OK, who moderated my previous message as a troll? I was just stating a fact. I know a lot of people who prefer to use text messaging with people they don't know very well. It's a little less personal, and there is less commitment.
But troll? Moi?
Ja cie dam troll.
Vi rocks. Emacs sucks.
Fedora rules. Other distros (especially Gentoo) blow.
C is better than C++.
The Democratic Party, despite losing a series of rigged elections, is more dynamic, forward thinking, and deeply committed to the future health and prosperity of all Americans than the Republican Party.
If Linux was as popular as Windows, it would also be a juicy target for security attacks. Windows is just a victim of its own success.
Many years ago (early 80's), I worked for Tandy Corporation. We had a meeting with Bill and a few other folks from Microsoft. Bill spent most of the meeting sitting sideways in his chair, rocking back and forth, chewing on the leather band of his wristwatch. He seemed to not be paying any attention, but it was obvious from the questions he asked that he was listening to everything.
Unfortunately, with hardware random number generators it is notoriously difficult to detect when they fail. Basically, the software needs to perform statistical analysis on the random stream and "cut it off" when it exceeds certain bounds.
BTW -- The B1/B2 algorithm you describe was originally created by Alan Turing, IIRC.
The problem here (as I see it) is the Linux philosophy that drivers belong in the mainline kernel source tree. This in itself is not a problem, but causes issues when companies insist on distributing binary drivers. If the ATI and NVIDIA drivers were open source and lived in the kernel source tree, this problem would disappear.
The MS DDK consists of a) extensive documentation, and b) a set of carefully chosen sample drivers. The Linux "DDK" consists of a) some documentation, b) the source to a huge variety of real, production device drivers and file systems, and (most importantly) c) the kernel sources. Want to know exactly when the NT kernel will unload your driver? Read the documentation, or ask around the web forums. Want to know exactly when the Linux kernel will unload your module? Read the kernel source. Which would you trust to be 100% accurate?
PasswordSafe is basically a GUI wrapped around an encrypted file such as you describe. Unfortunately, it's Win32 only, but there are a fewportablesolutions available.
"Too bad Microsoft doesn't use this feature. Windows has been plagued by buffer-overflow bugs that could easily be prevented by the processor's segmentation features. Alas, even though these features have been built into every x86 chip for more than 15 years, Microsoft has never used them. Instead, Windows creates a "flat" memory system with no segmentation, no tasking, no bounds checking, and no privilege protection, and then struggles to duplicate all those features in software. The result has been famously ineffective."
Neither Linux nor the BSD variants use the x86 segmentation hardware, yet they are not "famously ineffective".
Except everyony does their daily work signed on as administrator...
Precisely. And, since any member of the administrators group has sufficient privilege to load a kernel-mode driver, this flys in the face of Microsoft's claim that "...if malware did make it into the kernel of a Windows machine, the user would have more serious concerns than just SYN attacks launched from their machines."
Good point. A simple hash would not help that much. However, stretching the hash (repeating it several million times) would make each attempt take a few seconds (on today's hardware).
You could also throw a salt into the mix, but this would complicate administration.
Why does a system like this even need to store the SSN? Why not a (md5/sha1/sha-256/whatever) hash of the SSN? This would still allow easy lookups and associations by SSN, but would not reveal the SSN to anyone who steals the data.
I know, I know -- I shouldn't bother asking "why"...
A number of businesses around Fort Worth, TX provide free wireless access. Most of those use a transparent proxy to filter "objectionable" material. I have yet to find one that cannot be subverted by configuring a browser to use a normal HTTP proxy. There are lot of open HTTP proxys out there...
P.S. That Texas wants to filter rest-stop internet content is not surprising at all. This is the state in which a woman was arrested last year for selling sex toys in her own home.
Slashdot Mirror
OK, who moderated my previous message as a troll? I was just stating a fact. I know a lot of people who prefer to use text messaging with people they don't know very well. It's a little less personal, and there is less commitment.
But troll? Moi?
Ja cie dam troll.
There. Now you can mark me as a troll.
Text messaging is for those people who fear the commitment of an actual conversation.
Many years ago (early 80's), I worked for Tandy Corporation. We had a meeting with Bill and a few other folks from Microsoft. Bill spent most of the meeting sitting sideways in his chair, rocking back and forth, chewing on the leather band of his wristwatch. He seemed to not be paying any attention, but it was obvious from the questions he asked that he was listening to everything.
Unfortunately, with hardware random number generators it is notoriously difficult to detect when they fail. Basically, the software needs to perform statistical analysis on the random stream and "cut it off" when it exceeds certain bounds.
BTW -- The B1/B2 algorithm you describe was originally created by Alan Turing, IIRC.
Whenever I read one of Larry's quote, I have the mental image of Simon the used car salesman (Bill Paxton's character from True Lies).
PasswordSafe is basically a GUI wrapped around an encrypted file such as you describe. Unfortunately, it's Win32 only, but there are a few portable solutions available.
No! Don't replace the images on the local disk -- insert them randomly into outgoing email messages.
The Matrix, version 0.1 proof-of-concept
...some times you don't.
For those of you who don't get this, it's a reference to an old TV commercial for Bounty/Mounds chocolate candy.
Linux and BSD do not use x86 segmentation because the feature is not portable to other CPU architectures.
Linux does support limited stack and library randomization. However, there are questions as to the effectiveness of these techniques.
Neither Linux nor the BSD variants use the x86 segmentation hardware, yet they are not "famously ineffective".
Precisely. And, since any member of the administrators group has sufficient privilege to load a kernel-mode driver, this flys in the face of Microsoft's claim that "...if malware did make it into the kernel of a Windows machine, the user would have more serious concerns than just SYN attacks launched from their machines."
Completely wrong? Did I misquote (aside from emphasizing the word virtual)?
VM < phys is not completely useless, but it is terribly inconvenient.
Yes, I believe that's why the summary states "64-bit Windows will handle 16 terabytes of virtual memory, as compared to 4 GB for 32-bit Windows."
Good point. A simple hash would not help that much. However, stretching the hash (repeating it several million times) would make each attempt take a few seconds (on today's hardware).
You could also throw a salt into the mix, but this would complicate administration.
Why does a system like this even need to store the SSN? Why not a (md5/sha1/sha-256/whatever) hash of the SSN? This would still allow easy lookups and associations by SSN, but would not reveal the SSN to anyone who steals the data.
I know, I know -- I shouldn't bother asking "why"...
Would that be a supertoker?
Bullshit. "Virtual Algorithms" my ass.
A number of businesses around Fort Worth, TX provide free wireless access. Most of those use a transparent proxy to filter "objectionable" material. I have yet to find one that cannot be subverted by configuring a browser to use a normal HTTP proxy. There are lot of open HTTP proxys out there...
P.S. That Texas wants to filter rest-stop internet content is not surprising at all. This is the state in which a woman was arrested last year for selling sex toys in her own home.
That settles it then -- it's definitely a bug.
FWIW: Moz 1.7.6 has the same feature/bug. Highly annoying.
Quickly runs out of the room and hides.
Exactly how would a National ID Card make people safer?