Person A implements control X. Person B independently reviews it, checks for backdoors, etc. Person C builds the software on machine Y. Person D deploys the software in production. Person E generates the necessary keys and puts them on machine Z and in the safe (to avoid inadvertent data loss)....
I certainly don't trust my IT staff.
Are you sure? You've built a chain of trust of 5 people and the only real auditting is done by B on A's work. All it looks like you've done is add more people to the mix, not increased your security.
No one checks B's work. No one checks C built code approved by B. No one checks D deployed C's build. No one checks E to ensure he didn't make a personal copy of the keys.
Don't trust A? Fine. But now do you trust B, C, D, & E? If you don't then how do you rectify this? Your "audit trail" has done nothing but expand your untrust from 1 to 5 people.
Let me put it another way. If you want to keep a secret then under what scenario is it most likely to not be kept: tell one person or tell five people? Now, if you don't trust one person to keep the secret then telling four more people doesn't make that secret any more safe.
After skimming the article I get their point that, basically, you shouldn't trust your IT staff. So my question is then who do you get to implement the suggested nine ways? If you say "the IT staff" then WTF is the point? If not the IT staff then who? The board? Hah! The secretaries? Hah!
I guess that leaves a 3rd party solution (read: consultants) and if your company trusts outsiders more than your own employees then there are bigger problems to solve.
And I have just the process for you to solve those bigger problems! Just buy my book or pay my consulting fees and I will personally guide you through the process.
Any professional writer will look at this and say, POD and vanity press stuff does not count as being published. And they will be right. Just because you can gather the scratch needed to print something does not mean you will find yourself on Oprah's book club. It's still all about distribution and marketing.
You'll excuse me if I find this mentality quite on par with the music and movie industries. I really have little desire to explain myself simply because I think I'd be preaching to the choir. In short, however, the internet I think can make a dent in this mentality if not overcome it. Things haven't matured enough, IMHO, to make a foregone conclusion either way but I thought it was worth pointing out.
It would seem to me that the reason DIY book making could be getting cheaper is better printers. The easier and faster it is to print something the cheaper and more flexible you become for DIY books.
The article is severly lacking in juicy technical details but if you had a printer that would not only print the pages but bind it and put a dust jacket on it then the difference between printing 10,000 different books and 10,000 copies of one book is zero.
That's my hunch. The easier and faster printers become to do this sort of thing, the cheaper DIY printing will become. Anyone with actual technical knowledge about the printers behind the scenes care to chime in?
Would this not be the step beyond assembly line production? You can completely customize the output without sacrificing the ability to make duplicates. Next step: rapid prototyping of 3-D objects done in similar high-volume custom jobs.
If the researchers could develop a long timescale atmospheric simulator that could replicate this data, then maybe they could predict general trends 30 years into the future.
The weather is a stochastic system with a limited set of known patterns. Extrapolation doesn't work so well with such systems. If it did the stock market would be closed because the risk would go to near zero.
On the other hand, I would be interested to see how well their algorithms would predict today's weather from only -30 years, -20 years, -10 years, or -5 years from now. If they can't do good at all for predicting today then 2036 prediction will be meaningless.
The release of Vista has since been delayed again and is now scheduled for November for large customers and January 2007 for the general public, though some observers say it may be out even later.
So MS has was founded just over 31 years ago. Wouldn't a company that has spanned that many decades have a better understanding of software engineering and have a better grasp at making deadlines? I just don't get it. I'm not a fan of MS, but I'm trying to look past that: I just don't get how they can keep underestimating Vista the way they are.
High-Bandwidth Digital Content Protection (HDCP) "protects" DVI & HDMI interfaces but for this to work on a regular PC then the OS has to be in on the deal as well, right? So if a drive and video card support the devil that is HDCP, does this "back door" work if the OS is in on the HDCP? I would venture a "no" on that one.
Taking print screens is a weak solution, but a solution nonetheless. All it takes is one person to have the patience or scripting skills to automate this for a copy to hit the internet. One. That's the problem with DRM in that it may deter most people but to be totally effective it requires determent of everyone. Feeding millions of individual frames to an encoder is not beyond some people, I'm sure. Especially since hollywood raised the stakes.
If this is a back door, then it's one of those miniature clown doors. When someone figures out a way to completely strip out AACS (like what was done with CSS) then we can call AACS hacked and laugh again at the never-winable battle that is DRM.
DRM is unwinable because you have to give the decryption key to the user so that they can use the product. If you don't give them the key then they can't use it. So DRM gives the encrypted data and the decryption key to the user every time.
I assume by virtue of inclusion that the bit about growing chickens in higher gravity yields stronger muslces and bigger bones is of some surprise. Why would you not think biology has feedback? I know we humans like to pride outselves on things we invent but mother nature has been at it for many more years.
Your respiratory rate is determined by the level of carbon dioxide present in your blood (not oxygen). Feedback.
Your heart rate has a normal rate but can be altered by hormones like adrenaline (fight-or-flight response). Feedback....in a more long-about sort of way.
Blood glucose levels plays a part in hunger which leads to eating which restores glucose. Feedback.
Immobility or lack of exercise can lead to atrophy of the muscles but can be restored by using them. Feedback.
Astronauts have to exercise in microgravity to also prevent atrophy. Feedback.
So if a chicken grows up in high gravity then why shouldn't it have higher muscle strength and bigger bones.
Nevermind the bulk of the/. summary is about the chicken when the chicken part is only at the end of the article, but thought I'd point it out. It seemed rather shocking to eieken to warrant dominating the summary about the chicken.
I remember reading back many moons ago that photo software (Photoshop for one I believe) recognized money and refused to work with it on the chance the user might be trying to counterfeit it (never mind the number of legal uses for doing such a thing). I sure hope that that algorithm made it into this gadget but instead to recognize both the currency and amount.
Ok, I guess I'm a bad geek or something. I just never watched Futurama. Perhaps because I can't stand ads so I rarely watch TV to begin with.
That said, I didn't watch Futurama until I downloaded some episodes quite some time since the first run was cancelled. Then I downloaded the entire series and watched them. Now I own all four volumes on DVD and am looking forward to the next run.
Maybe this example is the exception and not the rule, but the fact of the matter is that my "piracy" or "illegal download" led to Fox getting some cash out of my pocket for the DVD. Cash that they would not have gotten otherwise. At the end of the day, I don't care what the AP says or does not say: piracy has caused me to spend more money than I would have without it. I'm tired of crappy entertainment or lack of creative writing talent ([sarcasm]I can't *WAIT* for the remake of the revenge of the nerds[/sarcasm]). I want to use it and then decide if it's worth my money: if not I move on; if so I buy it.
If I can't do that then I'll abandon/boycott/ignore the whole damn thing until I can. It's like being in the matrix and taking the red pill: once you snap out of the mindless, lemming-like world of the MPAA/RIAA/whatever-there-is-for-TV-networks-AA you take note of how crappy it was being Thomas A. Anderson.
And I'll watch nothing but TV ads & infomercials before I get suckered into the "you don't really own X any more and you have to pay $1.99 ever time you want to watch it." Sorry, but fuck that. Keep your damn blue pill.
Hoover Dam is 2074 megawatts and nuclear is between 600 and 1200 MW. So drop your figures by a factor of 20 for Hoover Dam: 36 hoover dams for xbox 360; 1 Hoover Dam for PS.
And the astute observer would note that I didn't add in the factor of 1000 for going from kilowatt to megawatt. So that's 1/50 of a Hoover Dam for xbox 360 and 1/1000 for PS.
I wish the future of cell phones was more like the past, just smaller. You know, a phone that's just a phone but fits in my pocket comfortably. Why do they make me feel like I'm asking for too much?
What about exploiting short-range wireless tech like blue tooth? Each device has its own storage. If you connect it to a storage unit then your phone can store your address book on it. Connect a camera to the storage device & your phone and you can store it on there or ship it to your phone to send to someone. Perhaps connect your iPod into the scheme and store music on your storage device, have it auto-pause on incoming call, and all heard over your wireless headphones/headset?
Why not? Because Nokia/Samsung/Motorola/etc., Maxtor/Western Digital/etc., Apple/Creative/etc. want to dominate as much as possible and do not make interworking products. Kind of like why you can't yank the engine out of a Ford Escort and drop it into a Honda Accord. They all gotta make it different because "We're Right (TM)".
Phones are finally getting wireless headsets. Maybe iPods will start working with the same headsets. Then we might see an auto-pause feature. I suppose there's hope...
Imagine a world where you have Craftsman screw heads, Snap-On screw heads, and Black & Decker screw heads. No more of this "slotted" or "phillips" screw head stuff. You gotta buy the screw driver from each brand so that you can use each screw head and non interoperate. The repeat for different purposed heads: torx, square, etc. *shudders*
In related news, FedEx & UPS push for an IP ac
on
New IP Treaty Looming?
·
· Score: 4, Interesting
In related news, FedEx & UPS join forces to get the FedUPS Act of 2006 passed that would give transportation companies intellectual claim to every copyrighted material they transport.
Seriously, why should FedEx or UPS lay claim on a book they transport? Why is a (TV) broadcaster any more special because they transmit a signal? Cuz they put there little logo in the bottom right? Or because they do all kinds of fancy pop-outs that advertise other shows?
Neither FedEx nor a broadcaster do anything original, why do they get protection from Big Brother?
If you put a sign in your front yard...you shouldn't act too surprised when the government reads it.
Except everyone else walking by my yard doesn't have access to my bank accounts, credit history, phone records, tax forms, airplane travel, etc. All that private stuff that no one has any business in seeing. As far as I'm concerned: "no one" includes any governmental entity that doesn't directly deal with that information.
Sure, the IRS has business in my tax forms but not my bank accounts.
Sure, the FDIC has business in my bank accounts when my bank is robbed but not my phone records.
Sure, [Verizon|Qwest|Cingular|Sprint|] has business in my phone records but not my airplane travel.
Nevermind that a) a full-force invasion into the public's lives will not stop terrorism and b) is an incredible huge drain of money.
Though, my history books say we've always been at war with terrorism but I swear it once mentioned something about communism. Good thing my history book is revised every year with free trade-in-copies-for-newer-versions so its never outdated!
PNG is only lossless compression so I suppose it's only natural to switch to a file format that can be either lossless or lossy...
You do realize that JPEG can be lossless, right? Just completely skip the quantization step (or, equivalently, use a quantization matrix of ones) and you've got lossless. It's all in the Q matrix.
Secondly, as Mr. Krakow points out, it's a Beta. Do we all know the concept of that word?
I take it that you don'tworkforgoogle? As far as all the linked services go, I don't ever seem to have your typical "beta problems" like crashing every 10 minutes. My point? Beta depends on who you talk to and the "concept" no longer means what it used to mean. Especially as google extends its grasp on the world.
How much software of today is "beta"? Why spend developer time debugging when you can make your clients do it for you.
Is that really a bubble though? Health care hasn't reached absurd levels because of positive-feedback of speculation. Pending disaster? Milking a demographic for everything you can (wait, since when is this NOT the norm)? Sure, but I don't think that's a bubble.
What would be good to see (if it doesn't already exist) is a fine for anyone submitting a dodgy patent
My beef with that is it penalizes and discourages an honest patent (you call it a "fine") by lumping it with a patent intentionally filed that duplicates another patent. The alternative is to sift through all the patents in existance yourself. Or pay someone money to do it for you.
Why shouldn't the filing fee of a patent include checking to determine uniqueness? I would expect the USPTO to not issue a patent to someone else for something I've done, so I would expect the USPTO to issue me a patent for something someone else has already done?
If [Tanenbaum] could produce a kernel set up with all the bells and whistles of Linux, which is the same speed and demonstrably more secure, I'd use it.
The irony here is that Tanenbaum wrong Minix and Linus wrote Linux because Tanenbaum wouldn't add features to Minix. The option you seek was a choice to Tanenbaum over 15 years ago and he chose not to follow it. He can always take the other path at the fork in the road, but Linux has made some serious grooves and it's anyone's guess if Tanenbaum (or anyone) could take it on successfully. Impossible? Certainly not.
...but nothing beats using the best quality, industrial-strength (tm) bits to start with...
For those not in the industry sector but in information technology sector, are those the same as the Best Information Technology Strength (BITS) bits? I've used BITS bits before and they were solid and performed quite well.
The Big Unsigned Superior Technology bits are the best choice for the adult entertainment sector. They're so successful that I hear its those bits that dominate the internet and slashdotters' hard drives, mobile phones, CD-R stacks, and push the capacity of their Tivo/MythTV. I wish I had the patent on those bits!
Slashdot Mirror
Are you sure? You've built a chain of trust of 5 people and the only real auditting is done by B on A's work. All it looks like you've done is add more people to the mix, not increased your security.
No one checks B's work.
No one checks C built code approved by B.
No one checks D deployed C's build.
No one checks E to ensure he didn't make a personal copy of the keys.
Don't trust A? Fine. But now do you trust B, C, D, & E? If you don't then how do you rectify this? Your "audit trail" has done nothing but expand your untrust from 1 to 5 people.
Let me put it another way. If you want to keep a secret then under what scenario is it most likely to not be kept: tell one person or tell five people? Now, if you don't trust one person to keep the secret then telling four more people doesn't make that secret any more safe.
After skimming the article I get their point that, basically, you shouldn't trust your IT staff. So my question is then who do you get to implement the suggested nine ways? If you say "the IT staff" then WTF is the point? If not the IT staff then who? The board? Hah! The secretaries? Hah!
I guess that leaves a 3rd party solution (read: consultants) and if your company trusts outsiders more than your own employees then there are bigger problems to solve.
And I have just the process for you to solve those bigger problems! Just buy my book or pay my consulting fees and I will personally guide you through the process.
You'll excuse me if I find this mentality quite on par with the music and movie industries. I really have little desire to explain myself simply because I think I'd be preaching to the choir. In short, however, the internet I think can make a dent in this mentality if not overcome it. Things haven't matured enough, IMHO, to make a foregone conclusion either way but I thought it was worth pointing out.
It would seem to me that the reason DIY book making could be getting cheaper is better printers. The easier and faster it is to print something the cheaper and more flexible you become for DIY books.
The article is severly lacking in juicy technical details but if you had a printer that would not only print the pages but bind it and put a dust jacket on it then the difference between printing 10,000 different books and 10,000 copies of one book is zero.
That's my hunch. The easier and faster printers become to do this sort of thing, the cheaper DIY printing will become. Anyone with actual technical knowledge about the printers behind the scenes care to chime in?
Would this not be the step beyond assembly line production? You can completely customize the output without sacrificing the ability to make duplicates. Next step: rapid prototyping of 3-D objects done in similar high-volume custom jobs.
The weather is a stochastic system with a limited set of known patterns. Extrapolation doesn't work so well with such systems. If it did the stock market would be closed because the risk would go to near zero.
On the other hand, I would be interested to see how well their algorithms would predict today's weather from only -30 years, -20 years, -10 years, or -5 years from now. If they can't do good at all for predicting today then 2036 prediction will be meaningless.
So MS has was founded just over 31 years ago. Wouldn't a company that has spanned that many decades have a better understanding of software engineering and have a better grasp at making deadlines? I just don't get it. I'm not a fan of MS, but I'm trying to look past that: I just don't get how they can keep underestimating Vista the way they are.
High-Bandwidth Digital Content Protection (HDCP) "protects" DVI & HDMI interfaces but for this to work on a regular PC then the OS has to be in on the deal as well, right? So if a drive and video card support the devil that is HDCP, does this "back door" work if the OS is in on the HDCP? I would venture a "no" on that one.
Taking print screens is a weak solution, but a solution nonetheless. All it takes is one person to have the patience or scripting skills to automate this for a copy to hit the internet. One. That's the problem with DRM in that it may deter most people but to be totally effective it requires determent of everyone. Feeding millions of individual frames to an encoder is not beyond some people, I'm sure. Especially since hollywood raised the stakes.
If this is a back door, then it's one of those miniature clown doors. When someone figures out a way to completely strip out AACS (like what was done with CSS) then we can call AACS hacked and laugh again at the never-winable battle that is DRM.
DRM is unwinable because you have to give the decryption key to the user so that they can use the product. If you don't give them the key then they can't use it. So DRM gives the encrypted data and the decryption key to the user every time.
I assume by virtue of inclusion that the bit about growing chickens in higher gravity yields stronger muslces and bigger bones is of some surprise. Why would you not think biology has feedback? I know we humans like to pride outselves on things we invent but mother nature has been at it for many more years.
/. summary is about the chicken when the chicken part is only at the end of the article, but thought I'd point it out. It seemed rather shocking to eieken to warrant dominating the summary about the chicken.
Your respiratory rate is determined by the level of carbon dioxide present in your blood (not oxygen). Feedback.
Your heart rate has a normal rate but can be altered by hormones like adrenaline (fight-or-flight response). Feedback....in a more long-about sort of way.
Blood glucose levels plays a part in hunger which leads to eating which restores glucose. Feedback.
Immobility or lack of exercise can lead to atrophy of the muscles but can be restored by using them. Feedback.
Astronauts have to exercise in microgravity to also prevent atrophy. Feedback.
So if a chicken grows up in high gravity then why shouldn't it have higher muscle strength and bigger bones.
Nevermind the bulk of the
I remember reading back many moons ago that photo software (Photoshop for one I believe) recognized money and refused to work with it on the chance the user might be trying to counterfeit it (never mind the number of legal uses for doing such a thing). I sure hope that that algorithm made it into this gadget but instead to recognize both the currency and amount.
Ok, I guess I'm a bad geek or something. I just never watched Futurama. Perhaps because I can't stand ads so I rarely watch TV to begin with.
That said, I didn't watch Futurama until I downloaded some episodes quite some time since the first run was cancelled. Then I downloaded the entire series and watched them. Now I own all four volumes on DVD and am looking forward to the next run.
Maybe this example is the exception and not the rule, but the fact of the matter is that my "piracy" or "illegal download" led to Fox getting some cash out of my pocket for the DVD. Cash that they would not have gotten otherwise. At the end of the day, I don't care what the AP says or does not say: piracy has caused me to spend more money than I would have without it. I'm tired of crappy entertainment or lack of creative writing talent ([sarcasm]I can't *WAIT* for the remake of the revenge of the nerds[/sarcasm]). I want to use it and then decide if it's worth my money: if not I move on; if so I buy it.
If I can't do that then I'll abandon/boycott/ignore the whole damn thing until I can. It's like being in the matrix and taking the red pill: once you snap out of the mindless, lemming-like world of the MPAA/RIAA/whatever-there-is-for-TV-networks-AA you take note of how crappy it was being Thomas A. Anderson.
And I'll watch nothing but TV ads & infomercials before I get suckered into the "you don't really own X any more and you have to pay $1.99 ever time you want to watch it." Sorry, but fuck that. Keep your damn blue pill.
A 20 year sentence would ahve effectively been life for a man of his age...
A negative 2 month, 6 day sentence was effectively a life sentence for him.
Hoover Dam is 2074 megawatts and nuclear is between 600 and 1200 MW. So drop your figures by a factor of 20 for Hoover Dam: 36 hoover dams for xbox 360; 1 Hoover Dam for PS.
And the astute observer would note that I didn't add in the factor of 1000 for going from kilowatt to megawatt. So that's 1/50 of a Hoover Dam for xbox 360 and 1/1000 for PS.
Meh, it's Sunday morning...
Hoover Dam is 2074 megawatts and nuclear is between 600 and 1200 MW. So drop your figures by a factor of 20 for Hoover Dam: 36 hoover dams for xbox 360; 1 Hoover Dam for PS.
What about exploiting short-range wireless tech like blue tooth? Each device has its own storage. If you connect it to a storage unit then your phone can store your address book on it. Connect a camera to the storage device & your phone and you can store it on there or ship it to your phone to send to someone. Perhaps connect your iPod into the scheme and store music on your storage device, have it auto-pause on incoming call, and all heard over your wireless headphones/headset?
Why not? Because Nokia/Samsung/Motorola/etc., Maxtor/Western Digital/etc., Apple/Creative/etc. want to dominate as much as possible and do not make interworking products. Kind of like why you can't yank the engine out of a Ford Escort and drop it into a Honda Accord. They all gotta make it different because "We're Right (TM)".
Phones are finally getting wireless headsets. Maybe iPods will start working with the same headsets. Then we might see an auto-pause feature. I suppose there's hope...
Imagine a world where you have Craftsman screw heads, Snap-On screw heads, and Black & Decker screw heads. No more of this "slotted" or "phillips" screw head stuff. You gotta buy the screw driver from each brand so that you can use each screw head and non interoperate. The repeat for different purposed heads: torx, square, etc. *shudders*
In related news, FedEx & UPS join forces to get the FedUPS Act of 2006 passed that would give transportation companies intellectual claim to every copyrighted material they transport.
Seriously, why should FedEx or UPS lay claim on a book they transport? Why is a (TV) broadcaster any more special because they transmit a signal? Cuz they put there little logo in the bottom right? Or because they do all kinds of fancy pop-outs that advertise other shows?
Neither FedEx nor a broadcaster do anything original, why do they get protection from Big Brother?
If you put a sign in your front yard...you shouldn't act too surprised when the government reads it.
Except everyone else walking by my yard doesn't have access to my bank accounts, credit history, phone records, tax forms, airplane travel, etc. All that private stuff that no one has any business in seeing. As far as I'm concerned: "no one" includes any governmental entity that doesn't directly deal with that information.
Sure, the IRS has business in my tax forms but not my bank accounts.
Sure, the FDIC has business in my bank accounts when my bank is robbed but not my phone records.
Sure, [Verizon|Qwest|Cingular|Sprint|] has business in my phone records but not my airplane travel.
Nevermind that a) a full-force invasion into the public's lives will not stop terrorism and b) is an incredible huge drain of money.
Though, my history books say we've always been at war with terrorism but I swear it once mentioned something about communism. Good thing my history book is revised every year with free trade-in-copies-for-newer-versions so its never outdated!
PNG is only lossless compression so I suppose it's only natural to switch to a file format that can be either lossless or lossy...
You do realize that JPEG can be lossless, right? Just completely skip the quantization step (or, equivalently, use a quantization matrix of ones) and you've got lossless. It's all in the Q matrix.
Secondly, as Mr. Krakow points out, it's a Beta. Do we all know the concept of that word?
I take it that you don't work for google? As far as all the linked services go, I don't ever seem to have your typical "beta problems" like crashing every 10 minutes. My point? Beta depends on who you talk to and the "concept" no longer means what it used to mean. Especially as google extends its grasp on the world.
How much software of today is "beta"? Why spend developer time debugging when you can make your clients do it for you.
The new bubble? It's healthcare, baby.
Is that really a bubble though? Health care hasn't reached absurd levels because of positive-feedback of speculation. Pending disaster? Milking a demographic for everything you can (wait, since when is this NOT the norm)? Sure, but I don't think that's a bubble.
Ok, subject is play on a TV show but seriously, get me out of here......except I don't know where to go.
Sealand my only choice? What is the most libertarian friendly country (as in laws are more libertarian, not tolerant of lib. ideas) in the world?
Granted the poll only surveyed 502 people (link somewhere in all these comments), but still.
...it can be proven beyond reasonable doubt.
"reasonable doubt" is a legal term, not a scientific one.
What would be good to see (if it doesn't already exist) is a fine for anyone submitting a dodgy patent
My beef with that is it penalizes and discourages an honest patent (you call it a "fine") by lumping it with a patent intentionally filed that duplicates another patent. The alternative is to sift through all the patents in existance yourself. Or pay someone money to do it for you.
Why shouldn't the filing fee of a patent include checking to determine uniqueness? I would expect the USPTO to not issue a patent to someone else for something I've done, so I would expect the USPTO to issue me a patent for something someone else has already done?
If [Tanenbaum] could produce a kernel set up with all the bells and whistles of Linux, which is the same speed and demonstrably more secure, I'd use it.
The irony here is that Tanenbaum wrong Minix and Linus wrote Linux because Tanenbaum wouldn't add features to Minix. The option you seek was a choice to Tanenbaum over 15 years ago and he chose not to follow it. He can always take the other path at the fork in the road, but Linux has made some serious grooves and it's anyone's guess if Tanenbaum (or anyone) could take it on successfully. Impossible? Certainly not.
...but nothing beats using the best quality, industrial-strength (tm) bits to start with...
For those not in the industry sector but in information technology sector, are those the same as the Best Information Technology Strength (BITS) bits? I've used BITS bits before and they were solid and performed quite well.
The Big Unsigned Superior Technology bits are the best choice for the adult entertainment sector. They're so successful that I hear its those bits that dominate the internet and slashdotters' hard drives, mobile phones, CD-R stacks, and push the capacity of their Tivo/MythTV. I wish I had the patent on those bits!
Some things you may consider:
Last but definitely not least and is kind of an either-or: