It would be fairer if you said that they have
some very secure networks which aren't attached to the Internet .
The script kiddies are attacking the non-secure computers attached to the non-secure nets, and
the foreign powers are trying to infiltrate
the bases where the secure systems are.
Consequently, the number of attacks on the
public and unclassified DOS systems should be large, and the number of sucesses
about the same as on other non-secure systems.
The classified stuff is not on the unclassified nets, so you have to get inside the base to
breach them.
Sorry, those are UNCLAS systems, you know!
on
DoD and Net Attacks
·
· Score: 1
Systems handling material which is in fact classified aren't on the net, and generally
don't run COTS (Commercial Off-The-Shelf) OSs.
Logistics runs on COTS equipment: we've had
public talks on the fun we had getting IP links up between
ports during the Gulf War, to help
manage the shipment of equipment and men. The networks are private, though, you understand.
Tactical systems run on odd collections of stuff: Canadian equipment in my era was custom-built, reliable but not terribly secure. If I sent a flash message that I'd run into
the enemy, it wasn't super critical to deny
it to the enemy: they were busy send a flash
message that they'd just encountered me!
Systems used in a strategic role were
different. As many of these as the military
could afford were ran on "Trusted Computer Systems", like
Multics. At the U.S. DOD's insistance,
commercial computer vendors build Trusted
OSs based on their standard ones.
Any sort of planning document, or anything that would tip an enemy off early enough to matter, was closely held. Our term for
these kinds of systems was "word processors for generals", and was done, sometime with COTS
software, on commercial Trusted Systems.
I have one of these, Trusted
Solaris, on a box in my basement, mostly
out of curiosity. Some people (HP, for example)
use them
as the basis on which to build firewalls, as
B2-grade systems can block a surprisingly
large number of kinds of exploits.
These are the systems that the military
keep secret stuff on, and which they indeed
do lock behind closed doors and network with
encryption devices (blacker boxes) on the cables.
They're very different from the normal unclassified stuff that might get hooked to
public networks: the unclas boxes
are the same kind of machine any one of us
might have. With all the usual security holes.
Cardinal Biggles wrote: the GPL [...] makes
irreversible forking-fests like the UNIX wars
less likely with Linux
I rather disagree: The GPL helps reduce the
advantage of forking, but it doesn't prevent
large competing camps (e.g., UI vs OSF) from
growing up, each with favorite sets of
components.
To a limited degree, this is what happened with
KDE and Gnome: that break very much reminds me
of the Bell -vs- Berkeley split.
Hey, Ed Zander lived through the BSD/Bell
religious schism, the fragmentation of
the vendor Unixes and the Unix International
-vs- OSF standards wars. Of course he's going to worry about
fragmentation: his career's been spent
fighting it.
That said, I think he's wrong: the
older members of the Linux community also
remember those years, and will "educate"
the community. With a large hammer, if necessary (:-))
That's a modern translation. We always used
to say short for "run commands", where "run"
was in the mainframe-batch senee of "a run of the program". --dave
Back in December of '96, when this was being
debated in the Nerd World(tm), I challenged
Jon's IAHC on the implicit assumption that
domain names were property.
That assumption was making the whole problem
harder, without providing any extra value
to the committee. In fact, I'm of the opinion
that treating domain names as property was
one of the causes of the "NSI problem"
in the first place.
The full paper is still available: see
Ownership of International TLDs.
To make a long story short, NSI's assumption of ownership of.com
has created a new monopoly in a worldwide namespace.
has implicitly assumed that it was the property of the U.S. National
Science Foundation,
has explicitly assumed that NSF has the right to give it away,
has caused financial hardship and litigation,
has triggered the purchase of many domains under.com for resale to
individuals, small businesses and unregistered trademark holders, and
finally
had made it possible for NSI to remove a domain or resell it without
notice or appeal.
To this we might add "has now involved the
U.S. government and a quasi-private corporation
in an attempt at international governance".
Leaving aside Java for the moment, I
see plugins and applications
for Sparc and Intel Linux that handle:
All the ms file formats
Adobe Portable Document Format
Postscript
Frame maker
ULAW Audio
MIDI Audio
AIFF Audio
RealAudio
MPEG Video
Soundtracker audio
Microsoft wave files
Commodore 64 audio
PNG image
Sun raster image
TIFF image
IFF animation
DL animation
FLI animation
MPEG Animation
AVI animation
Quicktime animation
SGI animation
I haven't looked for flash, so I suspect it's
the popular missing link this week(;-))
I collected that list this summer,
as part of the research to see if writing a book
(with this as one chapter) was worthwhile.
Then I got hit by lightening...
Ok, folks, should I write a book on this?
(I was the second author on O'Reilly's "Using Samba"). If so, send me mail!
Many people like calendars: I'm one
of them, and use the free one that comes
with Slolaris.
Find a good, Windows-capable calendar, on
freshmeat (there's 82 of them there: at least
one should work (;-)) and
make it available to as many people as possible.
The cpu and disk cost should be low: the
data structures are simple and scale well.
The only operation that's "expensive" is
the one that
most people want
few programs provide.
This is overlaying
multiple people's calendars when looking for
mutually-free times for meetings, and it's
cpu-and-memory-intensive on the client machine.
In short, start a counter-community who will
demand the others drop Exchange (as it refuses
to exchange data with non-MS products (;-)).
Birmingham Small Arms definitely can't enter your office, although
they might shoot you if you don't offer to let them in. The Boy Scouts of America (and a Judge) would if you've kidnapped one of their members.
The Business Software Alliance might be
able to investigate you for piracy, but only if
you (a) have contracted with them to allow this, or (b) they can convince a judge that they have
probable cause to believe you have comitted
an offence.
This also applies to the Bavarian and the British Columbia Software Alliance, but may not be true of the Brest Software Alliance,, or anywhere else where the old French business codes apply.
Perhaps Singapore?
Dozer said As far as the publishing of internal documents, I think that it's just wrong to do it. Corporate
property is not owned by the public[...]
especially when they are in such a competitive
industry. "
Cable companies are not in a competitive
industry: in fact, they're legally monopolies,
because they are usually the only people
authorized to attach their cables to
monopoly-provided telephone poles.
They are specifically regulated monopolies in
Canada.This means that many of their documents cannot
be protected againts public discussion: as a result of this, for example, they can't have them "sealed" in a court
case for compeditive reasons.
My wife has Rogers@Home, too, and the support
folks have been quite pleasant to us when something goes wrong.
They're not rocket scientists, but they knew
what I meant when I reported that I couldn't
set a subnet mask or do a route add.
Alas, the correction was
to reinstall TCP/IP on my wifes's PC, but
that wasn't Roger's fault.
I particularly like the little diagnostic app
they provided, which is a visual ping/traceroute.
You don't need to know anything more than to
press the button, and it shows you what
servers are up/down.
And finally, Rogers just showed up in the local paper announcing their refund policy for outages:
this follows up on discussions in the
Globe and Mail, notably
one where Rogers' supplier, Excite@Home Canada Inc. admits "We have dropped the ball on a number of occasions over the last
couple of weeks. . . . We have caused some pain to the users of the
@Home service -- and that's a bad thing."
A small caveat: if you're in the San Francisco or
Boston areas, your cost of living is high enough
to eat up any difference in the value of the
dollar. I have a colleague who want to Boston
and found that out the hard way...
On the installation/setup side, Samba on Linux
isn't hard to use, but it is hard to learn.
Once it's set up you forget about it until
a new release of Windows comes along...
My response? Write books! See here for O'Reilly's
approach to learning to serve Windows clients.
First, speak to a lawyer.
Second, use her and the statutory requirements
to find a way to extricate yourself.
One startling approach might be to make out
a declaration in standard USPTO form
that you aren't the original and first
inventor, specifying why and listing prior art.
This, submitted to the company, is sure to
cause concern that it will be submitted to the
USPTO. If it was, it could raise a question in the patent examiner's mind as to whether the company
was being entirely honest with him...
Other, less contentious, approaches follow
directly from each requirement of the patent
office: the algorithm is basically for clause in `lawyers interpretation`; do
assert the contrary to the clause
done
I once worked for a company who would need
just such an approach: needless to say
I haven't since!
Don't think of it as a punishment for
doing ill, think of it as a cost of doing
business.
"Intellectual Property", specifically copyright,
is a legal fiction and has
a limited lifetime for one specific
purpose, the encouragement of authors and
musicians.
It's not property, and it's not
the right of the author to pretend something
(s)he's made public doesn't belong to the
public.
What it is is a conscious decision to
support such authors by providing them with
a legal means of collecting money from people.
It's not a tax, except in the frivolous sense
that any money a government take in is a tax.
The levy on recording media, including
VCR tapes, goes to the authors/musicians in
approximate proportion to the use of the
tapes for recording copyrighted songs. It's
not a punishment for copying: that is your right,
and your right to copy is only restricted by
an artificial rule. It's a payment for the
proportion of tapes that are used to copy
music (and TV) that can't be identified as belonging to one particular author, and so is
distributed in rough proportions to all
authors.
In the U.S. Copyright is a
clause in the constitution, as they would
not be able to do it without one: other parts of
the constitution effectively forbid limiting
our right to copy.
What is ironic is that to the ignorant and rights-obsessed, this looks like taking away
a right that they never actually had.
By the way, I make good money off a book
that's available on the internet, free for anyone
to download. I (well, Tim O'Reilly!)
published it, and made it free for anyone to copy
and only retain the "right" to be the sole
printer of the printed book.
In this way we sin the least against the
public's right to what we have made public,
while still getting paid for the work we did,
and do in keeping it up to date and on the
shelves.
Up here, we feed money into an odd version of
a copyright clearance center, which distributes
it to (music) copyright holders.
This makes things like individuals sharing
music with each other financially harmless to
the vendors, and allows us to treat copyright
as what it is: a "legal fiction", created for
a public-policy reason.
Helps keep the rabidly doctrinaire at
bay, too (:-))
Marcus is way too smart (and opinionated on the subject) to have failed to distinguish between white, black and grey-hat crackers, so I suspect the reporter has missed something.
I speculate he said that white hats are good, black hats are bad, and grey hats are making a big mistake, contributing lots of efforts that are picked up by script kiddies, who are black hats, and used to attack innocent bystanders.
Slashdot Mirror
It would be fairer if you said that they have some very secure networks which aren't attached to the Internet . The script kiddies are attacking the non-secure computers attached to the non-secure nets, and the foreign powers are trying to infiltrate the bases where the secure systems are. Consequently, the number of attacks on the public and unclassified DOS systems should be large, and the number of sucesses about the same as on other non-secure systems.
The classified stuff is not on the unclassified nets, so you have to get inside the base to breach them.
Logistics runs on COTS equipment: we've had public talks on the fun we had getting IP links up between ports during the Gulf War, to help manage the shipment of equipment and men. The networks are private, though, you understand.
Tactical systems run on odd collections of stuff: Canadian equipment in my era was custom-built, reliable but not terribly secure. If I sent a flash message that I'd run into the enemy, it wasn't super critical to deny it to the enemy: they were busy send a flash message that they'd just encountered me!
Systems used in a strategic role were different. As many of these as the military could afford were ran on "Trusted Computer Systems", like Multics. At the U.S. DOD's insistance, commercial computer vendors build Trusted OSs based on their standard ones.
Any sort of planning document, or anything that would tip an enemy off early enough to matter, was closely held. Our term for these kinds of systems was "word processors for generals", and was done, sometime with COTS software, on commercial Trusted Systems.
I have one of these, Trusted Solaris, on a box in my basement, mostly out of curiosity. Some people (HP, for example) use them as the basis on which to build firewalls, as B2-grade systems can block a surprisingly large number of kinds of exploits.
These are the systems that the military keep secret stuff on, and which they indeed do lock behind closed doors and network with encryption devices (blacker boxes) on the cables.
They're very different from the normal unclassified stuff that might get hooked to public networks: the unclas boxes are the same kind of machine any one of us might have. With all the usual security holes.
Cardinal Biggles wrote: the GPL [...] makes irreversible forking-fests like the UNIX wars less likely with Linux I rather disagree: The GPL helps reduce the advantage of forking, but it doesn't prevent large competing camps (e.g., UI vs OSF) from growing up, each with favorite sets of components. To a limited degree, this is what happened with KDE and Gnome: that break very much reminds me of the Bell -vs- Berkeley split.
Hey, Ed Zander lived through the BSD/Bell religious schism, the fragmentation of the vendor Unixes and the Unix International -vs- OSF standards wars. Of course he's going to worry about fragmentation: his career's been spent fighting it. That said, I think he's wrong: the older members of the Linux community also remember those years, and will "educate" the community. With a large hammer, if necessary (:-))
That's a modern translation. We always used to say short for "run commands", where "run" was in the mainframe-batch senee of "a run of the program". --dave
The full paper is still available: see Ownership of International TLDs. To make a long story short, NSI's assumption of ownership of .com
To this we might add "has now involved the U.S. government and a quasi-private corporation in an attempt at international governance".
--daveLeaving aside Java for the moment, I see plugins and applications for Sparc and Intel Linux that handle:
- All the ms file formats
- Adobe Portable Document Format
- Postscript
- Frame maker
- ULAW Audio
- MIDI Audio
- AIFF Audio
- RealAudio
- MPEG Video
- Soundtracker audio
- Microsoft wave files
- Commodore 64 audio
- PNG image
- Sun raster image
- TIFF image
- IFF animation
- DL animation
- FLI animation
- MPEG Animation
- AVI animation
- Quicktime animation
- SGI animation
I haven't looked for flash, so I suspect it's the popular missing link this week(;-))I collected that list this summer, as part of the research to see if writing a book (with this as one chapter) was worthwhile. Then I got hit by lightening...
Ok, folks, should I write a book on this? (I was the second author on O'Reilly's "Using Samba"). If so, send me mail!
--dave
The cpu and disk cost should be low: the data structures are simple and scale well.
The only operation that's "expensive" is the one that
most people want
few programs provide.
This is overlaying multiple people's calendars when looking for mutually-free times for meetings, and it's cpu-and-memory-intensive on the client machine.
In short, start a counter-community who will demand the others drop Exchange (as it refuses to exchange data with non-MS products (;-)).
--daveThe Business Software Alliance might be able to investigate you for piracy, but only if you (a) have contracted with them to allow this, or (b) they can convince a judge that they have probable cause to believe you have comitted an offence.
This also applies to the Bavarian and the British Columbia Software Alliance, but may not be true of the Brest Software Alliance,, or anywhere else where the old French business codes apply. Perhaps Singapore?
This is currently only Rogers@Home, but might be spread by "suitable public concern" (;-)) See the Ottawa Citizen's article here.
As far as the publishing of internal documents, I think that it's just wrong to do it. Corporate property is not owned by the public[...] especially when they are in such a competitive industry. "
Cable companies are not in a competitive industry: in fact, they're legally monopolies, because they are usually the only people authorized to attach their cables to monopoly-provided telephone poles.
They are specifically regulated monopolies in Canada.This means that many of their documents cannot be protected againts public discussion: as a result of this, for example, they can't have them "sealed" in a court case for compeditive reasons.
My wife has Rogers@Home, too, and the support folks have been quite pleasant to us when something goes wrong. They're not rocket scientists, but they knew what I meant when I reported that I couldn't set a subnet mask or do a route add. Alas, the correction was to reinstall TCP/IP on my wifes's PC, but that wasn't Roger's fault. I particularly like the little diagnostic app they provided, which is a visual ping/traceroute. You don't need to know anything more than to press the button, and it shows you what servers are up/down. And finally, Rogers just showed up in the local paper announcing their refund policy for outages: this follows up on discussions in the Globe and Mail, notably one where Rogers' supplier, Excite@Home Canada Inc. admits "We have dropped the ball on a number of occasions over the last couple of weeks. . . . We have caused some pain to the users of the @Home service -- and that's a bad thing."
I work at Sun and I'm not pleased at all... I wanted 7.0 for my machine at home.
--dave
A small caveat: if you're in the San Francisco or Boston areas, your cost of living is high enough to eat up any difference in the value of the dollar. I have a colleague who want to Boston and found that out the hard way...
--dave
On the installation/setup side, Samba on Linux isn't hard to use, but it is hard to learn. Once it's set up you forget about it until a new release of Windows comes along...
My response? Write books! See here for O'Reilly's approach to learning to serve Windows clients.
--dave (distinctly biased!) c-b
They don't handle large international companies very well...
One startling approach might be to make out a declaration in standard USPTO form that you aren't the original and first inventor, specifying why and listing prior art. This, submitted to the company, is sure to cause concern that it will be submitted to the USPTO. If it was, it could raise a question in the patent examiner's mind as to whether the company was being entirely honest with him...
Other, less contentious, approaches follow directly from each requirement of the patent office: the algorithm is basically
for clause in `lawyers interpretation`; do
assert the contrary to the clause
done
I once worked for a company who would need just such an approach: needless to say I haven't since!
It's not property, and it's not the right of the author to pretend something (s)he's made public doesn't belong to the public.
What it is is a conscious decision to support such authors by providing them with a legal means of collecting money from people. It's not a tax, except in the frivolous sense that any money a government take in is a tax.
The levy on recording media, including VCR tapes, goes to the authors/musicians in approximate proportion to the use of the tapes for recording copyrighted songs. It's not a punishment for copying: that is your right, and your right to copy is only restricted by an artificial rule. It's a payment for the proportion of tapes that are used to copy music (and TV) that can't be identified as belonging to one particular author, and so is distributed in rough proportions to all authors.
In the U.S. Copyright is a clause in the constitution, as they would not be able to do it without one: other parts of the constitution effectively forbid limiting our right to copy.
What is ironic is that to the ignorant and rights-obsessed, this looks like taking away a right that they never actually had.
By the way, I make good money off a book that's available on the internet, free for anyone to download. I (well, Tim O'Reilly!) published it, and made it free for anyone to copy and only retain the "right" to be the sole printer of the printed book.
In this way we sin the least against the public's right to what we have made public, while still getting paid for the work we did, and do in keeping it up to date and on the shelves.
--dave c-bUp here, we feed money into an odd version of a copyright clearance center, which distributes it to (music) copyright holders.
This makes things like individuals sharing music with each other financially harmless to the vendors, and allows us to treat copyright as what it is: a "legal fiction", created for a public-policy reason.
Helps keep the rabidly doctrinaire at bay, too (:-))
--daveThe Atlantic is somewhat famous for this: they've been around so long they've become used to outliving annoyed advertizers (;-))
Marcus is way too smart (and opinionated on the subject) to have failed to distinguish between white, black and grey-hat crackers, so I suspect the reporter has missed something.
I speculate he said that white hats are good, black hats are bad, and grey hats are making a big mistake, contributing lots of efforts that are picked up by script kiddies, who are black hats, and used to attack innocent bystanders.
Anyone considered asking him? (;-))
--dave
Interesting.... Has this resulted in any "bad" reporters writing fake stories based on non-existent "sources"
No, they occasionally try, but normally lose their jobs when they're exposed.
Unless, of course, they write an article about internet porn for Time using a faked "CMU Report", and can blame the author (;-))
--dave