corporations need to protect both themselves and their employees.
Corporations have more leeway to do such things than a Federal agency, though, correct? While a corporation would be subject to state laws regarding sexual harrassment in the workplace, you are subject to federal guidelines. Is this right?
Any cogent whitepapers out there detailing SMTP reform using digital signatures?
Most of the stuff I've been reading on PKI don't extend the problem set to Email verification on a global scale.
I use digitial signatures with PGP, and people who know me, can tell if the mail has been spoofed, if they are also running PGP. But that's a very small set. We use public keyring servers to upload our public keys.
Thinking seriously about the problem is difficult. Every solution I think of has an obvious weakness. Early on in the 90's, when I ran a small (500 user) ISP, it used to piss me off that all SMTP senders didn't have reverse DNS lookup. I hacked sendmail to drop mail from recipients that didn't reverse resolve. That, as you might imagine, didn't last long.
I then began quite enamored by a whitepaper that I read from a graduate student at the University of Washington. It detailed a plan for embedding a kind of "reverse traceroute" in the IP header of every packet sent. When you got a packet with a forged src-ip, the actual traceroute it took was embedded in the header of the packet. He managed to devise a way to represent the route in hex in a way that didn't blow past the IP header specs. I forget if he was "borrowing" the TOS field or what. Then I realized that was never going to happen, and even if it somehow found it's way into router code, many ISPs would probably disable it.
The question of doing strong authentication against an incoming SMTP connection always ends up being a Layer 8 discussion about who is the root of trust. Any opt-in system with a set of root trust delegators like Verisign would meet with widespread dissent at first, but could take hold over time. But I think rebeliions would take hold in large sections of the net. If you thought Alternet DNS was bad, imagine the ways a system like that would be corrupted. People would join the hierarchy of trust and then allow SMTP relaying to happen, deliberately, just to break the system down. Your machine would be busy every day just downloading revocation lists deciding who to trust THAT DAY.
I think the final answer is, everyone should just shut Email down, and the whole world has to use Google's GMail. All those Ph.Ds over there at Google, we can trust those guys to do the right thing, no?
Read all about the way that Monsanto decimated an entire area with PCBs, maiming entire generations of people. Some quite horrifically. Get your water tested for lead levels. It makes the Erin Brockovich story look like a day at the carnival.
Help out, be green. Pay a few extra bucks for a green mobo. Pay 25% more. Lead products in landfills do amazingly nasty things to water supplies.
So now that you've determined that it was the owner's wife's husband's 2nd cousin, or whatever, why hasn't there been a malicious prosecution suit filed against him. Incorrectly informing the FBI for purposes of harassing somebody is a crime. At least start an identity theft campaign against him and make his life miserable.
Seriously, when people think about how the Internet infrastructure might be attacked, isn't the smart money still on DNS? Attacking BGP is an uphill battle of epic proportions. Routing protocols are DESIGNED to be resillient in the face of such things.
The article is being presented at CanSecWest, and is called "Slipping in the Window" by Paul A. Watson. I have two friends at CanSecWest, I've asked them to attend and report back what the feeling is.
NANOG members are talking about it, and several regional Tier-1 players have already issued customer notifications.
This exploit goes up against TCP connections that have been established for long periods of time. i.e. not web connections. The most prevalent would be BGP peer connections, which can be up for days on end easily. Without having read details, or the paper itself, by forging packets of BGP peers with adjusted window sizes, you can cause a router to reset (possibly hang, depending on IOS or JunoOS version, not sure about this) it's BGP peer connection. If you were doing eBGP and had your own AS, a directed attack against your gateway routers could force flapping, which would cause route dampening, and lead to denial of service.
What you need to do, is contact your ISP if you are an enterprise network admin, and establish MD5 authentication on your BGP sessions. Check with Cisco or Juniper and find out if your code will drop non-MD5 BGP packets directed at it. An ACL won't do, the attacker would forge the src-ip of a known peer.
This is a completely non-trivial attack to coordinate. You need to know the IP address of the BGP peer of a customer, or the route reflector, and then get the IP address right in an attempt to bypass ACLs and get the BGP session to hang. eBGP multihop means that IP could be any number of routers, and unless you have inside info, you don't know what it is.
Potentially, looking glasses could be used to mount attacks at NAPs or other peering points, but again, I think the major players will be ready for it very shortly, and will spend most of today (if they are any good) coordinating with legal teams to slam the shit out of any forged sessions they see, and start cooperating to run traces with other providers.
If I could editorialize one moment, none of this would be an issue if providers took better care to implement anti-spoofing techniques. Forged src-ip addresses are the bane of security. Most of these attacks don't care about 2-way communcations, they just want to reset connections. Spoofed src-ip lets them do that. Rant off.
Now that Billy G and Scotty are buds, maybe they can send down some CPU fluffers from Redmond. After all, Microsoft specializes in keeping it up. Or so they say...
I used to poke by Yahoo news or CNN each day. I started to dislike the way CNN covered some things. Not liberal or conservative, but rather omissions of information reflecting both sides of the spectrum. Basically, poor writing.
So, I switched to Google News. Suddenly, what was "hot" was decided by the number of online sources writing about it. I started reading online periodicals I never hit before, like channelasia.com and reuters. Story accuracy and viewpoint was nicely indexed and facts could be cross-checked.
Now, I only use Google news. It creates the counterbalancing effect to sites that specialize in scoops and poor fact checking. If a story breaks, you immediately can read through 15 different viewpoints on it.
This is the power of the net, the pluralism of news sources. No single entity without indexing technology can achieve what Google has. With one swoop of the web spider, Google has acted as a counterbalance to large corporate media empires sucking up the number of radio and tv outlets. Fight so that it doesn't get regulated away.
I got a 36" Sony XBR and a Tivo and got sucked in. Sopranos, HBO boxing on Saturday nights, started watching the NHL playoffs (last year). I knew it was bad. I knew I was going down the "joe six-pack" road. Started laying off the bike and gym to play a little Xbox and watch a game. It was keeping me from my SANS studies. I knew I needed a plan.
I saw this article on CNN last year, and went out and got that stuff. Sold the Sony, sold the integrated tuner/Tivo. Hooked it up to a low cost DirecTV tuner only and dish.
I started watching TV in a window on my computer. Slowly, I started backgrounding the window, and would IRC, and then code a little, and then slowly, started using it less and less. The software still gave me the Tivo function, so I could take a break and still FF through commercials.
I highly recommend this approach. Get the fucking big box out of the house. Re-arrange your furniture. Spend the money on a good monitor, 21" or larger, non-plasma. Get the tuner card. Wean yourself off. If you have a family or SO that enjoys "movie night" - do them and yourself a favor. Go to the cinema. Get the hell out of the house.
Microsoft faced further embarrassment this week when it warned about more security flaws in its software. Meanwhile Linux, which hackers tend not to target, looks safe in comparison.
Does he have evidence that hackers tend not to target Linux? Cause the OpenSSL problems have been a real inconvenience to me lately. That was a vulnerability that was pointed out rather than a exploit, but there have been worms for Linux and other UNIXes. I remind people of the 1998 Sun/Solaris RPC vulnerability that people wrote worms for.
It pisses me off when writers say things like that. They have no hard statistics to back it up, and it just lets the Microsoft cover story of "there are more problems found, because everybody targets us" run unchallenged. No objective look at the O/S architectures can be done outside of Redmond, because the source isn't open.
Erm...uh...how does her $86k salary show that more money = better education? Doesn't it show the exact opposite, that high salary does not equal informed teacher?
If I had a teacher that said object orientation meant using a GUI I would have to stand up and bitch slap them. I couldn't help myself.
Misreadings are common on slashdot...
I never said LDAP was invented by Microsoft. It was invented at the University of Michigan as a lightweight X.500 implementation. Nevertheless, pointing out that AD interfaces with LDAP is an important point. I'm sorry if you inferred that it was invented by Microsoft.
I contend that had Novell given up on IPX based Netware, and converted earlier to TCP/IP with GINA integration (which they eventually did), they may have had better market penetration. I would ask you to prove your assertion that IPX/SPX is still "widely used". It's a great deal different than saying it's still around and in use in one or two departments.
Despite your claim of 3rd party stacks not having caught on "period", you are flat out wrong. It's the kind of niggling distinction that WFW 3.11 had a TCP/IP stack that you can expect the pedantic on slashdot to come up with. Windows 95 was the first major new release of Windows to ship with TCP/IP. Windows 3.1 did not have it, and Netmanage's Chameleon and other 3rd party IP stacks were in wide use. Sorry you didn't see it.
The fact is, no anti-trust legislation has been introduced and no new cases files against Microsoft under the Bush administration. Remind me, exactly, which administration was in power when the DoJ suit was filed? Uh-huh.
If Port knocking was such a good idea, why isn't it in IPv6? Or something like it, where service ports are only exposed with a key sequence?
The answer is because more advanced protocols that set up encrypted tunnels exist to do this, and have far more uses. If you want to secure your Linux box badly enough to implement port knocking, and go to the trouble of giving other people the knock sequence (let's call this 'the key') then just compile FreeSWAN or one of the spinoff IPSEC variants and let ISAKMP do that work for you. It was designed to do something port knocking was not - thwart man in the middle attacks using Diffie-Hellman.
(http://www.netip.com/articles/keith/diffie-helman.htm)
Do yourself a big big favor, don't re-invent the wheel.
The problem you refer to is not unique to Microsoft, however. Lib linking under Linux, for example. Binary incompatibility occured with variants of libc. Somebody with better linux history can tell you when the switch to GNU libc happened. Lots of stuff broke, a great deal of stuff needed to be recompiled.
In remote desktop standards, XDMCP seems a mishmash, getting it running with gdm is a PITA. At least Windows Terminal Services works correctly most everywhere. And when the altered the RTP based protocol it used, it was easy to get the new client.
And, lastly, say what you will, but the state of driver management is not equal between Windows and Linux. It is much harder to keep good drivers running in Linux.
There is much to be learned from the history of technology companies. When I was born, there was a company that rightfully should have been a monster today - Honeywell. IBM was down and nearly out after they let the PC revolution pass them by, and gave away the O/S to Microsoft.
Every era has a window of opportunity. The window to unseat Microsoft came during the Internet's years of matriculation into the private sector and commercial use. I peg this era as 1991-1997 or so.
Microsoft was very late to the game. Companies such as Chameleon (sp?) made TCP/IP stacks for Windows 3.1 and the guys at U of Illinois NCSA were building on Tim Berner's Lee papers on SGML, putting a new spec together called HTML. Sun was firmly entrenched in most of University higher education, in scientific and performance computing. Apple had run with the ideas from Xerox Parc and the Macs were clearly ahead with respect to networking, albeit they clung too heavily to an in-house networking protocol called Appletalk that had serious scalability issues instead of seeing the value in TCP/IP.
But, some events came together to slow things down and let the window of opportunity slide shut. No UNIX vendor of the time, such as SGI, HP or Sun or IBM could establish dominance and push standards. They fought for the same merket share and stole each others salespeople. A free UNIX came on the scene with the creation of Minix and then Linux, as hobbyists started to prefer something they could tinker with on cheap Intel hardware to commercial UNIX offerings.
Microsoft started to see what was up. They put TCP/IP into Windows 95, and closed the door on the market of IP stack vendors. Companies such as Exceed created Windows tools to get into X, which allowed Microsoft to sit around in places where a diskless workstation might otherwise have gone. Intel hardware continued to follow a price/performance curve that companies like Sun could not match with the Sparc and ultraSparc line.
The window of opportunity began to close. now Microsoft had moved into a new phase of it's history and quickly established product groups to smash and grab technology. They partnered with Sybase, and then fucked them over, essentially taking the code to Sybase RBDMS and making a SQL server offering. It still was nowhere near best of breed, but they started to build the "moat" strategy to fill in gaps. Memos leaked that detailed the strategy to give away the browser, unseating Mosaic and the newly formed commercial variant stolen by Andressen from NCSA, Netscape. Players like jim Barksdale, once considered gurus of the industry, didn't have a counter-strategy. Netscape salespeople continued to demand licenses from large enterprises despite knowing that IE was bundled. Instead they turned to the DoJ, and a lawsuit was prepared.
The lawsuit, too limited in scope and without rational remedies, tied the court up. Despite calling Bill Gates to the stand and embarassing him, no real damage was done to Microsoft. The companies that had been demanding backwards compatibility since the days of Lotus 1-2-3 in DOS, were not interested in foregoing years of application investment.
Microsoft famously bragged that it spent almost no money lobbying. Gates realized the errors of his ways, and dollars from redmond began pouring into campaign coffers. The election of GWB sealed the deal, the DoJ would no longer seek to break Microsoft apart.
Now, the window is closed, at least for awhile. The upstart Intel based UNIX grew, spearheaded by an unlikely hero. Ported to various other CPU architectures earlier in life, and bundled with a desktop environment and applications, it began to threaten the now entrenched Microsoft. But, in all likihood, it is not the real threat to Microsoft's power. That comes in the next wave of computing - handheld computing and embedded devices, where Windows CE had not taken firm hold.
Microsoft has changed radically from where it was. It rose to destroy challengers like Novell, whose NDS was tho
Re:Timmy the Wet Blanket
on
Paid To Spam
·
· Score: 1
Oh, and by the way, they will need your paypal account information, including your password.
For starters, the webserver should have been running apache, so it wouldn't have been slashdotted. Nothing worse than not having to read an article bashing the open source movement, because the IIS server was slashdotted....
This reminds me of the Star Trek NG movie, the one where they go back in time to fight the Borg, and help Earth develop the warp drive. There is this woman, and she is giving a speech to Picard. Picard explains that in the 24th Century, the accumulation of wealth is no longer the driving force of mankind.
Well, I don't know my Star Trek canon very well, I'm only the most casual of ST watchers. But a nuclear war is the only thing that would cause "mankind" to essentially radically shift their nature so fundamentally. Because right now, kids in the middle east are taught things like "When an American fills his tank with gas, he fills it with Islamic Blood." I read that in TIME or on MSNBC, I forget.
Point is, the entire planet is really in a war for oil and money, only thinly veiled as religious fundamentalism. Fundamentalism the fulcrum by which the masses are made to move, Islamic in the middle east and Christian here in the U.S. The real war is for wealth, and oil = wealth.
Now, you say the Corporation can suffer for the good of humanity. The only instrument that exists to curb the power of private entities is government. Socialism is the government that most closely advocates the greater good, as determined by an intellectual elite. Star Trek and the "federation" is clearly a socialist ideal.
Good luck advocating socialism in the Bush run U.S. You may well be hung for treason. In fact, I think that ugly witch, Ann Coulter, actually advocates hanging socialists for treason. So much for freedom of ideas.
Anyhow, you may disagree that this is the logical conclusion of your statements, but that's what it seems to be. I'm not personally putting in a judgement on a Capitalist Democracy versus a Socialst Democracy, there are arguments on both sides. The power of the U.S. economy as compared to Canada isn't entirely about access to natural resources, I'll just leave it at that.
Despite what Bernie Eccelstone says, F1 cars are practically driving themselves. This year, he threw out launch control and three years ago he banned 2-way telemetry, since cars were dynamically adjusting things like brake bias on every turn.
F1 should embrace this stuff, and eventually go to a driverless format. You think I'm joking, but I'm not. Ferrari, BMW, Mercedes and jaguar, along with Honda and Toyota and Ford, should all be duking it out to create the ultimate race car, minus a pilot.
At this point, F1 is only really about the tech anyhow, and Montoya has been saying for a couple years now that F1 cars could break the one minute threshold at Indy, except that the human body can't stand that much force, esp. in braking. Baaaaah, toss em! Let's see cars that absolutely FLY. It needs 4 wheels, and it has a weight and dimension minimum, and then, it's all on from there! THe advances those guys would make would be gigantic in just a few years.
Read the book "intel Inside". The insider account of the culture of fear and paranoia fostered at Intel, with propaganda posters on the wall about how "it's nice to work at Intel", constant employee surveillance, the Randall Schwartz of Perl fame lawsuit, etc etc.
It's Orwellian nature makes it perfectly suited for Japanese culture. Should be a slam dunk. Except, as another slashdotter pointed out, the profits are rolling back to Andy Grove and his clan. The Intellies probably cut some deal with Taiwan and a Japanese company lost out, and before you know it, the offices are being raided.
With Intel's culture, a government raid is the biggest kick in the balls you could deliver. Start going through computer files and the network there, and people would be flipping out. What if they uncovered the AMD sabotage plot?
Slashdot Mirror
corporations need to protect both themselves and their employees.
Corporations have more leeway to do such things than a Federal agency, though, correct? While a corporation would be subject to state laws regarding sexual harrassment in the workplace, you are subject to federal guidelines. Is this right?
Any cogent whitepapers out there detailing SMTP reform using digital signatures?
Most of the stuff I've been reading on PKI don't extend the problem set to Email verification on a global scale.
I use digitial signatures with PGP, and people who know me, can tell if the mail has been spoofed, if they are also running PGP. But that's a very small set. We use public keyring servers to upload our public keys.
Thinking seriously about the problem is difficult. Every solution I think of has an obvious weakness. Early on in the 90's, when I ran a small (500 user) ISP, it used to piss me off that all SMTP senders didn't have reverse DNS lookup. I hacked sendmail to drop mail from recipients that didn't reverse resolve. That, as you might imagine, didn't last long.
I then began quite enamored by a whitepaper that I read from a graduate student at the University of Washington. It detailed a plan for embedding a kind of "reverse traceroute" in the IP header of every packet sent. When you got a packet with a forged src-ip, the actual traceroute it took was embedded in the header of the packet. He managed to devise a way to represent the route in hex in a way that didn't blow past the IP header specs. I forget if he was "borrowing" the TOS field or what. Then I realized that was never going to happen, and even if it somehow found it's way into router code, many ISPs would probably disable it.
The question of doing strong authentication against an incoming SMTP connection always ends up being a Layer 8 discussion about who is the root of trust. Any opt-in system with a set of root trust delegators like Verisign would meet with widespread dissent at first, but could take hold over time. But I think rebeliions would take hold in large sections of the net. If you thought Alternet DNS was bad, imagine the ways a system like that would be corrupted. People would join the hierarchy of trust and then allow SMTP relaying to happen, deliberately, just to break the system down. Your machine would be busy every day just downloading revocation lists deciding who to trust THAT DAY.
I think the final answer is, everyone should just shut Email down, and the whole world has to use Google's GMail. All those Ph.Ds over there at Google, we can trust those guys to do the right thing, no?
Read all about the way that Monsanto decimated an entire area with PCBs, maiming entire generations of people. Some quite horrifically. Get your water tested for lead levels. It makes the Erin Brockovich story look like a day at the carnival.
Help out, be green. Pay a few extra bucks for a green mobo. Pay 25% more. Lead products in landfills do amazingly nasty things to water supplies.
So now that you've determined that it was the owner's wife's husband's 2nd cousin, or whatever, why hasn't there been a malicious prosecution suit filed against him. Incorrectly informing the FBI for purposes of harassing somebody is a crime. At least start an identity theft campaign against him and make his life miserable.
Let's not leave Vixie out... DNS2.
Seriously, when people think about how the Internet infrastructure might be attacked, isn't the smart money still on DNS? Attacking BGP is an uphill battle of epic proportions. Routing protocols are DESIGNED to be resillient in the face of such things.
TCP resets YOU!!!
Sorry, I just had to...
The article is being presented at CanSecWest, and is called "Slipping in the Window" by Paul A. Watson. I have two friends at CanSecWest, I've asked them to attend and report back what the feeling is.
NANOG members are talking about it, and several regional Tier-1 players have already issued customer notifications.
This exploit goes up against TCP connections that have been established for long periods of time. i.e. not web connections. The most prevalent would be BGP peer connections, which can be up for days on end easily. Without having read details, or the paper itself, by forging packets of BGP peers with adjusted window sizes, you can cause a router to reset (possibly hang, depending on IOS or JunoOS version, not sure about this) it's BGP peer connection. If you were doing eBGP and had your own AS, a directed attack against your gateway routers could force flapping, which would cause route dampening, and lead to denial of service.
What you need to do, is contact your ISP if you are an enterprise network admin, and establish MD5 authentication on your BGP sessions. Check with Cisco or Juniper and find out if your code will drop non-MD5 BGP packets directed at it. An ACL won't do, the attacker would forge the src-ip of a known peer.
This is a completely non-trivial attack to coordinate. You need to know the IP address of the BGP peer of a customer, or the route reflector, and then get the IP address right in an attempt to bypass ACLs and get the BGP session to hang. eBGP multihop means that IP could be any number of routers, and unless you have inside info, you don't know what it is.
Potentially, looking glasses could be used to mount attacks at NAPs or other peering points, but again, I think the major players will be ready for it very shortly, and will spend most of today (if they are any good) coordinating with legal teams to slam the shit out of any forged sessions they see, and start cooperating to run traces with other providers.
If I could editorialize one moment, none of this would be an issue if providers took better care to implement anti-spoofing techniques. Forged src-ip addresses are the bane of security. Most of these attacks don't care about 2-way communcations, they just want to reset connections. Spoofed src-ip lets them do that. Rant off.
Now that Billy G and Scotty are buds, maybe they can send down some CPU fluffers from Redmond. After all, Microsoft specializes in keeping it up. Or so they say...
I used to poke by Yahoo news or CNN each day. I started to dislike the way CNN covered some things. Not liberal or conservative, but rather omissions of information reflecting both sides of the spectrum. Basically, poor writing.
So, I switched to Google News. Suddenly, what was "hot" was decided by the number of online sources writing about it. I started reading online periodicals I never hit before, like channelasia.com and reuters. Story accuracy and viewpoint was nicely indexed and facts could be cross-checked.
Now, I only use Google news. It creates the counterbalancing effect to sites that specialize in scoops and poor fact checking. If a story breaks, you immediately can read through 15 different viewpoints on it.
This is the power of the net, the pluralism of news sources. No single entity without indexing technology can achieve what Google has. With one swoop of the web spider, Google has acted as a counterbalance to large corporate media empires sucking up the number of radio and tv outlets. Fight so that it doesn't get regulated away.
I got a 36" Sony XBR and a Tivo and got sucked in. Sopranos, HBO boxing on Saturday nights, started watching the NHL playoffs (last year). I knew it was bad. I knew I was going down the "joe six-pack" road. Started laying off the bike and gym to play a little Xbox and watch a game. It was keeping me from my SANS studies. I knew I needed a plan.
I saw this article on CNN last year, and went out and got that stuff. Sold the Sony, sold the integrated tuner/Tivo. Hooked it up to a low cost DirecTV tuner only and dish.
I started watching TV in a window on my computer. Slowly, I started backgrounding the window, and would IRC, and then code a little, and then slowly, started using it less and less. The software still gave me the Tivo function, so I could take a break and still FF through commercials.
I highly recommend this approach. Get the fucking big box out of the house. Re-arrange your furniture. Spend the money on a good monitor, 21" or larger, non-plasma. Get the tuner card. Wean yourself off. If you have a family or SO that enjoys "movie night" - do them and yourself a favor. Go to the cinema. Get the hell out of the house.
Microsoft faced further embarrassment this week when it warned about more security flaws in its software. Meanwhile Linux, which hackers tend not to target, looks safe in comparison.
Does he have evidence that hackers tend not to target Linux? Cause the OpenSSL problems have been a real inconvenience to me lately. That was a vulnerability that was pointed out rather than a exploit, but there have been worms for Linux and other UNIXes. I remind people of the 1998 Sun/Solaris RPC vulnerability that people wrote worms for.
It pisses me off when writers say things like that. They have no hard statistics to back it up, and it just lets the Microsoft cover story of "there are more problems found, because everybody targets us" run unchallenged. No objective look at the O/S architectures can be done outside of Redmond, because the source isn't open.
Erm...uh...how does her $86k salary show that more money = better education? Doesn't it show the exact opposite, that high salary does not equal informed teacher?
If I had a teacher that said object orientation meant using a GUI I would have to stand up and bitch slap them. I couldn't help myself.
WEP is being replaced by 802.11i also called WPA. Win XP already supports WPA.
But, you'd be surprised at what porno certain celebrities order.(I can't be any more specific than that)
Oh, come on. Does Michael Jackson have the kiddies bouncing up and down on pogo sticks channel?
Microsoft would look at the deal objectively, and not emotionally, the way you did.
I love snide ad-hominem BS like this. It's the reason slashdot has become a cesspool.
Misreadings are common on slashdot... I never said LDAP was invented by Microsoft. It was invented at the University of Michigan as a lightweight X.500 implementation. Nevertheless, pointing out that AD interfaces with LDAP is an important point. I'm sorry if you inferred that it was invented by Microsoft.
I contend that had Novell given up on IPX based Netware, and converted earlier to TCP/IP with GINA integration (which they eventually did), they may have had better market penetration. I would ask you to prove your assertion that IPX/SPX is still "widely used". It's a great deal different than saying it's still around and in use in one or two departments.
Despite your claim of 3rd party stacks not having caught on "period", you are flat out wrong. It's the kind of niggling distinction that WFW 3.11 had a TCP/IP stack that you can expect the pedantic on slashdot to come up with. Windows 95 was the first major new release of Windows to ship with TCP/IP. Windows 3.1 did not have it, and Netmanage's Chameleon and other 3rd party IP stacks were in wide use. Sorry you didn't see it.
The fact is, no anti-trust legislation has been introduced and no new cases files against Microsoft under the Bush administration. Remind me, exactly, which administration was in power when the DoJ suit was filed? Uh-huh.
Enjoy...
If Port knocking was such a good idea, why isn't it in IPv6? Or something like it, where service ports are only exposed with a key sequence?
n .htm)
The answer is because more advanced protocols that set up encrypted tunnels exist to do this, and have far more uses. If you want to secure your Linux box badly enough to implement port knocking, and go to the trouble of giving other people the knock sequence (let's call this 'the key') then just compile FreeSWAN or one of the spinoff IPSEC variants and let ISAKMP do that work for you. It was designed to do something port knocking was not - thwart man in the middle attacks using Diffie-Hellman.
(http://www.netip.com/articles/keith/diffie-helma
Do yourself a big big favor, don't re-invent the wheel.
The problem you refer to is not unique to Microsoft, however. Lib linking under Linux, for example. Binary incompatibility occured with variants of libc. Somebody with better linux history can tell you when the switch to GNU libc happened. Lots of stuff broke, a great deal of stuff needed to be recompiled.
In remote desktop standards, XDMCP seems a mishmash, getting it running with gdm is a PITA. At least Windows Terminal Services works correctly most everywhere. And when the altered the RTP based protocol it used, it was easy to get the new client.
And, lastly, say what you will, but the state of driver management is not equal between Windows and Linux. It is much harder to keep good drivers running in Linux.
There is much to be learned from the history of technology companies. When I was born, there was a company that rightfully should have been a monster today - Honeywell. IBM was down and nearly out after they let the PC revolution pass them by, and gave away the O/S to Microsoft.
Every era has a window of opportunity. The window to unseat Microsoft came during the Internet's years of matriculation into the private sector and commercial use. I peg this era as 1991-1997 or so.
Microsoft was very late to the game. Companies such as Chameleon (sp?) made TCP/IP stacks for Windows 3.1 and the guys at U of Illinois NCSA were building on Tim Berner's Lee papers on SGML, putting a new spec together called HTML. Sun was firmly entrenched in most of University higher education, in scientific and performance computing. Apple had run with the ideas from Xerox Parc and the Macs were clearly ahead with respect to networking, albeit they clung too heavily to an in-house networking protocol called Appletalk that had serious scalability issues instead of seeing the value in TCP/IP.
But, some events came together to slow things down and let the window of opportunity slide shut. No UNIX vendor of the time, such as SGI, HP or Sun or IBM could establish dominance and push standards. They fought for the same merket share and stole each others salespeople. A free UNIX came on the scene with the creation of Minix and then Linux, as hobbyists started to prefer something they could tinker with on cheap Intel hardware to commercial UNIX offerings.
Microsoft started to see what was up. They put TCP/IP into Windows 95, and closed the door on the market of IP stack vendors. Companies such as Exceed created Windows tools to get into X, which allowed Microsoft to sit around in places where a diskless workstation might otherwise have gone. Intel hardware continued to follow a price/performance curve that companies like Sun could not match with the Sparc and ultraSparc line.
The window of opportunity began to close. now Microsoft had moved into a new phase of it's history and quickly established product groups to smash and grab technology. They partnered with Sybase, and then fucked them over, essentially taking the code to Sybase RBDMS and making a SQL server offering. It still was nowhere near best of breed, but they started to build the "moat" strategy to fill in gaps. Memos leaked that detailed the strategy to give away the browser, unseating Mosaic and the newly formed commercial variant stolen by Andressen from NCSA, Netscape. Players like jim Barksdale, once considered gurus of the industry, didn't have a counter-strategy. Netscape salespeople continued to demand licenses from large enterprises despite knowing that IE was bundled. Instead they turned to the DoJ, and a lawsuit was prepared.
The lawsuit, too limited in scope and without rational remedies, tied the court up. Despite calling Bill Gates to the stand and embarassing him, no real damage was done to Microsoft. The companies that had been demanding backwards compatibility since the days of Lotus 1-2-3 in DOS, were not interested in foregoing years of application investment.
Microsoft famously bragged that it spent almost no money lobbying. Gates realized the errors of his ways, and dollars from redmond began pouring into campaign coffers. The election of GWB sealed the deal, the DoJ would no longer seek to break Microsoft apart.
Now, the window is closed, at least for awhile. The upstart Intel based UNIX grew, spearheaded by an unlikely hero. Ported to various other CPU architectures earlier in life, and bundled with a desktop environment and applications, it began to threaten the now entrenched Microsoft. But, in all likihood, it is not the real threat to Microsoft's power. That comes in the next wave of computing - handheld computing and embedded devices, where Windows CE had not taken firm hold.
Microsoft has changed radically from where it was. It rose to destroy challengers like Novell, whose NDS was tho
Oh, and by the way, they will need your paypal account information, including your password.
For starters, the webserver should have been running apache, so it wouldn't have been slashdotted. Nothing worse than not having to read an article bashing the open source movement, because the IIS server was slashdotted....
This reminds me of the Star Trek NG movie, the one where they go back in time to fight the Borg, and help Earth develop the warp drive. There is this woman, and she is giving a speech to Picard. Picard explains that in the 24th Century, the accumulation of wealth is no longer the driving force of mankind.
Well, I don't know my Star Trek canon very well, I'm only the most casual of ST watchers. But a nuclear war is the only thing that would cause "mankind" to essentially radically shift their nature so fundamentally. Because right now, kids in the middle east are taught things like "When an American fills his tank with gas, he fills it with Islamic Blood." I read that in TIME or on MSNBC, I forget.
Point is, the entire planet is really in a war for oil and money, only thinly veiled as religious fundamentalism. Fundamentalism the fulcrum by which the masses are made to move, Islamic in the middle east and Christian here in the U.S. The real war is for wealth, and oil = wealth.
Now, you say the Corporation can suffer for the good of humanity. The only instrument that exists to curb the power of private entities is government. Socialism is the government that most closely advocates the greater good, as determined by an intellectual elite. Star Trek and the "federation" is clearly a socialist ideal.
Good luck advocating socialism in the Bush run U.S. You may well be hung for treason. In fact, I think that ugly witch, Ann Coulter, actually advocates hanging socialists for treason. So much for freedom of ideas.
Anyhow, you may disagree that this is the logical conclusion of your statements, but that's what it seems to be. I'm not personally putting in a judgement on a Capitalist Democracy versus a Socialst Democracy, there are arguments on both sides. The power of the U.S. economy as compared to Canada isn't entirely about access to natural resources, I'll just leave it at that.
What was the paper about? You don't live in Colorado do you?
Despite what Bernie Eccelstone says, F1 cars are practically driving themselves. This year, he threw out launch control and three years ago he banned 2-way telemetry, since cars were dynamically adjusting things like brake bias on every turn.
F1 should embrace this stuff, and eventually go to a driverless format. You think I'm joking, but I'm not. Ferrari, BMW, Mercedes and jaguar, along with Honda and Toyota and Ford, should all be duking it out to create the ultimate race car, minus a pilot.
At this point, F1 is only really about the tech anyhow, and Montoya has been saying for a couple years now that F1 cars could break the one minute threshold at Indy, except that the human body can't stand that much force, esp. in braking. Baaaaah, toss em! Let's see cars that absolutely FLY. It needs 4 wheels, and it has a weight and dimension minimum, and then, it's all on from there! THe advances those guys would make would be gigantic in just a few years.
Read the book "intel Inside". The insider account of the culture of fear and paranoia fostered at Intel, with propaganda posters on the wall about how "it's nice to work at Intel", constant employee surveillance, the Randall Schwartz of Perl fame lawsuit, etc etc.
It's Orwellian nature makes it perfectly suited for Japanese culture. Should be a slam dunk. Except, as another slashdotter pointed out, the profits are rolling back to Andy Grove and his clan. The Intellies probably cut some deal with Taiwan and a Japanese company lost out, and before you know it, the offices are being raided.
With Intel's culture, a government raid is the biggest kick in the balls you could deliver. Start going through computer files and the network there, and people would be flipping out. What if they uncovered the AMD sabotage plot?