I'm ok with it, as long as everyone understands about false positive matches, and gets the requisite education in statistics to treat the results with the proper amount of skepticism.
Security is the job of the Operating System, not applications, or users. When you run the program, and tell the OS which files it should use, that should be it. The program shouldn't have the authority to access anything not specified. This has worked in the mainframe world for decades, as you specified which virtual disks a system had access to when loading the run-time system. This works in virtualization, when you specify the disks the virtual machine is to use.
It's going to be a few more years for the technical community to finally wake up to the insanity that is ambient authority, then a decade or so to finally shift to systems that implement the principal for least privilege, like Gnu Hurd and/or Genode.
There's a thing, called a data diode... you have wild open internet on one side, and a safe network on the other.... data can only EXIT to the internet, and never enter... protected by the laws of physics themselves. You can monitor all you want, but never control, from the internet. These are the types of things we need to allow remote monitoring of stuff.
Yes, truly redundant systems should be kept in place... the FAA is phasing out a ton of VOR stations... but at least they've had the sense to keep a minimal network around (directly contradicting what I thought a few minute of googling ago).
Once these jobs go away, there are not going to be a matching number of replacement jobs. You're ignoring the driving force of capitalism, which is to decrease costs and increase profits. Capital is currently under-priced, being effectively free to borrow for some entities... which means they can throw scads of money at getting any and all humans out of the loop... which creates more capital, and even more surplus labor... it's a positive feedback loop, building exponentially on itself, which ends badly for those without capital.
Government is supposed to keep forces like this in check, but it's been captured.
Pure socialism doesn't work, neither does pure capitalism. We need to reset the balance.
After a few years of constant interruptions, I just gave up, and never attempted anything except under deadline pressure, which gave me the excuse required to push out interruptions.
People want to be able to put code in a box, and have code to function without unwanted side effects. The consistent cognitive bias is towards placing blame on certain groups or practices as being at fault, then piling on.
This approach consistently ignores the root cause, the lack of a widely used, secure operating system for anything smaller than an IBM mainframe.
If your OS can't be counted on to limit the side effects of a program to those chosen at runtime, you can't trust it.
Windows doesn't do this, nor does any other common operating system on PCs or embedded systems.
The reason mainframe systems are secure is that you specify the everything to be tossed into running a program prior to its execution, and it can't ever exceed those capabilities.
We need to make things GNU Hurd or Genode a viable choice for programmers and hackers, then for the average home user. If this is done, then we can finally actually fix things for once and for all.
Until then, enjoy being the sump pump for the world of IT.
In the MS-DOS / floppy disk days, you had far more security. Your entire operating system was write-protected, and you could make a copy of it, and test that copy, all in less than 10 minutes.
These days, you can't even clone your hard drive and have reasonable assurance that all your apps will work without being re-authorized.
I watched the movie in question online a few weeks ago, I got bored and skipped an hour in the middle, and honestly don't think I missed anything important. I can't possibly imagine having to wait though the ever so slow plot line in a movie theater with no other distractions available.
Examing the nature of searches that take place at our boarders gives a hint of the strategy the US is using to weed out terrorists. It is apparent that the US government hasn't figured out: 1. It is possible to have multiple social media identities 2. The entire Internet is ISIS territory 3. Harassing people who want to enter the US is bad for business
Given the near total spectrum surveillance that we know the US has over the Internet thanks to Snowden, I'm surprised things are so ham-fisted. There are much better ways to do this, I hope (and it's all I can do, because of secrecy and lack of accountability) that the balance is more towards using this capability for good, and less on stalking ex's and personal gain.
More than half of humanity has a cell phone, and you can call them instantly if you have their phone number. No additonal protocols or servers are required.
The solar wind results in a large flux of DC current, which could be modulated with help from HAARP's VHF... as they have done already. It wouldn't all get dissipated as heat.
This is one of the times I think the EPA could do a lot of good by picking a site out west, setting up a furnace and simply grinding and melting these down to then refine out the lead and other metals. They should run it themselves, not contracting it out, and accept all CRTs and e-waste that make it to the loading dock, for free, no questions asked.
No, megawatts of VHF could be used to modulate the conductivity of the ionosphere. If only 0.1% modulation can take place, you've gotten a Gigawatt of VLF for a few megawatts input.
Right there, in the Wikipedia page for the project, in list of main scientific findings (#3), is that it can be used to generate ELF (extremely low frequency) signals in the range of 0.1 Hz by modulating conductivity of the ionosphere to the already present DC flow from the solar wind. I once did the math, and concluded that this would result in turning the ionosphere into the VLF equivalent of a MASER, and the power flow there is on the order of a Terawatt (if I recall correctly)...I believe this is what Tesla was attempting to do with his huge transmitter at Wardenclyffe.. A few megawatts could generate about a gigawatt of VLF if done right.
Converting that VLF back to usable power, on the other hand... I have no idea how that would happen.
There obviously aren't many hardware hackers watching this thread, but I just wanted you to know that LEDs also function as photodiodes... back in the 1990s I breadboarded an alarm circuit that used a bi-color LED, with the green as an emitter and the red as a detector, to sense a reflector from a few feet away. I'm fairly certain that you could probably do interesting things with this knowledge and an arduino... like make a device that has a lock that has an single LED as it's heartbeat output, and its unlock input, with a matching keychain, for example.
Yes, being able to copy the flow of data to a user would be bad, but not system-compromising bad. And why would an instance of Apache be able to connect to more than one IP address? Each thread would be isolated from each other, further limiting the information leakage.
Analogy time: Imagine homes with no Circuit Breakers. Any short circuit anywhere could burn down a house. Lawyers and lawmakers arrive on the scene and declare that everything you want to plug in needs to be short proof. Every product has to be certified not to burn down houses, no matter what failure happens. The designers of even a simple lamp can end up being charged with murder, and as a result nobody really wants to use electricity.
We have circuit breakers, which limit the amount of current to be supplied to an appliance. If you have a special big appliance, like an air conditioner, you have to use a special circuit to supply it with power. Circuit breakers serve to limit the side effects that are possible when you use electricity.
There is no analogous circuit breaker in our widely used operating systems. When you run an application as a user, ALL of your authority is given to the program, and you have to just hope that it does the right thing. There are systems which do place limits on the side effects of a program when you run them, and they are even user friendly and fairly easy to understand.
It's up to us to start to use operating systems that have the ability to limit the side-effects of programs. One example is the Genode project. There is also the perennially late GNU Hurd
The rainbow series of books lay out all you need to know about security. Just study them, and you'll do just fine, as long as you don't network anything.;-)
Ambient Authority is the root cause of most of the woes of modern computing. Your OS of choice doesn't know how to even ask "which files should this program have access to, for this instance", and just gives programs free run to do as they please... until this is fixed, we're going to have virii.
Cancer on the other hand is a situation where a cell already has resources it's supposed to have, but doesn't get rate limited in the use of them, allow it to grow, divide, and multiply.
The problem with predicting where to go to stop crimes is that many of the crimes in Chicago are gang related, instead of property related. Houses to be robbed don't move, but rival gang members can be found anywhere. Predictive algorithms assume fixed targets.
If there was a real crackdown on Gangs, crime would decrease for a while, but I think that too many bribes are preventing that from happening. It would be far better to legalize drugs, defunding the gangs.
Of course, as a privileged white male from the suburbs, I could be wrong.
If we eliminate ambient authority, it would go a long way towards fixing this whole mess. Having operating systems which blindly trust applications to do the right thing is just stupid. This was figured out back in the early 1970s, but nobody seems to have learned the lesson.
Capability Based Security is a way to never trusting applications, in a user friendly way... just raising awareness of it is a good first start.
As long as our operating systems assume programs can be trusted, there will be no effective computer security. The Brexit has no effect on the current stupidity.
Slashdot Mirror
I'm ok with it, as long as everyone understands about false positive matches, and gets the requisite education in statistics to treat the results with the proper amount of skepticism.
When do we get new episodes? Why isn't there a daily episode? MORE MORE MORE!!!!
Security is the job of the Operating System, not applications, or users. When you run the program, and tell the OS which files it should use, that should be it. The program shouldn't have the authority to access anything not specified. This has worked in the mainframe world for decades, as you specified which virtual disks a system had access to when loading the run-time system. This works in virtualization, when you specify the disks the virtual machine is to use.
It's going to be a few more years for the technical community to finally wake up to the insanity that is ambient authority, then a decade or so to finally shift to systems that implement the principal for least privilege, like Gnu Hurd and/or Genode.
There's a thing, called a data diode... you have wild open internet on one side, and a safe network on the other.... data can only EXIT to the internet, and never enter... protected by the laws of physics themselves. You can monitor all you want, but never control, from the internet. These are the types of things we need to allow remote monitoring of stuff.
Yes, truly redundant systems should be kept in place... the FAA is phasing out a ton of VOR stations... but at least they've had the sense to keep a minimal network around (directly contradicting what I thought a few minute of googling ago).
Once these jobs go away, there are not going to be a matching number of replacement jobs. You're ignoring the driving force of capitalism, which is to decrease costs and increase profits. Capital is currently under-priced, being effectively free to borrow for some entities... which means they can throw scads of money at getting any and all humans out of the loop... which creates more capital, and even more surplus labor... it's a positive feedback loop, building exponentially on itself, which ends badly for those without capital.
Government is supposed to keep forces like this in check, but it's been captured.
Pure socialism doesn't work, neither does pure capitalism. We need to reset the balance.
After a few years of constant interruptions, I just gave up, and never attempted anything except under deadline pressure, which gave me the excuse required to push out interruptions.
I've never been productive since.
People want to be able to put code in a box, and have code to function without unwanted side effects. The consistent cognitive bias is towards placing blame on certain groups or practices as being at fault, then piling on.
This approach consistently ignores the root cause, the lack of a widely used, secure operating system for anything smaller than an IBM mainframe.
If your OS can't be counted on to limit the side effects of a program to those chosen at runtime, you can't trust it.
Windows doesn't do this, nor does any other common operating system on PCs or embedded systems.
The reason mainframe systems are secure is that you specify the everything to be tossed into running a program prior to its execution, and it can't ever exceed those capabilities.
We need to make things GNU Hurd or Genode a viable choice for programmers and hackers, then for the average home user. If this is done, then we can finally actually fix things for once and for all.
Until then, enjoy being the sump pump for the world of IT.
In the MS-DOS / floppy disk days, you had far more security. Your entire operating system was write-protected, and you could make a copy of it, and test that copy, all in less than 10 minutes.
These days, you can't even clone your hard drive and have reasonable assurance that all your apps will work without being re-authorized.
I watched the movie in question online a few weeks ago, I got bored and skipped an hour in the middle, and honestly don't think I missed anything important. I can't possibly imagine having to wait though the ever so slow plot line in a movie theater with no other distractions available.
Examing the nature of searches that take place at our boarders gives a hint of the strategy the US is using to weed out terrorists. It is apparent that the US government hasn't figured out:
1. It is possible to have multiple social media identities
2. The entire Internet is ISIS territory
3. Harassing people who want to enter the US is bad for business
Given the near total spectrum surveillance that we know the US has over the Internet thanks to Snowden, I'm surprised things are so ham-fisted. There are much better ways to do this, I hope (and it's all I can do, because of secrecy and lack of accountability) that the balance is more towards using this capability for good, and less on stalking ex's and personal gain.
More than half of humanity has a cell phone, and you can call them instantly if you have their phone number. No additonal protocols or servers are required.
Now get off my lawn.
The solar wind results in a large flux of DC current, which could be modulated with help from HAARP's VHF... as they have done already. It wouldn't all get dissipated as heat.
This is one of the times I think the EPA could do a lot of good by picking a site out west, setting up a furnace and simply grinding and melting these down to then refine out the lead and other metals. They should run it themselves, not contracting it out, and accept all CRTs and e-waste that make it to the loading dock, for free, no questions asked.
No, megawatts of VHF could be used to modulate the conductivity of the ionosphere. If only 0.1% modulation can take place, you've gotten a Gigawatt of VLF for a few megawatts input.
No tin foil hat required.
Right there, in the Wikipedia page for the project, in list of main scientific findings (#3), is that it can be used to generate ELF (extremely low frequency) signals in the range of 0.1 Hz by modulating conductivity of the ionosphere to the already present DC flow from the solar wind. I once did the math, and concluded that this would result in turning the ionosphere into the VLF equivalent of a MASER, and the power flow there is on the order of a Terawatt (if I recall correctly). ..I believe this is what Tesla was attempting to do with his huge transmitter at Wardenclyffe.. A few megawatts could generate about a gigawatt of VLF if done right.
Converting that VLF back to usable power, on the other hand... I have no idea how that would happen.
There obviously aren't many hardware hackers watching this thread, but I just wanted you to know that LEDs also function as photodiodes... back in the 1990s I breadboarded an alarm circuit that used a bi-color LED, with the green as an emitter and the red as a detector, to sense a reflector from a few feet away. I'm fairly certain that you could probably do interesting things with this knowledge and an arduino... like make a device that has a lock that has an single LED as it's heartbeat output, and its unlock input, with a matching keychain, for example.
The 3 state RAM doesn't actually do computation.... if you want that... take a look at an old idea of mine...http://bitgrid.blogspot.com/
Yes, being able to copy the flow of data to a user would be bad, but not system-compromising bad. And why would an instance of Apache be able to connect to more than one IP address? Each thread would be isolated from each other, further limiting the information leakage.
Analogy time: Imagine homes with no Circuit Breakers. Any short circuit anywhere could burn down a house. Lawyers and lawmakers arrive on the scene and declare that everything you want to plug in needs to be short proof. Every product has to be certified not to burn down houses, no matter what failure happens. The designers of even a simple lamp can end up being charged with murder, and as a result nobody really wants to use electricity.
We have circuit breakers, which limit the amount of current to be supplied to an appliance. If you have a special big appliance, like an air conditioner, you have to use a special circuit to supply it with power. Circuit breakers serve to limit the side effects that are possible when you use electricity.
There is no analogous circuit breaker in our widely used operating systems. When you run an application as a user, ALL of your authority is given to the program, and you have to just hope that it does the right thing. There are systems which do place limits on the side effects of a program when you run them, and they are even user friendly and fairly easy to understand.
It's up to us to start to use operating systems that have the ability to limit the side-effects of programs. One example is the Genode project. There is also the perennially late GNU Hurd
The rainbow series of books lay out all you need to know about security. Just study them, and you'll do just fine, as long as you don't network anything. ;-)
Has the Record Industry wised up and stopped suing their customers yet? If so, I might start buying music again.
Ambient Authority is the root cause of most of the woes of modern computing. Your OS of choice doesn't know how to even ask "which files should this program have access to, for this instance", and just gives programs free run to do as they please... until this is fixed, we're going to have virii.
Cancer on the other hand is a situation where a cell already has resources it's supposed to have, but doesn't get rate limited in the use of them, allow it to grow, divide, and multiply.
Two fundamentally different problems.
The problem with predicting where to go to stop crimes is that many of the crimes in Chicago are gang related, instead of property related. Houses to be robbed don't move, but rival gang members can be found anywhere. Predictive algorithms assume fixed targets.
If there was a real crackdown on Gangs, crime would decrease for a while, but I think that too many bribes are preventing that from happening. It would be far better to legalize drugs, defunding the gangs.
Of course, as a privileged white male from the suburbs, I could be wrong.
If we eliminate ambient authority, it would go a long way towards fixing this whole mess. Having operating systems which blindly trust applications to do the right thing is just stupid. This was figured out back in the early 1970s, but nobody seems to have learned the lesson.
Capability Based Security is a way to never trusting applications, in a user friendly way... just raising awareness of it is a good first start.
As long as our operating systems assume programs can be trusted, there will be no effective computer security. The Brexit has no effect on the current stupidity.