All it needs is a modified kernel to disable those debugger-preventing or -discovering tricks. Then it's child play again. For Unices, it's trivial to modify the sources; for NT some binary patch is just a matter of time; and for virtualizers, it's even easier. I could easily imagine good debuggers providing kernel modules or drivers just for this purpose.
Some legacy equipment (routers, terminal switches, etc...) still needs to be telnetted into (though netcat would be perfectly fine too). So there's a use for a telnet client. But why a telnet server on Solaris 10?
That's why all my FreeBSD machines have a password-less police user account with a UID of 0. I just keep forgetting to allow root logins per ssh, but that's not my fault, officer.
Confidentiality comes to mind. Sometimes, you prefer to have your server contact the recipient's server directly via TCP rather than relaying stuff through ISPs mailhost. Of course, it makes only sense when using end-to-end encryption as well (PGP).
And even if ISP can't read PGP traffic, they can still do some cheap traffic analysis if you relay through their server. They could do this as well at the TCP layer; but that's not as trivial to set up than simply analyzing mailhost's logfiles...
Seriously. HAM operators have already launched radio relay satellites in the past; and there's nothing preventing us from doing something similar as a grassroots movement. We may even be able to read some imagery in real-time. By licensing the image stream and database similarly to Wikipedia (cc-by-sa, gfdl,...) we'd stay true to our open source credo and spirit. Much better than the crippleware commercial offerings of Google and others anyway! Competition and verifiability will keep them honest as well.
Let's just make sure to have the main satellite operation center and a few relays in countries that don't promote censorship; perhaps on a pacific island, in a desert etc... Oh, and a few reflecting surfaces and other defensive means to protect against chinese killer satellites would be a good idea too.
Financing this is would also be quite easy, I suppose. How about selling news agencies and TV networks priority slots to cover a regional crisis, wars and other events in near-real time; something they won't get from commercial operators even for big bucks?
Science doesn't need our approval as a society to survive. Galileo Galilei being a good example here. Some theories may be unpopular every now and then, but if they're sound, they'll prevail in the end, no matter what.
Interestingly, some religions will also prevail, no matter what; not because they need our approval, but because we -- as a society, or some individuals -- seem to need this way of thinking as well.
And here it starts getting interesting: Science and religion are two highly differing ways to view and interpret the world around us. But while they're differing, they're similar in a disconcerting way:
A person thinking scientifically is highly skeptical and not inclined to accept a scientific theory without proof or at least very compelling evidence.
A person thinking religiously is the very opposite: they tend to believe ideas without skepticism; the more unlikely that idea, the easier will it be adopted.
This is really not meant to be offensive -- and certainly not overgeneralizing --, but sometimes, it looks like science is in itself darwinistic, because theories have to struggle and survive the fiercest criticism before they become commonly accepted. OTOH religion is anti-darwinistic, because religious dogma is not put through the same skeptic mind. So it's no wonder that religion is not on friendly terms with darwinism: it's simply way too far from its way of thinking and working.
We can also see this from a humanistic perspective: when examining the world, we can adopt a skeptic and cautious attitude, or we can sometimes be uncareful and take our beliefs for the truth. We can think scientifically, or we can think religiously. While most of us here are scientists or people studying science, even we sometimes have fits of irrationality. Both tendencies are deep within the human psyche, and that's the reason there is a war of the memes. Perhaps it should be called instead a war of attitudes?
And this is not necessarily bad. We need both ways of thinking. Too much skepticism can be paralyzing at times, while faith can move a mountain. Too much faith can lead us to become lemmings jumping off the cliffs, while science and reason can help us survive. It's a duality that keeps humanity chugging along.
Yup. Fortunately, such developments are cyclic in nature. They come and go. Religious fundamentalism is having its 15 minutes of fame right now (make it more like 15 years or so, but you get the point), and will fade away once people get fed up with it. The few remaining fundies will eventually lose their political omph, and that's it.
From an evolutionary angle, science and (fundamentalist) religion are memes fighting against each other for survival and supremacy... It's a darwinisting world (of species AND ideas) after all.
Actually, most encryption schemes are based on the difficulty of factoring big intergers; even elliptic curves algorithms haven't yet found widespread use outside the crypto community. So assuming that this problem is cracked, nearly every encryption scheme in use today (including all their variants) will break down immediately.
Now, as soon as big mega corps with deep pockets start losing very valuable data because of lost encryption keys ("hardware failures"), they'll get mad about it and will start frantically financing crypto research. Until now, only the likes of NSA can afford big staffs of highly talented cryptoanalysts; but once becoming a cryptoanalyst becomes profitable to mere mortals, cryptology could very well get a huge boost out of it. And with more people doing research in that area, the probability that DH or EC get cracked raises too - who knows? Perhaps even exponentially?
Even if it's illegal in some parts of the "free" world to crack DRM, who cares? Once a few mega corps badly need to recover their DRM-ed/encrypted data, they'll buy better laws through the usual channels. Even the RIAA/MPAA cartell won't be able to stop them then.
To be more precise, Morocco's CNESTEN is also operating a (US) Triga Mark II research reactor near Rabat with full knowledge of and support by the US administration; research that's mainly medical and geared towards operating a commercial power plant that should be built south of Casablanca. It's not yet clear which firms (US, french, russian,...) will get the contract, but it's common public knowledge there.
I concur! It happens all the time, also on occasions where I had prime facie evidence that the facts were reported... let's say, inaccurately, to put it mildly.
Amazingly, it very seldom happens out of malice or bad intentions. Nearly every time news reporters distort the facts out of sheer incompetence and pure carelessness. Sometimes time constraints (time to publish or time to broadcast) also contribute: rushing out a story becomes much more important that double checking (or single cheking!) one's sources and news.
And no, I don't have the faintest idea why things are this way.
It's about DRM. With a closed source driver AND no specs how to access the hardware, vendors like NVidia and ATI can effectively prevent you from displaying (or capturing) material with nasties like MacroVision etc... If they opened the HW-specs, circumventing this crippling feature^Wbug would be easy as pie. Therefore, they don't.
we should have a day against DMCA, not a day against DRM.
There's an even bigger problem with people blindly obeying silly laws without questioning their legitimacy. In most parts of the world, people simply ignore crappy laws they don't deem just. Yes, they get thrown in jails by those in power every now and then; but it's rather rare, because effectively, you can't jail 20% or more of the population: who would pay taxes then? In a democracy, civil disobedience shouldn't be needed; but do we really still live in a democracy, when outfits like Disney and RIAA can buy laws like DMCA?
Encryption algorithms will be obsolete by then
on
The Day Against DRM
·
· Score: 1
DRM can't expire: Eventually everything enters the public domain. No DRM system can automatically unlock things when that happens. If they did, it would be relatively easy to spoof the date and unlock the media. When all copies of a given piece of media are locked under DRM, you effectively create infinite copyright.
Nope. The encryption algorithms used in today's DRM schemes will most likely be crackable within microseconds, using 1. computer hardware 90+ years in the future; and 2. advances in cryptanalysis, also 90+ years from now. Crypto over the span of a whole century is a moot point; nothing to worry about.
As FreeBSD user, I don't care much about Debian's specific decisions; but regarding cdrtools, I fully agree. The latest versions have become annoyingly FUD-dy and kind of ads for Joerg's commercial version. Fortunately, burncd (for CD) and growisofs (for DVD) work just as fine here. cdrkit will be a welcome addition to FreeBSD's ports system as well.
It's not the first time some developer's stubborn-ness resulted in a fork. That's the beauty of OSS (GPL and other OSS-compatible licenses): control freaks can't get away with it. Now let's hope some brave soul would adopt cdrkit and keep it up to date with the newest burning technology.
Experienced admins should know better than to run services on a router.
Correct. But experienced admins would also use professional equipment; and it's impossible to run apps on IOS etc...
Fat routers do have their uses though in very special situations. From a security POV, if you're the only user of a router (say, you're sitting at the end of a cable or adsl line) with a tiny home-LAN; the "fat router" is nothing more than two physical machines folded into one. If a cracker were able to break into the router itself (fooling the TCP/IP stack, or firewall etc...), then other machines within the LAN are on their own anyway (you didn't rely on NAT or firewalling there, didn't you?). And if the cracker uses a vuln within one of those apps, well; they're inside a jail, so happy hacking. A cracker who is able to break out of jails (chroot(2) is easy, but not jails) is too skilled anyway for this typical router@home setup.
So yes, it's not a terribly good idea; but as long as sound admin practices are used within the fat router, it's a manageable risk. If someone then still breaks in, well, it's bound to happen anyway; and in security aware setups, DMZs and multiple layers (read: multiple machines) would be used.
Right; esp. when people are novices. But for experienced sysadmins, a "fat router" is quite useful, especially at home where you want to keep your electricity bill unter control.
A typical setup on any low-power 24/7 device, like some routers, or general purpose boards a la net4801 includes OpenBSD or FreeBSD with userland-ppp, pf and BIND, plus, if needed, postfix, lighttpd, cyrus-imap, etc...; all running tightly within their jail(8)s and closely monitored.
This would be the maximum, and from a security point of view, still somehow manageable. You definitely don't want to add stuff like NFS (despite airtight good pf settings) at such an exposed place though... But running ctorrent every now and then (again, in its own jail) should be fine...
"Don't you see that the whole aim of Newspeak is to narrow the range of thought?... Has it ever occurred to your, Winston, that by the year 2050, at the very latest, not a single human being will be alive who could understand such a conversation as we are having now?...The whole climate of thought will be different. In fact, there will be no thought, as we understand it now." -- George Orwell, 1984.
It looks like most people already got used to Newspeak nowadays...
What's actually funny, is how many people in security sensitive environments rely on those closed-source video drivers. Even if the machine isn't networked, a rogue driver could still hook into crypto libraries and add keys of their own while encrypting files... et voila: a nice backdoor in files you thought would be secure!
It is good, because some legislations forbid copying DRMed media even for private purposes, but not non-DRMed media. Therefore, labeling DRMed media clearly may become prerequisite for such legislations.
Slashdot Mirror
- "Let's send the Omega Force!"
- "There's a time to think, and there's a time to act. And this, gentlemen, is not a time to think."
- "Canadians are always dreaming up a lotta ways to ruin our lives. The metric system, for the love of God! Celsius! Neil Young!" ... and now Piracy!
and last, but not least:
- "Stop piracy, pronto! Or we'll level Toronto!"
All it needs is a modified kernel to disable those debugger-preventing or -discovering tricks. Then it's child play again. For Unices, it's trivial to modify the sources; for NT some binary patch is just a matter of time; and for virtualizers, it's even easier. I could easily imagine good debuggers providing kernel modules or drivers just for this purpose.
Some legacy equipment (routers, terminal switches, etc...) still needs to be telnetted into (though netcat would be perfectly fine too). So there's a use for a telnet client. But why a telnet server on Solaris 10?
That's why all my FreeBSD machines have a password-less police user account with a UID of 0. I just keep forgetting to allow root logins per ssh, but that's not my fault, officer.
I don't see the problem.
Confidentiality comes to mind. Sometimes, you prefer to have your server contact the recipient's server directly via TCP rather than relaying stuff through ISPs mailhost. Of course, it makes only sense when using end-to-end encryption as well (PGP).
And even if ISP can't read PGP traffic, they can still do some cheap traffic analysis if you relay through their server. They could do this as well at the TCP layer; but that's not as trivial to set up than simply analyzing mailhost's logfiles...
Seriously. HAM operators have already launched radio relay satellites in the past; and there's nothing preventing us from doing something similar as a grassroots movement. We may even be able to read some imagery in real-time. By licensing the image stream and database similarly to Wikipedia (cc-by-sa, gfdl, ...) we'd stay true to our open source credo and spirit. Much better than the crippleware commercial offerings of Google and others anyway! Competition and verifiability will keep them honest as well.
Let's just make sure to have the main satellite operation center and a few relays in countries that don't promote censorship; perhaps on a pacific island, in a desert etc... Oh, and a few reflecting surfaces and other defensive means to protect against chinese killer satellites would be a good idea too.
Financing this is would also be quite easy, I suppose. How about selling news agencies and TV networks priority slots to cover a regional crisis, wars and other events in near-real time; something they won't get from commercial operators even for big bucks?
He's got bigger problems to deal with like [...] saving for retirement [...]
Or saving for overpriced DVDs, drugs, etc. Without Joe Sixpack(s), the whole IP-based economy with it's inflated prices would immediately collapse.
Exactly!
There are a few more points to ponder:
And here it starts getting interesting: Science and religion are two highly differing ways to view and interpret the world around us. But while they're differing, they're similar in a disconcerting way:
This is really not meant to be offensive -- and certainly not overgeneralizing --, but sometimes, it looks like science is in itself darwinistic, because theories have to struggle and survive the fiercest criticism before they become commonly accepted. OTOH religion is anti-darwinistic, because religious dogma is not put through the same skeptic mind. So it's no wonder that religion is not on friendly terms with darwinism: it's simply way too far from its way of thinking and working.
We can also see this from a humanistic perspective: when examining the world, we can adopt a skeptic and cautious attitude, or we can sometimes be uncareful and take our beliefs for the truth. We can think scientifically, or we can think religiously. While most of us here are scientists or people studying science, even we sometimes have fits of irrationality. Both tendencies are deep within the human psyche, and that's the reason there is a war of the memes. Perhaps it should be called instead a war of attitudes?
And this is not necessarily bad. We need both ways of thinking. Too much skepticism can be paralyzing at times, while faith can move a mountain. Too much faith can lead us to become lemmings jumping off the cliffs, while science and reason can help us survive. It's a duality that keeps humanity chugging along.
So in a way, Russia fell to the level of the USA.
Yup. Fortunately, such developments are cyclic in nature. They come and go. Religious fundamentalism is having its 15 minutes of fame right now (make it more like 15 years or so, but you get the point), and will fade away once people get fed up with it. The few remaining fundies will eventually lose their political omph, and that's it.
From an evolutionary angle, science and (fundamentalist) religion are memes fighting against each other for survival and supremacy... It's a darwinisting world (of species AND ideas) after all.
Actually, most encryption schemes are based on the difficulty of factoring big intergers; even elliptic curves algorithms haven't yet found widespread use outside the crypto community. So assuming that this problem is cracked, nearly every encryption scheme in use today (including all their variants) will break down immediately.
Now, as soon as big mega corps with deep pockets start losing very valuable data because of lost encryption keys ("hardware failures"), they'll get mad about it and will start frantically financing crypto research. Until now, only the likes of NSA can afford big staffs of highly talented cryptoanalysts; but once becoming a cryptoanalyst becomes profitable to mere mortals, cryptology could very well get a huge boost out of it. And with more people doing research in that area, the probability that DH or EC get cracked raises too - who knows? Perhaps even exponentially?
Even if it's illegal in some parts of the "free" world to crack DRM, who cares? Once a few mega corps badly need to recover their DRM-ed/encrypted data, they'll buy better laws through the usual channels. Even the RIAA/MPAA cartell won't be able to stop them then.
To be more precise, Morocco's CNESTEN is also operating a (US) Triga Mark II research reactor near Rabat with full knowledge of and support by the US administration; research that's mainly medical and geared towards operating a commercial power plant that should be built south of Casablanca. It's not yet clear which firms (US, french, russian, ...) will get the contract, but it's common public knowledge there.
I concur! It happens all the time, also on occasions where I had prime facie evidence that the facts were reported... let's say, inaccurately, to put it mildly.
Amazingly, it very seldom happens out of malice or bad intentions. Nearly every time news reporters distort the facts out of sheer incompetence and pure carelessness. Sometimes time constraints (time to publish or time to broadcast) also contribute: rushing out a story becomes much more important that double checking (or single cheking!) one's sources and news.
And no, I don't have the faintest idea why things are this way.
It's about DRM. With a closed source driver AND no specs how to access the hardware, vendors like NVidia and ATI can effectively prevent you from displaying (or capturing) material with nasties like MacroVision etc... If they opened the HW-specs, circumventing this crippling feature^Wbug would be easy as pie. Therefore, they don't.we should have a day against DMCA, not a day against DRM.
There's an even bigger problem with people blindly obeying silly laws without questioning their legitimacy. In most parts of the world, people simply ignore crappy laws they don't deem just. Yes, they get thrown in jails by those in power every now and then; but it's rather rare, because effectively, you can't jail 20% or more of the population: who would pay taxes then? In a democracy, civil disobedience shouldn't be needed; but do we really still live in a democracy, when outfits like Disney and RIAA can buy laws like DMCA?
DRM can't expire: Eventually everything enters the public domain. No DRM system can automatically unlock things when that happens. If they did, it would be relatively easy to spoof the date and unlock the media. When all copies of a given piece of media are locked under DRM, you effectively create infinite copyright.
Nope. The encryption algorithms used in today's DRM schemes will most likely be crackable within microseconds, using 1. computer hardware 90+ years in the future; and 2. advances in cryptanalysis, also 90+ years from now. Crypto over the span of a whole century is a moot point; nothing to worry about.
Hmmm... it looks like Twisted framework didn't make it into the standard library (yet?).
LOL!
Now imagine Google serving their results *encrypted* with 128-bit SSL! NSA just *loves* this kind of stuff! It should keep'em busy for a while...
As FreeBSD user, I don't care much about Debian's specific decisions; but regarding cdrtools, I fully agree. The latest versions have become annoyingly FUD-dy and kind of ads for Joerg's commercial version. Fortunately, burncd (for CD) and growisofs (for DVD) work just as fine here. cdrkit will be a welcome addition to FreeBSD's ports system as well.
It's not the first time some developer's stubborn-ness resulted in a fork. That's the beauty of OSS (GPL and other OSS-compatible licenses): control freaks can't get away with it. Now let's hope some brave soul would adopt cdrkit and keep it up to date with the newest burning technology.
Experienced admins should know better than to run services on a router.
Correct. But experienced admins would also use professional equipment; and it's impossible to run apps on IOS etc...
Fat routers do have their uses though in very special situations. From a security POV, if you're the only user of a router (say, you're sitting at the end of a cable or adsl line) with a tiny home-LAN; the "fat router" is nothing more than two physical machines folded into one. If a cracker were able to break into the router itself (fooling the TCP/IP stack, or firewall etc...), then other machines within the LAN are on their own anyway (you didn't rely on NAT or firewalling there, didn't you?). And if the cracker uses a vuln within one of those apps, well; they're inside a jail, so happy hacking. A cracker who is able to break out of jails (chroot(2) is easy, but not jails) is too skilled anyway for this typical router@home setup.
So yes, it's not a terribly good idea; but as long as sound admin practices are used within the fat router, it's a manageable risk. If someone then still breaks in, well, it's bound to happen anyway; and in security aware setups, DMZs and multiple layers (read: multiple machines) would be used.
Right; esp. when people are novices. But for experienced sysadmins, a "fat router" is quite useful, especially at home where you want to keep your electricity bill unter control.
A typical setup on any low-power 24/7 device, like some routers, or general purpose boards a la net4801 includes OpenBSD or FreeBSD with userland-ppp, pf and BIND, plus, if needed, postfix, lighttpd, cyrus-imap, etc...; all running tightly within their jail(8)s and closely monitored.
This would be the maximum, and from a security point of view, still somehow manageable. You definitely don't want to add stuff like NFS (despite airtight good pf settings) at such an exposed place though... But running ctorrent every now and then (again, in its own jail) should be fine...
How about this, from an affidavit?
Yep!
It looks like most people already got used to Newspeak nowadays...
It's been known for quite some time now...
Absolutely!
What's actually funny, is how many people in security sensitive environments rely on those closed-source video drivers. Even if the machine isn't networked, a rogue driver could still hook into crypto libraries and add keys of their own while encrypting files... et voila: a nice backdoor in files you thought would be secure!
It is good, because some legislations forbid copying DRMed media even for private purposes, but not non-DRMed media. Therefore, labeling DRMed media clearly may become prerequisite for such legislations.