on administration.
9 out of the 10 of these points are pretty basic flaws with NT that Microsoft should have sorted out years ago; all other Operating systems I support have had these fixed for years. It still proves my point that Microsoft are more interested in revenue than in producing a stable and useable operating system.
Anyone want to guess how long it will be until this breaks?
Its a good idea, but I personally don't like it as it gives MS too much data and thier security concerns are usually about 10th on the list after making money. Although the data isn't stored remotely the transport and the demographics could be recorded and used elsewhere.
I'll avoid sites that force me to use this, at least for a year or two so that I can see what weaknesses occur and what microsofts long term plans are.
It sounds like the usual MS cycle - 1) introduce new technology 2) lock up the market 3) slowly start squeezing every cent out of the users that is possible...
Alan does have a lot to do with security though, and doesn't want to move from wales.
I often wonder about cross boundary development... Could you telnet into a machine in Canada and develop encryption stuff there? It would be an interesting legal boundary case, and would a brain be classified as military technology;)
Sure, it might be late, but a lot of software products arrive late. Sometimes years late in Microsofts case.
The Mozilla product that is coming out it not the product it started with. Its now got new engines and renderers. It doesn't have the wide community development support that the linux kernal has, but whats there is good.
They passed M9. They will release. People should stop beating on developers to release a product. Doing this forces a release too early, and too buggy. Its better to let them ship when its ready.
It sounds more like a expansion of Building Number 3.
I guess the redhat IPO allowed him to expand things a bit more. Having decent help is a start and security is always a good thing, so using these developers in better linux encryption is a possibility.
Personally, I think is a good idea - getting videos out that corporate people understand. It's a good answer to the marketing that Microsoft do, and its similar to some of thier presentations.
The people that are being used are respected people in the industry and if yiu are looking for a way to convince your corporate ladder this sort of thing is a good way to go.
The advancement of Linux, especially in critical areas is something thats more needed. People have to be willing to get it publicised too. Without good publicity and good presentations its always going to be seen in the light of the Microsoft FUD.
Once Linux gets more publicity in areas that are critical it will start getting a wider industry approval, and especially if presentations and seminars like this are done more.
When I got Linux into my workplace, I won it on the cost argument, but thats not always going to work. Being able to reference seminars like this is always a good thing.
Unless the machine is physically destroyed, and assuming that you are efficient about your off-line backup storage a recovery is always possible. Curing the holes takes longer, but a good admin is always able to do something that fixes problems.
Is it likely to improve/get worse?
My belief is that things will stay pretty much static. As attack methods get more isoteric, the security methods used become more complex as a result. The number of attacks will always increase in line with the number of people using computer systems.
What sort of preventitive work would you recommend them to carry out?
Really important machines should be on a private network and no computer system that has access to this network should have access to any other network. Less important machines should be setup to use only the bare minimum of resources to lessen the chance that some module is vunerable to attack. Regular audits and checksum comparison of code is always a good idea. Regular user audits are needed too. Any user thats not recognised to a staff member is suspect. Any user that you don't have paperwork (not computer files) on is suspect. Regular reading of security/bugtraq lists are always a good idea too. If you have a piece of software that appears on these as vunerable, apply a patch within hours or less.
Good security is easy to do, but harder to maintain, and no matter how many levels of security you have, one moment of stupidity always can break all the security you have, so be very careful about what you install, and code audit if you have to.
CBRN warfare is an advanced method of warfare - cyberwarfare isn't. The resources needed to achieve this aren't expensive, all it needs it some knowledge and a little cheap equipment.
There are examples of this already, including L0pht's research into the vunerability of the US electricity network. They gather data from public websites and once the data is correlated a good image of the security of the network is found. This can then be explotied. Cyberterrorism is about this type of research.
This article concentrates more on the conventional side of terrorism, but attention should be paid to the groups that use IT for gathering and co-ordination of intelligence rather than for warfare.
Cyberwarfare is where tomorrows terrorists will attack. Terrorism is part destruction/part publicity. Several terrorist groups attacked targets to generate publicity, not to kill people. Similarily cyberwarface attacks are about the same: posting web pages, taking over known servers. The next level is the hardest one to guard against. This is the hacker in the system that doesn't destroy or alter data, just reads things and leaves.
The author groups cyberwarfare along with "script kiddies". Cyberwarfare is not only about damaging systems, it is also about intelligence gathering and information processing.
This is essential to terrorists. Hacking into a government server and posting a new webpage looks good and generates publicity, but hacking into a government server and reading the documents in peoples email directories is much more valuable to terrorists. This gives cyber terrorists valuable details about the thinking and opposition to thier movement, and can aid in planning conventional attacks.
The next generation cyber-terrorism won't just be about invading and crashing control computers or servers, it will also be used for spying and sabotage.
Cyberwar like all other forms of war is not just about damage and destruction but also is about spying and intelligence gathering.
These areas are where most consideration will have to be given.
It's an elegant hack and worthy of the prize. It goes to show that perseverance and bad systems administration always are the worst side of systems security.
Re:And exactly WHAT is reverse engeneering?
on
Reverse Engineering?
·
· Score: 1
If you document it and then code it, then yes thats reverse engineering.
reverse assembly: This takes executable code and produces source code
reverse engineering: This is where a programmer works to replicate the functions of a program without referencing the original.
The latter is by far the hardest to do. The original BIOS clones were done this way. They knew that an interrupt call produced certain end results, so they wrote new code to reproduce this effect.
This is where software patents come in. Reverse Engineering doesn't affect copyright, unless you have been very unlucky and wrote the code exactly as the original programmer.
Patents protect methods. This means that if you have a patent that protects "a method of using x to produce y" even if you produce a system that contains no code from the original program, as long as x produces y you would still have to pay the patent holder a fee (or even be blocked from selling your code) and face a legal battle.
This is why laws to legalise reverse engineering are useful. It means that people can produce systems that are functionally compatible with existing systems and usually are better or less buggy.
If the original IBM PC bios had been patented, we would probably still be forced to use it to this day. Things like this are why I consider software patents A Bad Thing.
I've seen this happen a lot as reporters come under pressure from thier editors to get something that none of the other papers have. In this instance rumour and conjecture equates fact and gets published, which is then referred to by other articles and so on.
You can see instances of this in the reporting of the Olymic bombing and several other occasions where there are lots of intrest but limited facts to print.
The days of investigative reporters like Woodward and Bernstien have long since passed. These days reports seem to want to reformat a press release and publish.
An oddity of the alpha design is that with each new evolution of the chip, the clock speed is actually dropping, and the processing power is increasing. This design means that they don't have to spend so much on working out all the cooling required for the board and concentrate on actually making the bus go fast.
We use alphas for the following reasons: 1) They scale very easily 2) They process very quickly 3) They are totally modular, so if something breaks its very easily replaced. 4) Pentium based servers haven't quite got the architecture to allow for multiprocessing and multiuser processes.
Its good to see this happening especially after Microsoft stopped NT on Alphas. This would have traditionally been thier area. If this sort of thing continues Linux would get a lot of kudos and respectibility, which can only be good.
I keep thinking back to the Coca-cola/Pepsi war, and the moment Coke changed their formula. Maybe Microsoft have just done the same thing and lost a lot of the battle.
IA64 is good, but it will be a long time before it gets the stability and respect that Alpha processors currently have.
There have been some good innovations, graphical web browsing, the GUI. More recent innovations include things like MP3 compression.
There isn't a lot of innovation on Linux because linux is still mostly a server product, and as such has to fit in with the established protocols.
This is partly whats microsofts "innovation" is about - they define a "new standard" to grab market share. The innovation here isn't about whats good for computing, its about whats good for shareholds and thier pockets. By innovating with closed protocols and NDA'd documentation, they attempt to force a product into the market and close out the competitors that might actually release a bug free version that works faster.
Microsoft aren't a fast company. Thier relase calendar is 3 years. The hardware release calendar is 18 months. Microsoft are always going to be behind the wagon no matter what.
This is what microsoft are trying to protect 1) Thier money and 2) Thier products (see #1)
The thing that came out of the various microsoft trials wasn't that microsoft were locking the market to innovate - they were locking the market to screw a few extra bucks out of people. Note for example, we are contantly buying PC's in. When win 95 first came preinstalled, we got a nice user booklet, and cd in a case. Today we get a license leaflet, 35 floppy disk labels and a pointer telling us to make our own install kit. Microsoft are probably saving an extra 2 dollars doing this.
I support Ultrix, Linux, NT, Win 95, and VMS in a large user enviroment. Out of all of these the biggest part of my time is spent tuning and keeping the NT and 95 machines running and crash free. If I didn't have these machines, I'd probably be forced to install some microsoft software just to justify my job...;)
Does the FIN logo count as defacing the flag? "In 1989 when the flag-burning controversy arose, I joined with the American Legion in taking steps to react. I signed legislation outlawing flag burning or defacing the flag, but I also wanted to stop flag burning before it starts." --Bill Clinton, speech to the American Legion, 8/25/92
Slashdot Mirror
HDTV is more a digital format - it allows for broadcasting of 16:9 along with standard width. Its not the same as widescreen.
Widescreen TV's works with normal signals, so its not the same as HDTV
Usually the technology is reversed - the US have neat gadgets for a long period before it gets introduced into europe.
The advent of Digital TV has really pushed the sales of widescreen though - on digital boxes you can format your signal to match whatever your TV can do. If you have widescreen you get all (or most) channels in lovely widescreen format.
All the BBC digital channels broadcast in widescreen.
Soon you'll have to register your domain name in every country in the world, in a dozen languages and in all the TLD's to have a quiet life.
This is just getting silly. People should be happy with what they have, or else they should have thought of that in the first place, and registered the name then.
I want to propose a rule stating that getting a lawyer to try and get a domain off someone else is ground for getting barred from registering domain names.
Kinda like Groucho Marx's quote that he wouldn't be a member of any club that accepted the likes of him....
Interesting....
Vernor Vinge wrote a story several years ago that mentioned something similar. Getting it to 2mm is pretty mindblowing. Once they get near thier destined size it will be truely something incredible.
I hope this research continues in the open before some three letter agency takes it and classifies it.
True: Linux may not have many standards, but you can standardise on a distrobution. Decide on what one you think is best for your operation then stick with it.
The same argument could be used for Microsoft people. Nobody varies off thier microsoft os once installed - people either use NT, DOS or Windows - you install and then don't change much from that.
Its a well researched article but still echos some well known microsoft FUD: "The lack of standards in the Linux community, coupled with a lack of key productivity applications and with Unix complexity, will continue to make Linux a poor choice for the mainstream business productivity user."
Its unclear what standards they refer to. Is it desktop? is it distros? is it package management? again these are things you pick the one you think works best for you and stay with it. I'm most cases it won't change radically in outward appearance over the years, unlike certain vendors if you go from a 3.x to a 4.x release you won't have to retrain your users because they thought a new layout would be nice, and you won't have to pay out multi-hundreds of dollars to replace all your obsolete development tools to support the new layout.
In all for such a large scale project as linux people have settled into a pretty good set of standards. Most apps will run on SuSE, RedHat, Debian etc...
The arguements put forward in the report are the ones that Linux will have to overcome in the next few years for it to truely succeed.
Finally, I do think the HP spokeman mentioned on the report needs to browse on over to freshmeat.net and see what apps are available. Someone needs to point out the vendors that have and will be producing major database apps for Linux. In many cases people are using a Linux engine without realising it, so I think the productivity argument is not a valid one.
It shows how bad NT is at real world computing. Terrifying really.
It tells you to "Windows 95/98 machine handy for your games" but warns you against trying to run 95 or 98 on the same machine.
Many of the things on the list are pretty basic things that other systems have fixed (and I'm just not talking Unix here).
I love number 5 - "People make the mistake of letting Windows NT suggest the default Pagefile size for your system." Given that every other OS on the planet can do this without too much hassle I'm surprised that this is a big a problem. Pagefile size is a pretty basic formula for most systems, not "amount of system memory + 12mb".
Most other operating systems that aim for the lofty ideals of NT do a lot of these things automatically, eg page sizing, hardware detection, patch installs, network setup, file system setup etc.
Most operating systems have a single user mode that allow users to change the superuser password from the console without needing to reinstall the whole system.
This article points out more that just the dumb things that users do. It points out the dumb things that microsoft does. In operating system terms NT is about 8 years behind on administration.
9 out of the 10 of these points are pretty basic flaws with NT that Microsoft should have sorted out years ago; all other Operating systems I support have had these fixed for years. It still proves my point that Microsoft are more interested in revenue than in producing a stable and useable operating system.
Anyone want to guess how long it will be until this breaks?
Its a good idea, but I personally don't like it as it gives MS too much data and thier security concerns are usually about 10th on the list after making money. Although the data isn't stored remotely the transport and the demographics could be recorded and used elsewhere.
I'll avoid sites that force me to use this, at least for a year or two so that I can see what weaknesses occur and what microsofts long term plans are.
It sounds like the usual MS cycle - 1) introduce new technology 2) lock up the market 3) slowly start squeezing every cent out of the users that is possible...
You need to look into the journalling and diskmanagement side of linux.
On databases this large it might still take an age for linux to start up again if it has to fsck the disks.
There are a few journalling options out there, and this is something that is *very* important to look at if you want to ensure data integrity.
Currently other Unix systems do have support for very large disk arrays.
The use of databases on Linux is pretty much a cert, but your big problem will be in disk handling.
Its ironic that software can't ship strong crypto *out* of the the US, but if its developed outside of the US it can be shipped *in*.
There are several projects that have developed strong crypto without contravening the US laws (to the extent that Opera has 128bit encryption).
There is an Australian project that reproduced the strong crpyto without reference to the US and that, I belive, was open source.
What makes things really bad though, is that the US develeopers are scared off from using this incase they are sued for selling strong crypto.
Mozilla took this decision for a number of reasons, even though they knew there was a 128bit engine that was non-US based.
This sort of thing will hinder the US development projects.
True.
;)
Alan does have a lot to do with security though, and doesn't want to move from wales.
I often wonder about cross boundary development... Could you telnet into a machine in Canada and develop encryption stuff there? It would be an interesting legal boundary case, and would a brain be classified as military technology
Sure, it might be late, but a lot of software products arrive late. Sometimes years late in Microsofts case.
The Mozilla product that is coming out it not the product it started with. Its now got new engines and renderers. It doesn't have the wide community development support that the linux kernal has, but whats there is good.
They passed M9. They will release. People should stop beating on developers to release a product. Doing this forces a release too early, and too buggy. Its better to let them ship when its ready.
It sounds more like a expansion of Building Number 3.
I guess the redhat IPO allowed him to expand things a bit more. Having decent help is a start and security is always a good thing, so using these developers in better linux encryption is a possibility.
Personally, I think is a good idea - getting videos out that corporate people understand. It's a good answer to the marketing that Microsoft do, and its similar to some of thier presentations.
The people that are being used are respected people in the industry and if yiu are looking for a way to convince your corporate ladder this sort of thing is a good way to go.
The advancement of Linux, especially in critical areas is something thats more needed. People have to be willing to get it publicised too. Without good publicity and good presentations its always going to be seen in the light of the Microsoft FUD.
Once Linux gets more publicity in areas that are critical it will start getting a wider industry approval, and especially if presentations and seminars like this are done more.
When I got Linux into my workplace, I won it on the cost argument, but thats not always going to work. Being able to reference seminars like this is always a good thing.
Can a recovery be made from such attacks?
Unless the machine is physically destroyed, and assuming that you are efficient about your off-line backup storage a recovery is always possible. Curing the holes takes longer, but a good admin is always able to do something that fixes problems.
Is it likely to improve/get worse?
My belief is that things will stay pretty much static. As attack methods get more isoteric, the security methods used become more complex as a result. The number of attacks will always increase in line with the number of people using computer systems.
What sort of preventitive work would you recommend them to carry out?
Really important machines should be on a private network and no computer system that has access to this network should have access to any other network.
Less important machines should be setup to use only the bare minimum of resources to lessen the chance that some module is vunerable to attack.
Regular audits and checksum comparison of code is always a good idea.
Regular user audits are needed too. Any user thats not recognised to a staff member is suspect. Any user that you don't have paperwork (not computer files) on is suspect.
Regular reading of security/bugtraq lists are always a good idea too. If you have a piece of software that appears on these as vunerable, apply a patch within hours or less.
Good security is easy to do, but harder to maintain, and no matter how many levels of security you have, one moment of stupidity always can break all the security you have, so be very careful about what you install, and code audit if you have to.
CBRN warfare is an advanced method of warfare - cyberwarfare isn't. The resources needed to achieve this aren't expensive, all it needs it some knowledge and a little cheap equipment.
There are examples of this already, including L0pht's research into the vunerability of the US electricity network. They gather data from public websites and once the data is correlated a good image of the security of the network is found. This can then be explotied. Cyberterrorism is about this type of research.
This article concentrates more on the conventional side of terrorism, but attention should be paid to the groups that use IT for gathering and co-ordination of intelligence rather than for warfare.
Cyberwarfare is where tomorrows terrorists will attack. Terrorism is part destruction/part publicity. Several terrorist groups attacked targets to generate publicity, not to kill people. Similarily cyberwarface attacks are about the same: posting web pages, taking over known servers. The next level is the hardest one to guard against. This is the hacker in the system that doesn't destroy or alter data, just reads things and leaves.
The author groups cyberwarfare along with "script kiddies". Cyberwarfare is not only about damaging systems, it is also about intelligence gathering and information processing.
This is essential to terrorists. Hacking into a government server and posting a new webpage looks good and generates publicity, but hacking into a government server and reading the documents in peoples email directories is much more valuable to terrorists. This gives cyber terrorists valuable details about the thinking and opposition to thier movement, and can aid in planning conventional attacks.
The next generation cyber-terrorism won't just be about invading and crashing control computers or servers, it will also be used for spying and sabotage.
Cyberwar like all other forms of war is not just about damage and destruction but also is about spying and intelligence gathering.
These areas are where most consideration will have to be given.
It's an elegant hack and worthy of the prize. It goes to show that perseverance and bad systems administration always are the worst side of systems security.
If you document it and then code it, then yes thats reverse engineering.
There are two methods being talked about here:
reverse assembly: This takes executable code and produces source code
reverse engineering: This is where a programmer works to replicate the functions of a program without referencing the original.
The latter is by far the hardest to do. The original BIOS clones were done this way. They knew that an interrupt call produced certain end results, so they wrote new code to reproduce this effect.
This is where software patents come in. Reverse Engineering doesn't affect copyright, unless you have been very unlucky and wrote the code exactly as the original programmer.
Patents protect methods. This means that if you have a patent that protects "a method of using x to produce y " even if you produce a system that contains no code from the original program, as long as x produces y you would still have to pay the patent holder a fee (or even be blocked from selling your code) and face a legal battle.
This is why laws to legalise reverse engineering are useful. It means that people can produce systems that are functionally compatible with existing systems and usually are better or less buggy.
If the original IBM PC bios had been patented, we would probably still be forced to use it to this day. Things like this are why I consider software patents A Bad Thing.
I've seen this happen a lot as reporters come under pressure from thier editors to get something that none of the other papers have. In this instance rumour and conjecture equates fact and gets published, which is then referred to by other articles and so on.
You can see instances of this in the reporting of the Olymic bombing and several other occasions where there are lots of intrest but limited facts to print.
The days of investigative reporters like Woodward and Bernstien have long since passed. These days reports seem to want to reformat a press release and publish.
I'm sure it could be useful for extreme environments (ie space/underwater work) where you don't want a simple accident killing you.
I hope he's got the patents, he could make money on it.
An oddity of the alpha design is that with each new evolution of the chip, the clock speed is actually dropping, and the processing power is increasing. This design means that they don't have to spend so much on working out all the cooling required for the board and concentrate on actually making the bus go fast.
We use alphas for the following reasons:
1) They scale very easily
2) They process very quickly
3) They are totally modular, so if something breaks its very easily replaced.
4) Pentium based servers haven't quite got the architecture to allow for multiprocessing and multiuser processes.
Its good to see this happening especially after Microsoft stopped NT on Alphas. This would have traditionally been thier area. If this sort of thing continues Linux would get a lot of kudos and respectibility, which can only be good.
I keep thinking back to the Coca-cola/Pepsi war, and the moment Coke changed their formula. Maybe Microsoft have just done the same thing and lost a lot of the battle.
IA64 is good, but it will be a long time before it gets the stability and respect that Alpha processors currently have.
There have been some good innovations, graphical web browsing, the GUI. More recent innovations include things like MP3 compression.
There isn't a lot of innovation on Linux because linux is still mostly a server product, and as such has to fit in with the established protocols.
This is partly whats microsofts "innovation" is about - they define a "new standard" to grab market share. The innovation here isn't about whats good for computing, its about whats good for shareholds and thier pockets. By innovating with closed protocols and NDA'd documentation, they attempt to force a product into the market and close out the competitors that might actually release a bug free version that works faster.
Microsoft aren't a fast company. Thier relase calendar is 3 years. The hardware release calendar is 18 months. Microsoft are always going to be behind the wagon no matter what.
This is what microsoft are trying to protect 1) Thier money and 2) Thier products (see #1)
The thing that came out of the various microsoft trials wasn't that microsoft were locking the market to innovate - they were locking the market to screw a few extra bucks out of people. Note for example, we are contantly buying PC's in. When win 95 first came preinstalled, we got a nice user booklet, and cd in a case. Today we get a license leaflet, 35 floppy disk labels and a pointer telling us to make our own install kit. Microsoft are probably saving an extra 2 dollars doing this.
I support Ultrix, Linux, NT, Win 95, and VMS in a large user enviroment. Out of all of these the biggest part of my time is spent tuning and keeping the NT and 95 machines running and crash free. If I didn't have these machines, I'd probably be forced to install some microsoft software just to justify my job... ;)
Does the FIN logo count as defacing the flag? "In 1989 when the flag-burning controversy arose, I joined with the American Legion in taking steps to react. I signed legislation outlawing flag burning or defacing the flag, but I also wanted to stop flag burning before it starts." --Bill Clinton, speech to the American Legion, 8/25/92