If I'm reading this right, then he's saying
1. The hashing function must be 1-to-1 and onto
2. The hashing function cannot be invertible
When the article says "impossible to take a hash value and recreate the original message", he really means "infeasible to take a hash value and recreate any message that has that hash value".
Of course its absolutely impossible to recreate the original message, since there are multiple messages that hash to that value. But in almost every use of hash functions, creating any other message with the same hash is good enough to be considered "broken". Thankfully, that hasn't happened yet.
We need to develop algorithms aside of SHA. SHA-256 only postpones the problem...
It postpones it a lot. Lets say the break is linear in the expansion of the SHA-X algorithm family, so 2^69 break for SHA-1 (160 bits) is equivalent to a 2^110 break in SHA-256 and also equivalent to a 2^220 break in SHA-512.
Thats an awful lot. That means both SHA-256 and SHA-512 are still more secure than SHA-1 ever was even supposed to be. Even if you say this algorithm will become more efficient over time, it would have to go down a lot before SHA-512 is less secure than the (unbroken) SHA-1 was designed to be.
In the near future, I would much rather use SHA-512 (or even SHA-1) than a brand-spankin-new algorithm and all the possibly worse breaks you can find there. You know the saying about the devil you know.
Re:Not quite the end of the world
on
SHA-1 Broken
·
· Score: 1
The problem is the additions add up. Start with 2^69 operations. Let's assume that takes 100,000 years to perform right now. Refinements in the algorithm might cut 2 off the exponent, reducing the time to one-quarter or 25,000 years. Now, parallelize that onto that 8-way dual-core Opteron. That's 16-way parallelization, so we're now down to less than 1563 years. OK, now let's go the DES/RC5 route, dedicated hardware and massive parallelization. Call it an order of magnitude speed improvement using dedicated ASICs to perform the operations, and we'll go from 16-way to 1024-way parallelization. We're suddenly down to a little over 2 years. Remember that we started at 100,000 years. The reductions in time are divisions, remember, not subtractions.
You're still missing the fundamental point. For absolutely any method you come up with that, with the 2^69 algorithm, can break SHA-1 in time X, I can give you a similar method that uses the 2^80 algorithm and breaks SHA-1 in X * 2^11
Or, conversely, if you claim SHA-1 is weak because there is a 2^69 algorithm, using the same method as you, I would claim that SHA-1 was never strong with the 2^80 algorithm. 11 factors of 2 doesn't make or break the security of a system.
It is just wrong to argue that SHA-1 is more than 11 factors of 2 weaker now. It is wrong to argue that more than 16.5 years of its lifetime has been cut out. If you think the algorithm itself (barring breaks like this one) wouldn't have lasted another 16.5 years anyway, that is a completely separate argument. Then you would be agreeing with me that 16.5 years has been lost, and it is now completely dead. I don't think thats true, but again, thats not my point: my point is that, no matter how you slice it, only 16.5 years of life has been removed.
What we've got here is a better-than-brute-force way of solving that first problem with respect to SHA-1. If previous hash algorithms are any guide, we will see the third problem solved. The only question is when, and history again tells us that it'll happen faster this time than previous times.
Again, not necessarily true. It is possible that SHA-1 is actually secure against such an attack. An analogy can be made to RSA: it is trivial to create a "collision" (2 different public keys that share a prime factor), but it is still believed to be hard to get a prime factor given just the public key.
Yes, if this paper leads to further work on breaking the other 2 problems, we should look into better algorithms. But that is far away, if ever, and the world isn't going to end tomorrow because someone can create a SHA-1 collision in 2^69 steps instead of 2^80 steps.
Re:Not quite the end of the world
on
SHA-1 Broken
·
· Score: 1
In order to forge a certificate you only have to make sure the OWNER'S NAME is correct. The other data can be complete garbage, as far as a web browser is concerned. Which means it's not that hard to create fake certificates in somebody else's name (say, Microsoft Corp). This is the real risk here.
No, thats not right.
What you are proposing is having a target hash, H (in your example, the Microsoft PKI certificate), which has a preimage, X, known only to Microsoft. You want to generate another Y such that Y also hashes to H. That problem, as far as we know, still requires brute force computation.
This paper is a completely different problem. It says it is easier to generate X and Y such that both happen to hash to the same value. You don't get to choose what that value is.
The only way this could be abused in a PKI system is if you generate X and Y such that X is your own fraudulent certificate, but Y looks like someone else's certificate, and you actually manage to get someone else to have VeriSign sign the Y certificate. If you succeed in that, both your certificate and their certificate will look the "same" to the browser, and if VeriSign signs their certificate, yours will appear valid as well.
However, if you can successfully go up to Microsoft and say "hey, I've got this certificate, Y, with all your information filled out - could you run down to VeriSign and get them to sign it for you?", there is a much more fundamental problem.
You wouldn't even need to know X - you gave Microsoft Y, and so you have Y, the actual preimage to the certificate you are trying to break.
So no, there is no risk here at all. The only possible risk is from the substitution method I described - where the adversary knows both X and Y, and can substitute one for the other without an honest third party realizing. Any scheme, such as PKI, where the adversary does not know X or Y is still perfectly secure.
Re:Not quite the end of the world
on
SHA-1 Broken
·
· Score: 1
The algorithm will be refined. It'll get faster and take fewer steps.
Yes, that is true. But how much faster? I doubt they'll shave more than another 11 factors of 2 off just by optimizing the same algorithm.
The algorithm can probably be parallelized. Even on general-purpose hardware running it in parallel on an 8-way dual-core Opteron rig will let you crack a hash in 1/16th the wall time, and that's not counting dedicated hardware designed for the task and running thousands of units in parallel.
The brute-force algorithm can definitely be parallelized. Thus, you're still not shaving off more than 16.5 years from the life expectancy.
Computing power only increases. Work that takes days now will, in a year or two, take only hours.
Yep, computing power doubles every 1.5 years, just as I said. And yet again, that means 11 factors of 2 saves you 16.5 years of increased computing power.
If you can find collisions at all in less than the brute-force time, you're well on your way to finding an algorithm that can tweak a specific document to have a given hash. This would, of course, be a complete crack of the hashing algorithm.
Not true at all. If I give you a black box that spits out a collision every time you push a button, you still can't "tweak" a document to make it match a target hash value any better than brute force. These are two completely separate problems.
Not quite the end of the world
on
SHA-1 Broken
·
· Score: 3, Interesting
So the paper says I can find two values, X and Y, such that they hash to the same SHA-1 value. Great. What can I do with this?
As others have pointed out, I can create 2 documents, X and Y, have a target sign one, then substitute the other. His digital signature will be valid for both. Great - it takes only 2^69 attempts to get a collision - I'm sure the chances that the X and Y found will both be valid English documents, one of which I could convince a target to sign, the other allowing me to scam him out of enough money to make the whole ordeal worthwhile.
However, people keep copies of what they sign. Even if I did find a collision, and even if both documents were valid English text, the guy could say "I didn't sign Y - look, my signature is valid for X - he scammed me". Great.
The more likely scenario is someone signing their own document, then claiming it was fraudulent. They could create their own X and Y, sign X that somehow involves another party, then claim they actually signed Y and this other party was the scammer. But they still have to find X and Y in 2^69 steps such that both make logical sense in the English language - no simple task.
This is cool in a theoretical sense, but in a practical sense, its like saying you don't need a million monkeys on a million typewriters typing for a million years to generate Shakespeare; it'll only take 999,999 monkeys on 999,999 typewriters...
Or, to go back to the theoretical world: with processor speeds doubling every 1.5 years, and this team shaving 11 factors of 2 off of the break time, the lifetime of SHA-1 just shortened by about 16.5 years. Not quite the end of the world as we know it.
I have removed Norton from all my personal computers and replaced them with Avast.
I just wish big corporations would realize that by using Norton/Symantec, that they are using the most targeted [by antivirus-disabling viruses] antivirus software out today.
You're right - Everyone should switch to Avast immediately so everyone is not using the same product! Uh... wait...
Furthermore, many of the remote root vulnerabilities that Linux systems have suffered are the fault of shoddy distributors who run services such as Apache as root unnecessarily
My point, all along, has been that both Linux and Windows are not secure if the user doesn't know what he's doing, and that both of them can be very secure if the user does know what he's doing. You said that exact same thing above.
Both systems have exploits. Even Apache that isn't run as root can result in a remote-root exploit via a combination Apache exploit and priviledge escalation exploit. All of these things exist in Linux. There is absolutely nothing in the fundamental architecture of Linux that protects against buffer overflow attacks.
My mom and dad don't run IIS or Apache. They don't know how to secure their Windows box, which is why people write worms for known Windows security holes - they know there are a ton of people out there who don't patch their systems.
I do know how to maintain an XP machine, which is why I've never been infected with a virus, adware, or spyware.
If you reverse the situation: give my parents a Linux box, and you a Windows box, they still wouldn't know how to secure the Linux box and you would still be virus-free. If Linux had 95% of the market share for non-computer-literate users, people would target known security holes there.
In fact, Linux compared to XP with SP2 is harder to teach a non-tech-savvy person to secure. My parents machine automatically downloads and installs updates, and pops up a little message telling them when to reboot. Annoying, yes, but dirt-simple to follow those instructions.
And the reason the IIS worms are out there, even though Apache has the lead in actual web servers, is because IIS is still on a lot of home machines. Thats yet another problem with Windows (my point all along is that Windows and Linux both have major problems - not that Windows is good). If it was possible for my parents to accidentally install and turn on Apache on their home machines, there would be just as many worms for that.
Linux does not control 95% of the market, and it never will because there is strength in variety. Even if 95% of the market consisted of people running linux, it would be extremely unlikely for them to be running the same linux distribution.
You're completely missing my point. I am saying that Windows is no more or less secure than Linux - its popularity makes people attack it more which results in its users being more vulnerable, but that doesn't mean the software that runs it all is inherently less secure. You're telling me that even if Linux was popular, it wouldn't really be popular (read: most code wouldn't be on 95% of computers). You're right, but that doesn't change my point: that if the same code was on 95% of computers, it would be exploited just as much as Windows.
Also, there are a ton of applications that control large amounts of their respective markets (Apache, OpenSSH, Samba) that do not suffer a plague of security holes
Their markets don't consist of my mom and dad. Thats why Windows is targetted and not Linux - you know how to protect your Linux machine, my parents don't know how to secure their Windows machine. If you reversed the software, you'd have the same result - you know how to secure Windows (I know I do - no adware or spyware in several years of running it) and my parents don't know how to secure Linux.
Any properly written application (especially one that opens up privileged services or allows remote access to the machine) should anticipate anybody and everybody trying to attack it to get at the system underneath.
Anticipating and succeeding are completely different. What do you suggest - Microsoft find a mathematical way to prove that there are no buffer overflows in their code? The best minds on the planet can't prove that RSA, AES and SHA-1 are secure, yet everyone (Linux included) uses them for important information. What you're suggesting just isn't feasible, for either Microsoft or Linux, which is why neither of them are free of exploits.
No, linux isn't perfect. But that doesn't mean Windows doesn't have some serious problems
Yet again the knee-jerk Slashdot reaction. I wasn't saying Windows is good. It certainly does have serious problems. I was saying Linux software has equally serious problems, but they just don't get as much popularity because with such a minority in the market, you can't do as much damage with those problems.
Wow, so a trivial remote exploit like the NetBIOS or RPC worms is equivalent to a local root exploit, which requires an account on the machine or a secondary compromised service? I think you have perspective issues here.
I think you have nitpicky issues here.
Perhaps the phrase "A remote root exploit is a remote root exploit is a remote root exploit, and a local root exploit is a local root exploit..." would be more accurate. But I'm lazy, and the non-nitpicky readers understood exactly what I meant.
What you say is just ridiculous because it hints at the idea that Linux doesn't have remote root exploits, only Windows does, which is just plain wrong.
MS still has everyone running as Administrator. Another important thing is to fix known bugs before there is an exploit. MS's track record on either of these two points isn't exactly great.
You're right about the administrator problem, but you've got it backwards with the exploits. If you look at the dates when Microsoft releases a major security update and when a worm/virus begins to exploit it (Blaster is a good example), you'll see that the worms come a few days after the patch. The most likely scenario is that virus writers reverse engineer the patch to figure out the problem and exploit it.
Contrast this to Linux: If you find an exploit, the culture is full discloser, including sample code that uses the exploit. Yes, it gets fixed soon after, but you still have the exploit before the patch.
Maybe you meant Windows users get exploited before they apply the patch, whereas Linux users generally apply the patch before anyone attempts to exploit them. That's just a factor of Linux users being better at updating their system when they're supposed to, and fewer people targetting Linux because of that very same reason.
A Windows machine with automatic download/installation of updates, that is reboot when its supposed to (yes, another fault that adds to the problem of users not updating when they should) has a tiny chance of being exploited - no more or less than a patched Linux box.
So I figured I'd do the decent thing and do the security updates....
Eight hours later, I cleaned off the last of the spyware, adware, malware horseshit.
And if you didn't boot into Linux for many months resulting in lots of unpatched security holes, and there were a ton of people trying to attack Linux boxes because Linux controlled 95% of the market, you'd have the same experience there.
What's your point?
A security hole is a security hole is a security hole. Windows and Linux both have them. The fact that more people target Windows does not make it less secure.
Hmm, Mr. Page- is bowing to (oops, I mean, fully cooperating with) Chinese censorship, in the names of market share, "evil"? Is it "best for everyone"?
What other choice did they have? Its not like the choice was between regular Google News and censored Google News. The choice was between censored Google News and the Chinese government blocking Google News completely.
The people of China now have a good news search engine, as opposed to not having a good news search engine. That's best for them.
There is still the Taiwanese and Hong Kong versions of Google News. If Chinese citizens are able to get past their government's Internet censorship, they can get access to that. Those sites are no less accessible than the mainland Chinese version would be if it was not censored by Google.
An increasingly important use for asymmetric encryption is digital signing. A digital signature is the reverse of public key encryption. Just like an ordinary signature it is used to prove the identity of the sender of a message. This can happen in several ways. The simplest is to send a random message as both plaintext and ciphertext. The recipient deciphers the ciphertext version using the published public key and if the two versions match it proves the sender was in possession of the private key.
Basically, they're saying:
I pick a random m, then compute:
c = m^d (mod n)
I give you (c,m) and you verify that c^e=m (mod n)
Their claim is that this proves that I know the private key, d
But, I say:
Pick random c, compute:
m = c^e (mod n)
I give you (c,m), you verify that c^e=m (mod n), and you belive I know the private key, d, which I clearly do not.
When a Linux bug is found, its a triumph of the open-source community. "Look, we had access to the source code, we found a bug, and we fixed it".
When Windows has a bug a comment saying "The bugs aren't in the software. THEY'RE IN THE CORPORATE CULTURE OF THIS PARTICULAR VENDOR" get modded to +5 Insightful.
Another +5 Insightful comment says "I still wouldn't say Microsoft is getting 'better' though. They'd be getting 'better' if the vulnerabilities didn't exist in the first place!"
I wonder what he has to say about this vulnerability existing in the first place.
This patch requires a reboot, right? Kinda funny that nobody complains about it, but in this article, someone says "Of course I like to reboot all the time. Otherwise I would be running Linux" in response to his newly-patched computer asking him if he'd like to reboot.
Have you looked at the higher education system in America? Start with an unbelievably huge price tag, but give more than half the students varying levels of financial aid.
I think thats a good thing. The extra money they get from the rich people make it so colleges are able to accept poor people as well. If you make price discrimination illegal, say goodbye to that policy.
Back before Microsoft was the dominant force in the OS market, do you think they whined about every little problem they encountered? Did they sit around and cry whenever Netscape put up a roadblock for IE?
Microsoft is successful because they try hard. The recent article about Microsoft's failures shows that. They try hard in difficult situations and don't always succeed (something to be proud of, yet the Slashdot community in that article holds that against them, which says an awful lot about the Slashdot community).
If you don't like the situation know, quit whining and do something about it.
SCO claims they own the code, never intentionally GPL'ed it, and anyone who did so did it illegally and without their permission.
If that is true, they have a right to reliscense it under any terms they want, and charge for it.
Of course, that brings up the next interesting point. They are not complying with the terms of the GPL, but are still providing their IP as part of other GPL'ed code. My guess is they won't release the combination themselves, and say "if someone else combined the two, its not our problem". Basically, if the lawyers at the FSF want to do anything about it, all they can do is sue the end-users who combine the two (RH, Debian, etc), even though they have no right to do so in the first place, since they have no right to GPL SCO's IP.
Anyone who likes the GPL (in case you can't tell, I don't) should hope this case is not the test case to prove its validity. If there are 2 conflicting liscenses, and one guy says "I don't care what you do with yours, or how you combine it with mine, all I want is you to pay me if you use mine", and the other guy says "someone somewhere combined the two, and so now my liscense applies to both", who do you think a judge will agree with?
if you believe there can be such a thing as "freedom of speech, but only when I agree," you probably have some thinking to do
There is a huge difference between believing in full freedom of speech, and actually allowing that speech to exist on your own private property.
People are allowed to make speeches about terrible things, things I strongly disagree with, and I will defend their legal right to make such speeches. However, if those same people ask me to post one of their flyers in my home, I'll laugh in their face.
Thats the Freenet problem. I feel they should legally be allowed to make such speeches. I just don't want it stored on my personal computer. I don't care about plausible deniability - if I disagree with it so strongly, I don't want to help distribute it using my personal resources.
All DRM is inherently unbeneficial. Systems such as Pallidum only collude the issue by pertorting to offer benefits to the end user. Want to protect your files? Run PGP.
Yeah, if you want an extremely clunky solution that relies on the user specifically encrypting and decrypting files he wants to protect, but still be able to use once in a while. While you're at it, why don't you run a firewall by having every incoming or outgoing packet pop up on the screen with "yes" and "no" buttons?
I prefer code solutions to human solutions for problems as large-scale, but with easily-defined rules. Code isn't bug free. It will never be bug free. BSD has their solution, by marking virtual pages as "executable" or "memory", and not letting the second run any code. DRM is another (and, in my opinion, more effective) way to implement this abstraction.
Then again, maybe we should just have a dialog box pop up with each assembly instruction with "yes" and "no" buttons, if you think humans can (and should) do this job.
First... sharecropper? No. When I buy a Windows product, its mine. They can't "take it back" or "decide they have a better use for it".
The best you can get away with is there are 2 plots of land available. One is free, the other costs money. Both will become obsolete in a couple of years and you'll have to buy new land. They're both in opposite parts of the country, so if you pay for a piece of land, but want your next one to be free, it'll be expensive to carry all your equipment across the country.
However, when buying land, people don't look at just the initial cost. People want to see how much they'll get from the crops, how much it'll cost to maintain the crops, etc. Many companies, when looking at the total cost of ownership, choose Windows, because they believe it to be cheaper.
Also, working for *n*x*?* (don't worry - I added that last bit myself - I have no idea what it means) most likely means you're a slave. Working for someone else, and not getting paid (yes, there are some jobs out there for Unix-types, and maybe even some more for *n*x-types, but certainly not enough to support every employee in the industry).
Slashdot Mirror
How did the moon=green cheese myth start?
When the article says "impossible to take a hash value and recreate the original message", he really means "infeasible to take a hash value and recreate any message that has that hash value".
Of course its absolutely impossible to recreate the original message, since there are multiple messages that hash to that value. But in almost every use of hash functions, creating any other message with the same hash is good enough to be considered "broken". Thankfully, that hasn't happened yet.
It postpones it a lot. Lets say the break is linear in the expansion of the SHA-X algorithm family, so 2^69 break for SHA-1 (160 bits) is equivalent to a 2^110 break in SHA-256 and also equivalent to a 2^220 break in SHA-512.
Thats an awful lot. That means both SHA-256 and SHA-512 are still more secure than SHA-1 ever was even supposed to be. Even if you say this algorithm will become more efficient over time, it would have to go down a lot before SHA-512 is less secure than the (unbroken) SHA-1 was designed to be.
In the near future, I would much rather use SHA-512 (or even SHA-1) than a brand-spankin-new algorithm and all the possibly worse breaks you can find there. You know the saying about the devil you know.
You're still missing the fundamental point. For absolutely any method you come up with that, with the 2^69 algorithm, can break SHA-1 in time X, I can give you a similar method that uses the 2^80 algorithm and breaks SHA-1 in X * 2^11
Or, conversely, if you claim SHA-1 is weak because there is a 2^69 algorithm, using the same method as you, I would claim that SHA-1 was never strong with the 2^80 algorithm. 11 factors of 2 doesn't make or break the security of a system.
It is just wrong to argue that SHA-1 is more than 11 factors of 2 weaker now. It is wrong to argue that more than 16.5 years of its lifetime has been cut out. If you think the algorithm itself (barring breaks like this one) wouldn't have lasted another 16.5 years anyway, that is a completely separate argument. Then you would be agreeing with me that 16.5 years has been lost, and it is now completely dead. I don't think thats true, but again, thats not my point: my point is that, no matter how you slice it, only 16.5 years of life has been removed.
Again, not necessarily true. It is possible that SHA-1 is actually secure against such an attack. An analogy can be made to RSA: it is trivial to create a "collision" (2 different public keys that share a prime factor), but it is still believed to be hard to get a prime factor given just the public key.
Yes, if this paper leads to further work on breaking the other 2 problems, we should look into better algorithms. But that is far away, if ever, and the world isn't going to end tomorrow because someone can create a SHA-1 collision in 2^69 steps instead of 2^80 steps.
No, thats not right.
What you are proposing is having a target hash, H (in your example, the Microsoft PKI certificate), which has a preimage, X, known only to Microsoft. You want to generate another Y such that Y also hashes to H. That problem, as far as we know, still requires brute force computation.
This paper is a completely different problem. It says it is easier to generate X and Y such that both happen to hash to the same value. You don't get to choose what that value is.
The only way this could be abused in a PKI system is if you generate X and Y such that X is your own fraudulent certificate, but Y looks like someone else's certificate, and you actually manage to get someone else to have VeriSign sign the Y certificate. If you succeed in that, both your certificate and their certificate will look the "same" to the browser, and if VeriSign signs their certificate, yours will appear valid as well.
However, if you can successfully go up to Microsoft and say "hey, I've got this certificate, Y, with all your information filled out - could you run down to VeriSign and get them to sign it for you?", there is a much more fundamental problem.
You wouldn't even need to know X - you gave Microsoft Y, and so you have Y, the actual preimage to the certificate you are trying to break.
So no, there is no risk here at all. The only possible risk is from the substitution method I described - where the adversary knows both X and Y, and can substitute one for the other without an honest third party realizing. Any scheme, such as PKI, where the adversary does not know X or Y is still perfectly secure.
Yes, that is true. But how much faster? I doubt they'll shave more than another 11 factors of 2 off just by optimizing the same algorithm.
The brute-force algorithm can definitely be parallelized. Thus, you're still not shaving off more than 16.5 years from the life expectancy.
Yep, computing power doubles every 1.5 years, just as I said. And yet again, that means 11 factors of 2 saves you 16.5 years of increased computing power.
Not true at all. If I give you a black box that spits out a collision every time you push a button, you still can't "tweak" a document to make it match a target hash value any better than brute force. These are two completely separate problems.
As others have pointed out, I can create 2 documents, X and Y, have a target sign one, then substitute the other. His digital signature will be valid for both. Great - it takes only 2^69 attempts to get a collision - I'm sure the chances that the X and Y found will both be valid English documents, one of which I could convince a target to sign, the other allowing me to scam him out of enough money to make the whole ordeal worthwhile.
However, people keep copies of what they sign. Even if I did find a collision, and even if both documents were valid English text, the guy could say "I didn't sign Y - look, my signature is valid for X - he scammed me". Great.
The more likely scenario is someone signing their own document, then claiming it was fraudulent. They could create their own X and Y, sign X that somehow involves another party, then claim they actually signed Y and this other party was the scammer. But they still have to find X and Y in 2^69 steps such that both make logical sense in the English language - no simple task.
This is cool in a theoretical sense, but in a practical sense, its like saying you don't need a million monkeys on a million typewriters typing for a million years to generate Shakespeare; it'll only take 999,999 monkeys on 999,999 typewriters...
Or, to go back to the theoretical world: with processor speeds doubling every 1.5 years, and this team shaving 11 factors of 2 off of the break time, the lifetime of SHA-1 just shortened by about 16.5 years. Not quite the end of the world as we know it.
Step 1: Break SHA-1
Step 2: ?
Step 3: Profit!
You're right - Everyone should switch to Avast immediately so everyone is not using the same product! Uh... wait...
My point, all along, has been that both Linux and Windows are not secure if the user doesn't know what he's doing, and that both of them can be very secure if the user does know what he's doing. You said that exact same thing above.
Both systems have exploits. Even Apache that isn't run as root can result in a remote-root exploit via a combination Apache exploit and priviledge escalation exploit. All of these things exist in Linux. There is absolutely nothing in the fundamental architecture of Linux that protects against buffer overflow attacks.
My mom and dad don't run IIS or Apache. They don't know how to secure their Windows box, which is why people write worms for known Windows security holes - they know there are a ton of people out there who don't patch their systems.
I do know how to maintain an XP machine, which is why I've never been infected with a virus, adware, or spyware.
If you reverse the situation: give my parents a Linux box, and you a Windows box, they still wouldn't know how to secure the Linux box and you would still be virus-free. If Linux had 95% of the market share for non-computer-literate users, people would target known security holes there.
In fact, Linux compared to XP with SP2 is harder to teach a non-tech-savvy person to secure. My parents machine automatically downloads and installs updates, and pops up a little message telling them when to reboot. Annoying, yes, but dirt-simple to follow those instructions.
And the reason the IIS worms are out there, even though Apache has the lead in actual web servers, is because IIS is still on a lot of home machines. Thats yet another problem with Windows (my point all along is that Windows and Linux both have major problems - not that Windows is good). If it was possible for my parents to accidentally install and turn on Apache on their home machines, there would be just as many worms for that.
You're completely missing my point. I am saying that Windows is no more or less secure than Linux - its popularity makes people attack it more which results in its users being more vulnerable, but that doesn't mean the software that runs it all is inherently less secure. You're telling me that even if Linux was popular, it wouldn't really be popular (read: most code wouldn't be on 95% of computers). You're right, but that doesn't change my point: that if the same code was on 95% of computers, it would be exploited just as much as Windows.
Their markets don't consist of my mom and dad. Thats why Windows is targetted and not Linux - you know how to protect your Linux machine, my parents don't know how to secure their Windows machine. If you reversed the software, you'd have the same result - you know how to secure Windows (I know I do - no adware or spyware in several years of running it) and my parents don't know how to secure Linux.
Anticipating and succeeding are completely different. What do you suggest - Microsoft find a mathematical way to prove that there are no buffer overflows in their code? The best minds on the planet can't prove that RSA, AES and SHA-1 are secure, yet everyone (Linux included) uses them for important information. What you're suggesting just isn't feasible, for either Microsoft or Linux, which is why neither of them are free of exploits.
Yet again the knee-jerk Slashdot reaction. I wasn't saying Windows is good. It certainly does have serious problems. I was saying Linux software has equally serious problems, but they just don't get as much popularity because with such a minority in the market, you can't do as much damage with those problems.
I think you have nitpicky issues here.
Perhaps the phrase "A remote root exploit is a remote root exploit is a remote root exploit, and a local root exploit is a local root exploit..." would be more accurate. But I'm lazy, and the non-nitpicky readers understood exactly what I meant.
What you say is just ridiculous because it hints at the idea that Linux doesn't have remote root exploits, only Windows does, which is just plain wrong.
You're right about the administrator problem, but you've got it backwards with the exploits. If you look at the dates when Microsoft releases a major security update and when a worm/virus begins to exploit it (Blaster is a good example), you'll see that the worms come a few days after the patch. The most likely scenario is that virus writers reverse engineer the patch to figure out the problem and exploit it.
Contrast this to Linux: If you find an exploit, the culture is full discloser, including sample code that uses the exploit. Yes, it gets fixed soon after, but you still have the exploit before the patch.
Maybe you meant Windows users get exploited before they apply the patch, whereas Linux users generally apply the patch before anyone attempts to exploit them. That's just a factor of Linux users being better at updating their system when they're supposed to, and fewer people targetting Linux because of that very same reason.
A Windows machine with automatic download/installation of updates, that is reboot when its supposed to (yes, another fault that adds to the problem of users not updating when they should) has a tiny chance of being exploited - no more or less than a patched Linux box.
And if you didn't boot into Linux for many months resulting in lots of unpatched security holes, and there were a ton of people trying to attack Linux boxes because Linux controlled 95% of the market, you'd have the same experience there.
What's your point?
A security hole is a security hole is a security hole. Windows and Linux both have them. The fact that more people target Windows does not make it less secure.
What other choice did they have? Its not like the choice was between regular Google News and censored Google News. The choice was between censored Google News and the Chinese government blocking Google News completely.
The people of China now have a good news search engine, as opposed to not having a good news search engine. That's best for them.
There is still the Taiwanese and Hong Kong versions of Google News. If Chinese citizens are able to get past their government's Internet censorship, they can get access to that. Those sites are no less accessible than the mainland Chinese version would be if it was not censored by Google.
Basically, they're saying:
I pick a random m, then compute:
c = m^d (mod n)
I give you (c,m) and you verify that c^e=m (mod n)
Their claim is that this proves that I know the private key, d
But, I say:
Pick random c, compute:
m = c^e (mod n)
I give you (c,m), you verify that c^e=m (mod n), and you belive I know the private key, d, which I clearly do not.
Its a product that won't hit the shelves for 2 years. It was compiled in debug mode - of course its going to be a resource hog.
When Windows has a bug a comment saying "The bugs aren't in the software. THEY'RE IN THE CORPORATE CULTURE OF THIS PARTICULAR VENDOR" get modded to +5 Insightful.
Another +5 Insightful comment says "I still wouldn't say Microsoft is getting 'better' though. They'd be getting 'better' if the vulnerabilities didn't exist in the first place!"
I wonder what he has to say about this vulnerability existing in the first place.
This patch requires a reboot, right? Kinda funny that nobody complains about it, but in this article, someone says "Of course I like to reboot all the time. Otherwise I would be running Linux" in response to his newly-patched computer asking him if he'd like to reboot.
I think thats a good thing. The extra money they get from the rich people make it so colleges are able to accept poor people as well. If you make price discrimination illegal, say goodbye to that policy.
Microsoft is successful because they try hard. The recent article about Microsoft's failures shows that. They try hard in difficult situations and don't always succeed (something to be proud of, yet the Slashdot community in that article holds that against them, which says an awful lot about the Slashdot community).
If you don't like the situation know, quit whining and do something about it.
If that is true, they have a right to reliscense it under any terms they want, and charge for it.
Of course, that brings up the next interesting point. They are not complying with the terms of the GPL, but are still providing their IP as part of other GPL'ed code. My guess is they won't release the combination themselves, and say "if someone else combined the two, its not our problem". Basically, if the lawyers at the FSF want to do anything about it, all they can do is sue the end-users who combine the two (RH, Debian, etc), even though they have no right to do so in the first place, since they have no right to GPL SCO's IP.
Anyone who likes the GPL (in case you can't tell, I don't) should hope this case is not the test case to prove its validity. If there are 2 conflicting liscenses, and one guy says "I don't care what you do with yours, or how you combine it with mine, all I want is you to pay me if you use mine", and the other guy says "someone somewhere combined the two, and so now my liscense applies to both", who do you think a judge will agree with?
There is a huge difference between believing in full freedom of speech, and actually allowing that speech to exist on your own private property.
People are allowed to make speeches about terrible things, things I strongly disagree with, and I will defend their legal right to make such speeches. However, if those same people ask me to post one of their flyers in my home, I'll laugh in their face.
Thats the Freenet problem. I feel they should legally be allowed to make such speeches. I just don't want it stored on my personal computer. I don't care about plausible deniability - if I disagree with it so strongly, I don't want to help distribute it using my personal resources.
All DRM is inherently unbeneficial. Systems such as Pallidum only collude the issue by pertorting to offer benefits to the end user. Want to protect your files? Run PGP.
Yeah, if you want an extremely clunky solution that relies on the user specifically encrypting and decrypting files he wants to protect, but still be able to use once in a while. While you're at it, why don't you run a firewall by having every incoming or outgoing packet pop up on the screen with "yes" and "no" buttons?
I prefer code solutions to human solutions for problems as large-scale, but with easily-defined rules. Code isn't bug free. It will never be bug free. BSD has their solution, by marking virtual pages as "executable" or "memory", and not letting the second run any code. DRM is another (and, in my opinion, more effective) way to implement this abstraction.
Then again, maybe we should just have a dialog box pop up with each assembly instruction with "yes" and "no" buttons, if you think humans can (and should) do this job.
First... sharecropper? No. When I buy a Windows product, its mine. They can't "take it back" or "decide they have a better use for it".
The best you can get away with is there are 2 plots of land available. One is free, the other costs money. Both will become obsolete in a couple of years and you'll have to buy new land. They're both in opposite parts of the country, so if you pay for a piece of land, but want your next one to be free, it'll be expensive to carry all your equipment across the country.
However, when buying land, people don't look at just the initial cost. People want to see how much they'll get from the crops, how much it'll cost to maintain the crops, etc. Many companies, when looking at the total cost of ownership, choose Windows, because they believe it to be cheaper.
Also, working for *n*x*?* (don't worry - I added that last bit myself - I have no idea what it means) most likely means you're a slave. Working for someone else, and not getting paid (yes, there are some jobs out there for Unix-types, and maybe even some more for *n*x-types, but certainly not enough to support every employee in the industry).
I prefer sharecropping to slavery.