Is it possible to do a worthwhile security audit of Office source if one doesn't have access to the OS source with which it so tightly integrates?
My brother discovered that the best way to make a perfect maze in Racing Destruction Set was to start with the + piece and just click like mad random all over the potential map. After strategically *g* placing about 10 intersections the next 30 minutes would be spent connecting them. This resembles the logic structure for any operating system and accompanying massive application suite (though, metaphorically, at least Linux uses stoplights and everyone drives on the same side of the street). If we take that map and reveal 1/2 the squares (Office source) but black out the other 1/2 (OS source), will we really be able to have a good feel for the security?
As others have noted I feel this is a political play by MS to 1) get free bug-hunting services and 2) gain a stronger voice in political arenas. It's good business for MS but I sure hope that my tax dollars don't get wasted on it. If MS wants beta testers they should pay for them or acknowledge that their product will fall to the superior products.
And it'll be based on a parameterized command stream. And if the interpretation of those parameters is not handled rigourously, or if the system does not account for every possible combination of commands, well then you're ripe for an exploit
I get trolled heavily for saying the same thing and wondering why coders continue to write code which doesn't check the parameters at every iteration.
I agree with you. I'd like to add the following...
Corporations will be responsible for their actions, because shareholders will hold them responsible for them
Corporations do not need to be responsible for their actions. If a corporation is convicted of a crime, they simply declare bankruptcy and dump the loss on business insurance who will pass the savings on to auto, home, and health insurance.
In one of the first convictions of its kind, two wholesale pharmaceutical distributors, based in Forest Park, Ohio, were convicted in federal court of failing to supply their customers with drug "pedigrees"--documents tracing sales of the drug back to the manufacturer. Under the federal Food, Drug & Cosmetic Act, drug wholesalers must provide pedigree papers to their customers to help prevent the introduction of counterfeit, adulterated, and other illegal drugs into the U.S. pharmaceutical supply. RxBazaar and its wholly owned subsidiary, FPP Distribution, each pled guilty to one misdemeanor charge, and each was sentenced to five years' probation and a $100,000 fine. RxBazaar operated a website, http://www. rxbazaar.com, through which buyers and sellers would conduct wholesale transactions, and FPP Distribution distributed drugs to customers. Both companies are closing their businesses. As part of their plea agreements, the companies requested that a statement about their illegal actions be published in trade magazines.
Moderation is a runaway process, in which the difference between +5 and -1 is a single modpoint.
I can always tell when my trollish enemies have received mod points. Any post that I make which gets any positive moderation will, within a day, receive an obligatory "overrated".
I get the impression that you'd find the pathological outcome of _any_ alternative to the current patent system
Indeed. While I agree with the concept of proper compensation I realize that any implementation of a large system leaves itself open to abuse by entrenched powers due to the influence of money on politics. The only way to minimize abuse is to minimize the entire system. Rather than dreaming up larger and larger Rube Goldberg machines, the only way to minimize the loss of efficiency is to minimize the entire system.
My personal suggestion is to eliminate the patent system altogether and put the power truly back in the hands of the individuals. It may not be any better than the current system (those with the most money will always be able to buy the others out) but at least we'll remove the false sense of honesty.
When running a loop, there's a problem if the pointer to the next memory location to be used is greater than that expected from the allocated space. I realize that many times this is out of the programmer's control, as they simple #include someone else's library for handling these processes, but that's their own fault. By now it's become common enough to be obvious: code in safety checks! Even the linux kernel build has an option for buffer overflow protection and frame pointers. Yes, it's acknowledged that the kernel will run slower but I'll happily sacrifice a little speed to prevent the execution of arbitrary code from a data file.
Since we've been watching buffer overflow turn into arbitrary code execution, one would think that programmers would look at the following two choices:
1) Run this loop again and again until the end of the buffer is reached, putting the results $HERE. 2) Run this loop again and again until the end of the buffer is reached, auditing relative pointers at every iteration, and putting the results #HERE.
People just hadn't really figured out how to use that to run arbitrary code at that point
I see it differently. Back in those days the overall systems were so much simpler. ML programming was much more common. People wrote programs in ML rather than writing in a high level language and then compiling. It would've been much more obvious how to insert executable code into a faulty data file _IF_ it were possible to get that data into memory space that would get processed as stack instructions. I don't think it's true that it was possible but no one had considered doing it. Computer programmers have always been tinkerers at heart. If they could've used a faulty data file to pop funny little messages to each other they would have. Something has inherently changed in the OS design and the quality of apps which allows for a faulty data file to inject its payload into executable memory.
Maybe it's a problem inherent in the complexity of today's systems. At that point I wonder if the complexity is necessary. As others have pointed out the consumer doesn't really do anything more with their computer now than they did 10 years ago. The most likely culprit, to me, is that featureware has advanced faster than quality for purely profit motivated purposes.
It's recently been spread around that Kryptonite U-locks that use cylindrical keys can very easily be picked
That's not recent. It was known the day they came out. Just like the unbreakable DVD encryption, or the unbeatable hard drive protection. The day it comes out someone figures out a way around it. If we want to follow the analogy, however, to me it's like someone came up with a complex pretzel-shaped Kryptonite lock which they marketed well (based upon the space-age polymer and the mathematically optimized design) but didn't bother to do the math to figure out that there was a right or left handed twist which allowed the entire thing to be undone in a moment. How about a thousand kryptonite locks which are all locked around the neck of a quick-release seat?
I bet if we went back and started trying to manipulate those 'old apps' you mention with carefully crafted data files, we'd find they are vunerable, and don't merely 'crash' in all cases
I don't believe so. If we could go back and do a severe analysis of applications on Apple ][s, C=64s, Atari 2600s, Amigas, early Macs, 286/386 based early DOS machines, or even some ancient *NIX systems, I would wager that the ratio of code faults:arbitrary code execution is _MUCH_ lower. Extreme programmers have always been troubleshooting bugs and doing line-by-line execution analysis even of assembler code. Still, throughout the 80s and early 90s, malicious code was spread inside executables or boot sectors. I've been hearing music files hiccup, pics quit decoding halfway through, or text files come up with garbled characters for decades. If a programmer could've turned that into an exploit, they would have.
I'm talking about a ratio of code faults:exploitable faults. I don't consider a BSOD, a guru meditation error, or a hard lockup to be an exploit. In today's world, however, I look at every fault as an exploitable fault. Something big has changed in the way programmers are taught or the way they proofread their work.
I feel the responsibility rests solely on the shoulders of the people who have pushed for more nifty features without asking if they were sacrificing quality (security). To stick with the kryptonite lock analogy, the marketing people have been selling the Krytonite locks before waiting for the manufacturer to verify the quality of the material, only to find out through later stress testing that any kid with a ball-peen hammer can snap the neck at the hinge region.
5. Put a Medicare tax on stuff that makes people sick
As an example: bottled water makes you sick because it deprives you of the naturally occurring extras that your biochemistry has evolved to coexist with--unless your tribe has naturally lived in the arctic or next to a mountain spring.
It's easy to point the finger of blame at "booze, cigarettes, and restaraunts" but you have seen the results from Europe, haven't you? The Europeans are happily taking in vast quantities of beer, wine, cheese, sausage, meats and tobacco and enjoying life just as long with universal health care.
Let's look at the real issue. While the European system isn't devoid of graft and skim, the blatant pillaging of the US health care industry by CxOs, VPs, and executive board directors is the _REAL_ problem. The whole system would work just fine if it wasn't such a money scam.
Why should some Americans get to enjoy a butt, a beer, and a double burger -- and then enjoy health care paid for by those who treat their bodies better
UGH. A statement of blatant (and ignorant) hate-mongerism. I'm not going to say that 2 packs of Winston/day is healthy, or that drinking your body weight in beer is healthy... but you are aware that your statements will be turned into a fanatical prohibition-style witch hunt, aren't you?
Drinking, smoking, and eating crap food is part of the American way
You advocated a tax on all restaraunts. I only go to restaraunts which serve good food. You're not personally at fault--it's a common mistake to push for a money-grubbing restaraunt tax by screaming about the crap food effect.
Drinking and smoking are HUMAN ways, not just American ways. Get over it. We're all human. Some of us smoke one or two cigarettes per day and may have a glass or two of a well-flavored beer. We don't want to be ostricized because a political fanatic has a vendetta against people who wake up smoking three cigarettes and go to sleep in a pile of Budweiser cans.
Ultimately, I think it's really a result of extreme code bloat resulting from a market-driven approach to software development. When you get right down to it, from a productivity standpoint (and I don't mean watching videos and playing games) people do pretty much the same things with their computers today as they did a decade or more ago. But given the heavy emphasis by Microsoft (and others) on adding features to make each software generation more "advanced" and hence more marketable, operating system and application complexity is now orders of magnitude more complicated that it was just a few short years ago. This just provides room for a. more mistakes to be made and b. more opportunities to exploit said mistakes.
That's my thought as well. I don't know why the apologist got modded insightful while you (who answered correctly), and I (who posed the question) got nothing.
Yes, people did propagate virii via floppy disks and shareware, but it was a painfully inefficient process.
And, in those days, a malicious data file would cause an app to produce bad output or just crash. There was no execution of arbitrary code from data files.
Many years ago, back when operating systems were worth using, processing an invalid data file would cause the processing to stop or the application to crash, at worst.
When did applications become so slipshod that a error in the data stream can turn into executable code? I realize this sort of thing comes out on Linux, as well. It always makes me wonder how long this has been sitting in someone's 0-day folder and being used on the unwitting populance.
They say that most exploits are of already acknowledged vulnerabilities. Why does no one acknowledge that, if a black hat is good enough to find a bug they haven't, the black hat is also good enough to cover his trail while he's pwning everyone?
If Michael Badnarik were to be elected as president of the United States of America, what would be the most likely offensive that he would encounter from the political back rooms of the Big Two? Would it be personal blackmail? Would it be a sex scandal? Would it be a collaborative set up along the lines of sinking Wall Street and then blaming it on the President?
What is the Libertarian contingency plan for elected officials who receive the short end of the scapegoat stick? Have Libertarians been targeted by such schemes in the past if and when they held positions of any significant political power? How corrupt is the game in Washington DC?
This has nothing to do with true or false. Traditionally, conservatives favor less government, period. Those who call themselves conservative while trying to expand government authority are deluded, stupid, evil, liberal, or a combination of all of the above.
While nmap is a invaluable and important security tool; it is nonetheless but one tool in a large security toolbox. Books that place the bulk of their discussion of nmap at the beginning of a book are generally focused on the blind running of tools without insight or analysis.
I think the poster just finished reading the intro to "The Tao of Network Security Monitoring" by Richard Bejtlich.
"This book strives to not repeat material found elsewhere. you will not read how to install Snort or run Nmap. I suggest you refer to the recommended reading list in the next section if you hunger for that knowledge. I introduce tools and techniques overlooked by most authors, like the material on protocol anomaly detection by Brian Hernacki, and explain how you can use them to your advantage."
You are lying when you say it's the liberals that want to exapand the government. It's BOTH
I said "traditionally" and I did acknowledge that many so-called conservatives get addicted to the liberal government crack-pipe because they've figured out how to use it for their advantage.
Thus the labels "stupid" and "evil". Liberals are "stupid" because they somehow believe that government authority will be used primarily for constructive purposes. Conservatives are "evil" because they purposely misuse government for their own profit.
Traditionally, however, conservatives have favored a microgovernment in the interest of minimizing abuse while the liberals favor a macrogovernment in the interest of maximizing supervisory authority.
Seems like a good tax is one which doesn't waste a chunk of the cash it raises on overhead
Considering politicians keep voting themselves hefty pay raises, I'd say that negates all current taxes.
Re:Patents are not for ideas
on
Is IP Property?
·
· Score: 1
For patents, you need a physical invention
No, you don't. Go to the www.uspto.gov and do a few searches related to "nanoscale", "nanotechnology", "nanocomposites", etc. To make an analogy, people are patenting supercomputers by making a single resistor. Apparently they're praying that someone else will figure out how to fabricate a real world product so that they can swoop in with their attorneys.
I don't think that there's any problem with the concept of IP ownership. Everyone on the planet agrees that the "inventor should get credit". What's missing is a good concept of intellectual property valuation AND a perpetuated misconception of how easy it is to freely give IP away.
Managers will have you believe that your ideas are both miniscule and inherent in a team effort. They have devalued your personal intellectual property and encouraged you, on a personal level, to freely give it away. In many cases, electing to withhold your own personal intellectual property (holding out for a better return) can lead to an adversarial atmosphere that the employee will never win. There is no valuation of your personal intellectual property in your employee agreement except to say, should you have any, the company owns it.
Corporations will have you believe that the products of their IP (pharmaceuticals, cars, music, software) are infinitely valuable and that they retain all rights to that IP for all eternity.
Maybe it's only obvious to me, but this is a classic game of "crapper tennis". Look left, look right, look left, look right... never notice what you're actually doing. What are we actually doing? We're being encouraged to freely share the products of our labor while being legal hamstrung to pay the asking price for someone else's labor. This sets up a perfect circle where the people best suited to profit are the people handling the money, not the people who are laboring. The people who handle the money are, by definition, the people who have the most money.
Conservatives believe what's good for the corporations is good for everyone. Liberals believe that what is good for the people is good for everyone.
Ummmm. No. Traditionally, conservatives favor less government involvement, period. Traditionally, liberals like having their wetnurse/security blanket/government to protect them because they're idiots. This leads to a horrible cycle because the government which the liberals do get is often misused by people who are traditionally conservative. The conservative then becomes addicted to the benefits and, while continuing to proclaim themselves conservative, will happily go back to their liberal crack-pipe on a regular basis.
Whether or not IP is property is moot. Whether or not sharing is good or bad is moot. Everyone agrees that "the inventor should get credit" and, hopefully soon in the future, everyone will agree that government oversight does far more to further intentions of abuse than it will to further intentions of good. Why is this naturally so? People will naturally live together peacefully and will not seek the services of government. People who like to abuse their neighbors, however, will naturally seek out any upper hand they can get. Regardless of the stated intent of government it is a natural fact that its authority will be misused more often than it is properly used.
I don't know but it seems rather un-democatic to allow a few people to screw up network access for the majority
Perhaps we should define a few people? Are you talking about the few people who have private ISPs and WAPs or the few people who can't be bothered to configure their network card to only connect to the UTD wireless network? Or perhaps it's the few people who actually complained about the private WAPs or maybe it's the few administrators who actually thought this was a real problem.
I suspect you were referring to the few people who own private WAPs but I suspect they're not the few people causing any real problem.
but the may not DICTATE how a student can use a wireless device
Sure they can. And they do. And as long as they don't kick out a student who's related to money or an attorney, they will continue to do so if only to gain the twisted pleasure of watching the poor unfortunates they choose to target end up living in welfare housing because no one wants to hire a kid who was kicked out of college.
Point is, what you're doing is affecting other people in a bad way
As if being denied a college education because you paid for your own private ISP and WAP isn't affecting people in a bad way? It's morally reprehensible. It's a sadistic, authoritarian power play. What's next? They'll kick you out for not eating at the school cafeteria? Can they kick you out for sharing your privately bought pizza with others, thus interfering with the service of their cafeteria?
Depending on the state in which you live, rights not explicitly granted to the landlord are granted to the tenant.
That sounds strangely similar to Amendments IX and X of the US Constitution, which are specifically entitled "Non-enumerated rights" and "Rights Reserved to States", respectively. We all know how often those are respected.
Clauses that open holes for arbitrary changes almost always invalidate rental contracts (or they have in every case I've ever researched in my state which would be dozens).
I think we're just seeing a case of "follow the leader". UTD, and other controlling bodies, witness that the US Federal Government has summarily dismissed the concept of the enumeration of rights and so they feel perfectly justified in perpetuating identical behavior. Monkey-see, monkey-do.
What they're doing is still illegal, even if it is in the name of security.
PATRIOT act. Monkey-see, monkey-do.
It's a matter of law
And the law is twisted outside the scope of reality on a regular basis. INDUCE act.
Slashdot Mirror
Is it possible to do a worthwhile security audit of Office source if one doesn't have access to the OS source with which it so tightly integrates?
My brother discovered that the best way to make a perfect maze in Racing Destruction Set was to start with the + piece and just click like mad random all over the potential map. After strategically *g* placing about 10 intersections the next 30 minutes would be spent connecting them. This resembles the logic structure for any operating system and accompanying massive application suite (though, metaphorically, at least Linux uses stoplights and everyone drives on the same side of the street). If we take that map and reveal 1/2 the squares (Office source) but black out the other 1/2 (OS source), will we really be able to have a good feel for the security?
As others have noted I feel this is a political play by MS to 1) get free bug-hunting services and 2) gain a stronger voice in political arenas. It's good business for MS but I sure hope that my tax dollars don't get wasted on it. If MS wants beta testers they should pay for them or acknowledge that their product will fall to the superior products.
And it'll be based on a parameterized command stream. And if the interpretation of those parameters is not handled rigourously, or if the system does not account for every possible combination of commands, well then you're ripe for an exploit
I get trolled heavily for saying the same thing and wondering why coders continue to write code which doesn't check the parameters at every iteration.
Corporations will be responsible for their actions, because shareholders will hold them responsible for them
Corporations do not need to be responsible for their actions. If a corporation is convicted of a crime, they simply declare bankruptcy and dump the loss on business insurance who will pass the savings on to auto, home, and health insurance.
From C&E News, 6-Sep-04.
Moderation is a runaway process, in which the difference between +5 and -1 is a single modpoint.
I can always tell when my trollish enemies have received mod points. Any post that I make which gets any positive moderation will, within a day, receive an obligatory "overrated".
I get the impression that you'd find the pathological outcome of _any_ alternative to the current patent system
Indeed. While I agree with the concept of proper compensation I realize that any implementation of a large system leaves itself open to abuse by entrenched powers due to the influence of money on politics. The only way to minimize abuse is to minimize the entire system. Rather than dreaming up larger and larger Rube Goldberg machines, the only way to minimize the loss of efficiency is to minimize the entire system.
My personal suggestion is to eliminate the patent system altogether and put the power truly back in the hands of the individuals. It may not be any better than the current system (those with the most money will always be able to buy the others out) but at least we'll remove the false sense of honesty.
WTF does that have to do with auditing pointers?
AC troll. Here, have a biscuit.
When running a loop, there's a problem if the pointer to the next memory location to be used is greater than that expected from the allocated space. I realize that many times this is out of the programmer's control, as they simple #include someone else's library for handling these processes, but that's their own fault. By now it's become common enough to be obvious: code in safety checks! Even the linux kernel build has an option for buffer overflow protection and frame pointers. Yes, it's acknowledged that the kernel will run slower but I'll happily sacrifice a little speed to prevent the execution of arbitrary code from a data file.
Since we've been watching buffer overflow turn into arbitrary code execution, one would think that programmers would look at the following two choices:
1) Run this loop again and again until the end of the buffer is reached, putting the results $HERE.
2) Run this loop again and again until the end of the buffer is reached, auditing relative pointers at every iteration, and putting the results #HERE.
And start picking number 2!
People just hadn't really figured out how to use that to run arbitrary code at that point
I see it differently. Back in those days the overall systems were so much simpler. ML programming was much more common. People wrote programs in ML rather than writing in a high level language and then compiling. It would've been much more obvious how to insert executable code into a faulty data file _IF_ it were possible to get that data into memory space that would get processed as stack instructions. I don't think it's true that it was possible but no one had considered doing it. Computer programmers have always been tinkerers at heart. If they could've used a faulty data file to pop funny little messages to each other they would have. Something has inherently changed in the OS design and the quality of apps which allows for a faulty data file to inject its payload into executable memory.
Maybe it's a problem inherent in the complexity of today's systems. At that point I wonder if the complexity is necessary. As others have pointed out the consumer doesn't really do anything more with their computer now than they did 10 years ago. The most likely culprit, to me, is that featureware has advanced faster than quality for purely profit motivated purposes.
It's recently been spread around that Kryptonite U-locks that use cylindrical keys can very easily be picked
That's not recent. It was known the day they came out. Just like the unbreakable DVD encryption, or the unbeatable hard drive protection. The day it comes out someone figures out a way around it. If we want to follow the analogy, however, to me it's like someone came up with a complex pretzel-shaped Kryptonite lock which they marketed well (based upon the space-age polymer and the mathematically optimized design) but didn't bother to do the math to figure out that there was a right or left handed twist which allowed the entire thing to be undone in a moment. How about a thousand kryptonite locks which are all locked around the neck of a quick-release seat?
I bet if we went back and started trying to manipulate those 'old apps' you mention with carefully crafted data files, we'd find they are vunerable, and don't merely 'crash' in all cases
I don't believe so. If we could go back and do a severe analysis of applications on Apple ][s, C=64s, Atari 2600s, Amigas, early Macs, 286/386 based early DOS machines, or even some ancient *NIX systems, I would wager that the ratio of code faults:arbitrary code execution is _MUCH_ lower. Extreme programmers have always been troubleshooting bugs and doing line-by-line execution analysis even of assembler code. Still, throughout the 80s and early 90s, malicious code was spread inside executables or boot sectors. I've been hearing music files hiccup, pics quit decoding halfway through, or text files come up with garbled characters for decades. If a programmer could've turned that into an exploit, they would have.
I'm talking about a ratio of code faults:exploitable faults. I don't consider a BSOD, a guru meditation error, or a hard lockup to be an exploit. In today's world, however, I look at every fault as an exploitable fault. Something big has changed in the way programmers are taught or the way they proofread their work.
I feel the responsibility rests solely on the shoulders of the people who have pushed for more nifty features without asking if they were sacrificing quality (security). To stick with the kryptonite lock analogy, the marketing people have been selling the Krytonite locks before waiting for the manufacturer to verify the quality of the material, only to find out through later stress testing that any kid with a ball-peen hammer can snap the neck at the hinge region.
5. Put a Medicare tax on stuff that makes people sick
As an example: bottled water makes you sick because it deprives you of the naturally occurring extras that your biochemistry has evolved to coexist with--unless your tribe has naturally lived in the arctic or next to a mountain spring.
It's easy to point the finger of blame at "booze, cigarettes, and restaraunts" but you have seen the results from Europe, haven't you? The Europeans are happily taking in vast quantities of beer, wine, cheese, sausage, meats and tobacco and enjoying life just as long with universal health care.
Let's look at the real issue. While the European system isn't devoid of graft and skim, the blatant pillaging of the US health care industry by CxOs, VPs, and executive board directors is the _REAL_ problem. The whole system would work just fine if it wasn't such a money scam.
Why should some Americans get to enjoy a butt, a beer, and a double burger -- and then enjoy health care paid for by those who treat their bodies better
UGH. A statement of blatant (and ignorant) hate-mongerism. I'm not going to say that 2 packs of Winston/day is healthy, or that drinking your body weight in beer is healthy... but you are aware that your statements will be turned into a fanatical prohibition-style witch hunt, aren't you?
Drinking, smoking, and eating crap food is part of the American way
You advocated a tax on all restaraunts. I only go to restaraunts which serve good food. You're not personally at fault--it's a common mistake to push for a money-grubbing restaraunt tax by screaming about the crap food effect.
Drinking and smoking are HUMAN ways, not just American ways. Get over it. We're all human. Some of us smoke one or two cigarettes per day and may have a glass or two of a well-flavored beer. We don't want to be ostricized because a political fanatic has a vendetta against people who wake up smoking three cigarettes and go to sleep in a pile of Budweiser cans.
Ultimately, I think it's really a result of extreme code bloat resulting from a market-driven approach to software development. When you get right down to it, from a productivity standpoint (and I don't mean watching videos and playing games) people do pretty much the same things with their computers today as they did a decade or more ago. But given the heavy emphasis by Microsoft (and others) on adding features to make each software generation more "advanced" and hence more marketable, operating system and application complexity is now orders of magnitude more complicated that it was just a few short years ago. This just provides room for a. more mistakes to be made and b. more opportunities to exploit said mistakes.
That's my thought as well. I don't know why the apologist got modded insightful while you (who answered correctly), and I (who posed the question) got nothing.
Yes, people did propagate virii via floppy disks and shareware, but it was a painfully inefficient process.
And, in those days, a malicious data file would cause an app to produce bad output or just crash. There was no execution of arbitrary code from data files.
Many years ago, back when operating systems were worth using, processing an invalid data file would cause the processing to stop or the application to crash, at worst.
When did applications become so slipshod that a error in the data stream can turn into executable code? I realize this sort of thing comes out on Linux, as well. It always makes me wonder how long this has been sitting in someone's 0-day folder and being used on the unwitting populance.
They say that most exploits are of already acknowledged vulnerabilities. Why does no one acknowledge that, if a black hat is good enough to find a bug they haven't, the black hat is also good enough to cover his trail while he's pwning everyone?
If Michael Badnarik were to be elected as president of the United States of America, what would be the most likely offensive that he would encounter from the political back rooms of the Big Two? Would it be personal blackmail? Would it be a sex scandal? Would it be a collaborative set up along the lines of sinking Wall Street and then blaming it on the President?
What is the Libertarian contingency plan for elected officials who receive the short end of the scapegoat stick? Have Libertarians been targeted by such schemes in the past if and when they held positions of any significant political power? How corrupt is the game in Washington DC?
Translation: X is true, except when it isn't
This has nothing to do with true or false. Traditionally, conservatives favor less government, period. Those who call themselves conservative while trying to expand government authority are deluded, stupid, evil, liberal, or a combination of all of the above.
I'm not impressed
Trolls never are. Here, have a biscuit.
I also doubt the "you will know your system inside and out" argument
That's up to the student. LFS is _THE_ prime tool if you want to learn your system inside and out. It is possible to build LFS and learn nothing.
While nmap is a invaluable and important security tool; it is nonetheless but one tool in a large security toolbox. Books that place the bulk of their discussion of nmap at the beginning of a book are generally focused on the blind running of tools without insight or analysis.
I think the poster just finished reading the intro to "The Tao of Network Security Monitoring" by Richard Bejtlich.
"This book strives to not repeat material found elsewhere. you will not read how to install Snort or run Nmap. I suggest you refer to the recommended reading list in the next section if you hunger for that knowledge. I introduce tools and techniques overlooked by most authors, like the material on protocol anomaly detection by Brian Hernacki, and explain how you can use them to your advantage."
You are lying when you say it's the liberals that want to exapand the government. It's BOTH
I said "traditionally" and I did acknowledge that many so-called conservatives get addicted to the liberal government crack-pipe because they've figured out how to use it for their advantage.
Thus the labels "stupid" and "evil". Liberals are "stupid" because they somehow believe that government authority will be used primarily for constructive purposes. Conservatives are "evil" because they purposely misuse government for their own profit.
Traditionally, however, conservatives have favored a microgovernment in the interest of minimizing abuse while the liberals favor a macrogovernment in the interest of maximizing supervisory authority.
Seems like a good tax is one which doesn't waste a chunk of the cash it raises on overhead
Considering politicians keep voting themselves hefty pay raises, I'd say that negates all current taxes.
For patents, you need a physical invention
No, you don't. Go to the www.uspto.gov and do a few searches related to "nanoscale", "nanotechnology", "nanocomposites", etc. To make an analogy, people are patenting supercomputers by making a single resistor. Apparently they're praying that someone else will figure out how to fabricate a real world product so that they can swoop in with their attorneys.
I don't think that there's any problem with the concept of IP ownership. Everyone on the planet agrees that the "inventor should get credit". What's missing is a good concept of intellectual property valuation AND a perpetuated misconception of how easy it is to freely give IP away.
Managers will have you believe that your ideas are both miniscule and inherent in a team effort. They have devalued your personal intellectual property and encouraged you, on a personal level, to freely give it away. In many cases, electing to withhold your own personal intellectual property (holding out for a better return) can lead to an adversarial atmosphere that the employee will never win. There is no valuation of your personal intellectual property in your employee agreement except to say, should you have any, the company owns it.
Corporations will have you believe that the products of their IP (pharmaceuticals, cars, music, software) are infinitely valuable and that they retain all rights to that IP for all eternity.
Maybe it's only obvious to me, but this is a classic game of "crapper tennis". Look left, look right, look left, look right... never notice what you're actually doing. What are we actually doing? We're being encouraged to freely share the products of our labor while being legal hamstrung to pay the asking price for someone else's labor. This sets up a perfect circle where the people best suited to profit are the people handling the money, not the people who are laboring. The people who handle the money are, by definition, the people who have the most money.
Conservatives believe what's good for the corporations is good for everyone. Liberals believe that what is good for the people is good for everyone.
Ummmm. No. Traditionally, conservatives favor less government involvement, period. Traditionally, liberals like having their wetnurse/security blanket/government to protect them because they're idiots. This leads to a horrible cycle because the government which the liberals do get is often misused by people who are traditionally conservative. The conservative then becomes addicted to the benefits and, while continuing to proclaim themselves conservative, will happily go back to their liberal crack-pipe on a regular basis.
Whether or not IP is property is moot. Whether or not sharing is good or bad is moot. Everyone agrees that "the inventor should get credit" and, hopefully soon in the future, everyone will agree that government oversight does far more to further intentions of abuse than it will to further intentions of good. Why is this naturally so? People will naturally live together peacefully and will not seek the services of government. People who like to abuse their neighbors, however, will naturally seek out any upper hand they can get. Regardless of the stated intent of government it is a natural fact that its authority will be misused more often than it is properly used.
I don't know but it seems rather un-democatic to allow a few people to screw up network access for the majority
Perhaps we should define a few people? Are you talking about the few people who have private ISPs and WAPs or the few people who can't be bothered to configure their network card to only connect to the UTD wireless network? Or perhaps it's the few people who actually complained about the private WAPs or maybe it's the few administrators who actually thought this was a real problem.
I suspect you were referring to the few people who own private WAPs but I suspect they're not the few people causing any real problem.
but the may not DICTATE how a student can use a wireless device
Sure they can. And they do. And as long as they don't kick out a student who's related to money or an attorney, they will continue to do so if only to gain the twisted pleasure of watching the poor unfortunates they choose to target end up living in welfare housing because no one wants to hire a kid who was kicked out of college.
Point is, what you're doing is affecting other people in a bad way
As if being denied a college education because you paid for your own private ISP and WAP isn't affecting people in a bad way? It's morally reprehensible. It's a sadistic, authoritarian power play. What's next? They'll kick you out for not eating at the school cafeteria? Can they kick you out for sharing your privately bought pizza with others, thus interfering with the service of their cafeteria?
I agree with you. I'd like to add comments.
Depending on the state in which you live, rights not explicitly granted to the landlord are granted to the tenant.
That sounds strangely similar to Amendments IX and X of the US Constitution, which are specifically entitled "Non-enumerated rights" and "Rights Reserved to States", respectively. We all know how often those are respected.
Clauses that open holes for arbitrary changes almost always invalidate rental contracts (or they have in every case I've ever researched in my state which would be dozens).
I think we're just seeing a case of "follow the leader". UTD, and other controlling bodies, witness that the US Federal Government has summarily dismissed the concept of the enumeration of rights and so they feel perfectly justified in perpetuating identical behavior. Monkey-see, monkey-do.
What they're doing is still illegal, even if it is in the name of security.
PATRIOT act. Monkey-see, monkey-do.
It's a matter of law
And the law is twisted outside the scope of reality on a regular basis. INDUCE act.
Rules that are rarely enforced are arbitrary and unnessecary rules
:-(
That would match, to five decimal places, 100.00000% of the current laws in this nation.
A school should NOT have the right to make such rules and use them to selectively punish or harrass certain students
I agree. Neither should governments. But they do, and that's life.