It's not the user. Nor is in the internet Nor is it the administrator Nor is in the OS vendors
It's a very deep paradigm/vocabulary issue
The problem IS lack of security.... quick... how can You, in YOUR CHOICE OF ENVIRONMENT tell your OS that you want a program to enforce this set of rules on a program you want to test:
read access to itself, and it's install directory
read access to all of the system libraries
read-write access to a single folder
access to a specific set of windows in the gui (if any)
and nothing else?
If you can even begin to fulfill this list of un-restrictions, you're probably approaching it in terms of a locked down user account, which is exactly the problem. This list of un-restrictions is otherwise known as a capabilities list, and should be assigned on the basis of the needs of the moment, not some static definition.
If you can't even express the correct answer, you'll never get it right.
Once upon a time, you went to these places every neighborhood had called "record shops"... where you could sample a recording (perhaps even listening to the whole thing) before you decided to make your purchase. The crushing of the local record shops by the conglomeration of the distribution channel brought along a reduction in the ability to sample purchases... which resulted in a fall in sales.
Napster came along, and people could sample music before buying it again... CD sales soared upward.
Not happy with the prospect of having someone able to try something before buying it... the MPAA started down the insane path of suing customers. CD sales began to crash again. They will now never recover.
This marks the end of the internet, as there are surely millions of Windows 2000 servers out there with RDP enabled in business critical roles. You linux fan boys can laugh all you want at the stupidity of it, but this will eventually take out everything as it interrupts supply chains all over the world.
If you have any Microsoft stock, sell it now, the implications of their policies on older software are about to come rocketing back at them in a tsunami.
I hope the fsck I'm wrong about this... we'll know in about a month.
Anything internet connected can get owned... even stuff that isn't connected can get killed via service equipment (which is what the whole Stuxnet thing was about).
When you run everything with ambient authority, you're never going to be safe. EVERYTHING uses ambient authority, because it's what we're all used to, as far as computers go. Here's the difference:
In the real world, we operate with ambient deny... you car key doesn't open all cars of that model, it only has the capability to open your car. When you delegate it, your valet can't open all that model of car either.
The situation with computer security now is like having each car owner contractually promise not to open any other car than their own, rather than unique keys. The first hand off to a valet who didn't sign the promise does the whole system in. It also fails if they get confused and return the wrong car.
Until the model of computer security is brought in line with reality, things will continue to be fscked, Chinese or no Chinese.
My mistake... it's not really a surprise, and it's Balochistan which we're going to invade, which is only 1/4 of Pakistan. (In exchange, India is going to buy a lot of weapons from us for a while).
With all of the talk of the Police shutting down everyone's phones and internet over half of Chicago for the G8 summit... I figured someone would get pissed off and return fire, taking down all of the tac-comms for everyone in retaliation.
I'm glad it doesn't have to come to that now.
So why did they pull out of Chicago all the sudden, anyhow? Did the dates conflict with the surprise invasion of Pakistan?
It took a few hours contemplation for me to finally get my mind wrapped around this one, here's my explanation.
Imagine you have an AC motor, with 2 poles. If driven with 60 hz power, it will spin at 3600 rpm (60 rotations per second). The same 60 hz power can be fed into a 4 pole AC motor which will spin at 1800 rpm (30 rotations per second) Generalizing, The same 60 hz power can be used for a 2n pole motor to get a spin of (7200/.n) rotations per second.
If you were to hold a magnet in the center of any of these motors it would vibrate at 60 hz. - This is analogous to a normal antenna trying to pick on one of these signals, it would pick up the carrier frequency regardless of the spin.
It is only when you let the magnet spin that you can measure speed at which the field rotates - This is why it takes multiple antenna to discriminate between signals.
Now the real fun is when you imposed BOTH a 2 pole and a 4 pole signal in the same space... if you put a rotor in and let it spin, you might get either 3600 or 1800 rpm... hard to guess.... but if you spun it up to just under 3600 rpm, it would pull forward to 3600 rpm, with the same effect if you spun it at 1800 rpm. There would be a lot of energy lost in cross coupling of the winding coils, though.
If we went a bit further, and considered a motor which had a way to simultaneously be powered in 2, 4, 6, 8, and 10 pole modes, you'd be able to measure the voltage fed into each of them by rotating the motor up to the appropriate speed and measuring the torque on the rotor... you'd get 5 different numbers, each linearly related to the amount of excitation for that set of windings.
You lose the utility of a motor, but you get the ability to convey 5 different signal levels with 1 frequency. Cool stuff!
It turns out that if you can use circularly polarized light to manipulate nanoscopic objects, and make them spin.
I wonder what would happen if you built a 2 Ghz transmitter system which fed an antenna with a spin on the order of 10? Would it cause something like the Norway Spiral by spinning the air that happened to absorb part of the signal?
Google "Orbital Angular Momentum" and you'll find all sorts of stuff that almost seems like magic, or science fiction, that actually could work.
The root problem here is the idea of auctioning off the radio spectrum. It is essentially a TAX on innovation and the eventual users, which is then used as an excuse to give large monopoly profits on those who are willing to bid up the tax, knowing that WE will pay it in the end. The bigger the tax, the more profit they make.
We should instead manage it as a public commons, having bands set up for experimentation, and then wider spaces for more established modes as they become popular, and have more users. Somewhere in there should be a set of spaces for mesh network backbone.
I distance my work and personal stuff, but they wanted me to follow them, so I did.... no big loss. I've got sufficiently non-mainstream opinions on enough stuff that they really don't want me tying things tight anyway... what with my whole (9-11 was an inside job, Ron Paul for President, Cold Fusion really works, Back to the Gold Standard, we're in the Greater Depression) view of the world... it's non-corporate friendly (besides, corporations aren't people anyway).
I'll patiently wait for JPM and the FED to implode while I read back issues of the stuff from the time monks for a very long time before anyone wants me to be their corporation's friend.;-)
Be sufficiently human, and only other humans will want to around.... and some will value you highly. Heck, one might even help you make other humans.;-)
Science that works cannot be kept secret. Observe that over centuries, every single real invention has been independently discovered by multiple scientists in such close succession that it might as well be simultaneous. That is not a coincidence. New discoveries build upon existing discoveries and technologies, and when their time has come, they will appear.
Wrong - Here are 2 examples from History to set you straight.
Babbage's difference engine really worked, it wasn't kept secret, it wasn't suppressed by a cabal, it was just very hard to do, and was slightly ahead of it's time. Had there been a Bridgeport Knee mill with power, tools, and a few skilled machinist to use it available in 1823, he would have been a fairly immediate success. After all, he was funded with enough money to build a well kitted out battleship over the course of the project. Unfortunately for him, he had these ideas before things like standard thread sizes, in fact it's because of him, and the follow on effects of his work that we eventually got standard thread sizes, etc. It also didn't help that he suffered from the Osborne effect, having found the next great generation of a technology (the analytic engine) before making the first one profitable.
There's also the Antikythera mechanism, which was effectively an mechanical analog computer built about 100BC. We didn't get the modern equivalents until the 14th century.
Science that works has to be correct, or close enough to work. But it's not fair to say that failure of implementation implies bad science. Just because it took about 1400 years for mechanical computation to become mainstream doesn't mean that genius who built the Antikythera mechanism was a fraudster... in fact his device worked.
I've been using Picassa on my PC, which includes facial recognition, the interesting part is the hundreds of people who I have know knowledge of who appear large enough to be recognized and grouped together, merely because they happened to be near someone or something I was photographing.
The news that Facebook is scanning all photo uploads with similar technology really makes me cringe.
Eben is right, and he's NOT paranoid... just ahead of the curve.
When Microsoft comes up with a File server that doesn't randomly disconnect clients, I'll migrate, until then it's a downgrade to move to something other than Windows 2000.
It will get hacked, it's just a matter of time. If you have data that is getting uploaded, then needs to be secure after that, consider using a unidirectional network, also known as a "data diode", which can only send data in one direction.
If you can't hand the administrator account passwords to someone and rest easy, you shouldn't be counting on it to be secure.
Real protest involves things that actually inconvenience or include a plausible threat to the the stability of government. Things like randomly throwning away packets requesting.gov or.mil or select other domain names might be a good start.
Dropping emails to.gov might be another.
Adding porn to email from.gov might be yet another.
Anything which undermines their trust in technology as a lever to control us.
It doesn't have to be big, you don't really have to risk much... but you do have to act in some small way and take some risk if you want to have any possible gain.
Given the built-in anti-static I/O lines on most chips these days, it's definitely a non-issue. You can walk across a room with wool slippers and an amber staff, and you might do some damage, but a nuke far enough away not to cause blast damage isn't going to be a problem.
All of our supply lines have had the slack engineered out of them in the name of "efficiency" in the last 20+ years. The US doesn't make everything it needs, let alone any given state... without international credit, next day air, and a continuous flow of liquid energy, it's all going to crash.
Eventually we'll recover... but the days of ever faster extraction of resources to be "consumed" then buried in a landfill, is rapidly approaching it's end. Unfortunately, we don't know how to work any other way.
Amen... now that I understand rehypothecation, (having cake, borrowing against same cake, borrowing (again) against same cake... an unlimited number of times, then eating cake, is all legal thanks to "the city of london")
Any company with a division or branch in England can use this trick to hide/steal spectacular amounts of money. Because of the interlinked nature of the markets, Nothing is safe from this, anything in an "account" of any sort (stock, bank, savings, checking, etc) is only as good as the personal bond between yourself and the person who actively manages it. Since none of us have that connection to anything stock related... it's all a big Ponzi scheme, ready to implode.
Unfortunately, it may take all of civilization with it.
Slashdot Mirror
A properly formed jury could have nullified the law and saved everyone a huge amount of grief here.
What we have here, is a failure to communicate...
It's not the user.
Nor is in the internet
Nor is it the administrator
Nor is in the OS vendors
It's a very deep paradigm/vocabulary issue
The problem IS lack of security.... quick... how can You, in YOUR CHOICE OF ENVIRONMENT tell your OS that you want a program to enforce this set of rules on a program you want to test:
If you can even begin to fulfill this list of un-restrictions, you're probably approaching it in terms of a locked down user account, which is exactly the problem. This list of un-restrictions is otherwise known as a capabilities list, and should be assigned on the basis of the needs of the moment, not some static definition.
If you can't even express the correct answer, you'll never get it right.
Once upon a time, you went to these places every neighborhood had called "record shops"... where you could sample a recording (perhaps even listening to the whole thing) before you decided to make your purchase. The crushing of the local record shops by the conglomeration of the distribution channel brought along a reduction in the ability to sample purchases... which resulted in a fall in sales.
Napster came along, and people could sample music before buying it again... CD sales soared upward.
Not happy with the prospect of having someone able to try something before buying it... the MPAA started down the insane path of suing customers. CD sales began to crash again. They will now never recover.
Land of the Foreclosed, home of the Banking Gangsters.
This marks the end of the internet, as there are surely millions of Windows 2000 servers out there with RDP enabled in business critical roles. You linux fan boys can laugh all you want at the stupidity of it, but this will eventually take out everything as it interrupts supply chains all over the world.
If you have any Microsoft stock, sell it now, the implications of their policies on older software are about to come rocketing back at them in a tsunami.
I hope the fsck I'm wrong about this... we'll know in about a month.
Cheap, Secure, Easy, not Vaporware, pick any 2... ;-)
Capability based security systems could give cheap, secure, easy... but they are definitely vaporware at this point in time.
Anything internet connected can get owned... even stuff that isn't connected can get killed via service equipment (which is what the whole Stuxnet thing was about).
When you run everything with ambient authority, you're never going to be safe. EVERYTHING uses ambient authority, because it's what we're all used to, as far as computers go. Here's the difference:
In the real world, we operate with ambient deny... you car key doesn't open all cars of that model, it only has the capability to open your car. When you delegate it, your valet can't open all that model of car either.
The situation with computer security now is like having each car owner contractually promise not to open any other car than their own, rather than unique keys. The first hand off to a valet who didn't sign the promise does the whole system in. It also fails if they get confused and return the wrong car.
Until the model of computer security is brought in line with reality, things will continue to be fscked, Chinese or no Chinese.
My mistake... it's not really a surprise, and it's Balochistan which we're going to invade, which is only 1/4 of Pakistan. (In exchange, India is going to buy a lot of weapons from us for a while).
With all of the talk of the Police shutting down everyone's phones and internet over half of Chicago for the G8 summit... I figured someone would get pissed off and return fire, taking down all of the tac-comms for everyone in retaliation.
I'm glad it doesn't have to come to that now.
So why did they pull out of Chicago all the sudden, anyhow? Did the dates conflict with the surprise invasion of Pakistan?
It took a few hours contemplation for me to finally get my mind wrapped around this one, here's my explanation.
Imagine you have an AC motor, with 2 poles. If driven with 60 hz power, it will spin at 3600 rpm (60 rotations per second). /.n) rotations per second.
The same 60 hz power can be fed into a 4 pole AC motor which will spin at 1800 rpm (30 rotations per second)
Generalizing, The same 60 hz power can be used for a 2n pole motor to get a spin of (7200
If you were to hold a magnet in the center of any of these motors it would vibrate at 60 hz. - This is analogous to a normal antenna trying to pick on one of these signals, it would pick up the carrier frequency regardless of the spin.
It is only when you let the magnet spin that you can measure speed at which the field rotates - This is why it takes multiple antenna to discriminate between signals.
Now the real fun is when you imposed BOTH a 2 pole and a 4 pole signal in the same space... if you put a rotor in and let it spin, you might get either 3600 or 1800 rpm... hard to guess.... but if you spun it up to just under 3600 rpm, it would pull forward to 3600 rpm, with the same effect if you spun it at 1800 rpm. There would be a lot of energy lost in cross coupling of the winding coils, though.
If we went a bit further, and considered a motor which had a way to simultaneously be powered in 2, 4, 6, 8, and 10 pole modes, you'd be able to measure the voltage fed into each of them by rotating the motor up to the appropriate speed and measuring the torque on the rotor... you'd get 5 different numbers, each linearly related to the amount of excitation for that set of windings.
You lose the utility of a motor, but you get the ability to convey 5 different signal levels with 1 frequency. Cool stuff!
It turns out that if you can use circularly polarized light to manipulate nanoscopic objects, and make them spin.
I wonder what would happen if you built a 2 Ghz transmitter system which fed an antenna with a spin on the order of 10? Would it cause something like the Norway Spiral by spinning the air that happened to absorb part of the signal?
Google "Orbital Angular Momentum" and you'll find all sorts of stuff that almost seems like magic, or science fiction, that actually could work.
Let's ban child phonography.... cut off their customer base, and drive the bastards out of business.
The root problem here is the idea of auctioning off the radio spectrum. It is essentially a TAX on innovation and the eventual users, which is then used as an excuse to give large monopoly profits on those who are willing to bid up the tax, knowing that WE will pay it in the end. The bigger the tax, the more profit they make.
We should instead manage it as a public commons, having bands set up for experimentation, and then wider spaces for more established modes as they become popular, and have more users. Somewhere in there should be a set of spaces for mesh network backbone.
I distance my work and personal stuff, but they wanted me to follow them, so I did.... no big loss. I've got sufficiently non-mainstream opinions on enough stuff that they really don't want me tying things tight anyway... what with my whole (9-11 was an inside job, Ron Paul for President, Cold Fusion really works, Back to the Gold Standard, we're in the Greater Depression) view of the world... it's non-corporate friendly (besides, corporations aren't people anyway).
I'll patiently wait for JPM and the FED to implode while I read back issues of the stuff from the time monks for a very long time before anyone wants me to be their corporation's friend. ;-)
Be sufficiently human, and only other humans will want to around.... and some will value you highly. Heck, one might even help you make other humans. ;-)
Science that works cannot be kept secret. Observe that over centuries, every single real invention has been independently discovered by multiple scientists in such close succession that it might as well be simultaneous. That is not a coincidence. New discoveries build upon existing discoveries and technologies, and when their time has come, they will appear.
Wrong - Here are 2 examples from History to set you straight.
Babbage's difference engine really worked, it wasn't kept secret, it wasn't suppressed by a cabal, it was just very hard to do, and was slightly ahead of it's time. Had there been a Bridgeport Knee mill with power, tools, and a few skilled machinist to use it available in 1823, he would have been a fairly immediate success. After all, he was funded with enough money to build a well kitted out battleship over the course of the project. Unfortunately for him, he had these ideas before things like standard thread sizes, in fact it's because of him, and the follow on effects of his work that we eventually got standard thread sizes, etc. It also didn't help that he suffered from the Osborne effect, having found the next great generation of a technology (the analytic engine) before making the first one profitable.
There's also the Antikythera mechanism, which was effectively an mechanical analog computer built about 100BC. We didn't get the modern equivalents until the 14th century.
Science that works has to be correct, or close enough to work. But it's not fair to say that failure of implementation implies bad science.
Just because it took about 1400 years for mechanical computation to become mainstream doesn't mean that genius who built the Antikythera mechanism was a fraudster... in fact his device worked.
I've been using Picassa on my PC, which includes facial recognition, the interesting part is the hundreds of people who I have know knowledge of who appear large enough to be recognized and grouped together, merely because they happened to be near someone or something I was photographing.
The news that Facebook is scanning all photo uploads with similar technology really makes me cringe.
Eben is right, and he's NOT paranoid... just ahead of the curve.
Amen - mod parent up!
I always told people to avoid Vista like the plague... and I had one user who thought I was exaggerating.... oh did he have a few bad years...
When Microsoft comes up with a File server that doesn't randomly disconnect clients, I'll migrate, until then it's a downgrade to move to something other than Windows 2000.
It will get hacked, it's just a matter of time. If you have data that is getting uploaded, then needs to be secure after that, consider using a unidirectional network, also known as a "data diode", which can only send data in one direction.
If you can't hand the administrator account passwords to someone and rest easy, you shouldn't be counting on it to be secure.
Real protest involves things that actually inconvenience or include a plausible threat to the the stability of government. Things like randomly throwning away packets requesting .gov or .mil or select other domain names might be a good start.
Dropping emails to .gov might be another.
Adding porn to email from .gov might be yet another.
Anything which undermines their trust in technology as a lever to control us.
It doesn't have to be big, you don't really have to risk much... but you do have to act in some small way and take some risk if you want to have any possible gain.
Given the built-in anti-static I/O lines on most chips these days, it's definitely a non-issue. You can walk across a room with wool slippers and an amber staff, and you might do some damage, but a nuke far enough away not to cause blast damage isn't going to be a problem.
I know it would be an alloy... but Gallium isn't such a great thing to be shipping around in airplanes, etc..watch this youtube video of gallium eating an aluminum can for an idea why.
All of our supply lines have had the slack engineered out of them in the name of "efficiency" in the last 20+ years. The US doesn't make everything it needs, let alone any given state... without international credit, next day air, and a continuous flow of liquid energy, it's all going to crash.
Eventually we'll recover... but the days of ever faster extraction of resources to be "consumed" then buried in a landfill, is rapidly approaching it's end. Unfortunately, we don't know how to work any other way.
Amen... now that I understand rehypothecation, (having cake, borrowing against same cake, borrowing (again) against same cake... an unlimited number of times, then eating cake, is all legal thanks to "the city of london")
Any company with a division or branch in England can use this trick to hide/steal spectacular amounts of money. Because of the interlinked nature of the markets, Nothing is safe from this, anything in an "account" of any sort (stock, bank, savings, checking, etc) is only as good as the personal bond between yourself and the person who actively manages it. Since none of us have that connection to anything stock related... it's all a big Ponzi scheme, ready to implode.
Unfortunately, it may take all of civilization with it.
Yes, yes, you must stay in this cattle pen because you get to decide which trough you get to eat slop from, the Red or the Blue one.
No, don't be silly and think that some other place might be nicer.
PS: Big Brother (tm) is watching you.