What it shows is that attacks will continue against just about every major US chain and their *contractors*, because there's a payoff for stealing info. The Kroger incident is one of the ones that we know of; there are probably many more that we have no idea about because they weren't detected.
Corporate security ought to be flawless, and it's not and their contractors should be held to the same high standarrds. This, along with TJMax and any number of breaches is a compelling reason to rethink garnering customer data at all, and probably the concept of expunging it quickly after use, and forbidding resale of the data. But the marketers will never do this, even though they should.
No, it was George Flint, a young man from Wales. The lore is that he was banging rocks around 842BCE, and sparks flew, catching his little pile of pine needles on fire. George ran to Uck, who said, "do it again". Bang, George went. Uck killed George, then claimed to invent fire and got 72 virgins. Uck's decendants include Edison and Sarnoff.
That sounds good, until you talk to the folks that paid all of that money, did the work, etc., etc. You see, their mentality is based (at least partially) on a sense of referential integrity, coupled to ego.
When you look at a Wikipedia entry, would you believe a civilian, or an ostensible academian first? If someone puts their academic creds on the line, then it's tough on them if areas are argumentative, and dammit, almost everything is argumentative. So, do you spend your time arguing, or citing so many references as to bulletproof a Wikipedia entry, or go do something that pays off better?
I'm credentialed, but not in my field of endeavor. Does that make me better or worse? People that are brains for a living have a just a bit more credibility. Joes like me that have been in the trenches for 30yrs might sound good, but credibility comes with referential integrity, and that, largely, are what the universities are for.
I guess you missed all of the demotion in SP2. Wasn't much, but it was a start. And while you're correct in citing that lowly NT3.5x could have users and administrators, no one coded that way. Everyone had to be an administrator to work. SP2 started the chain completed partially in Vista, then a bit better in 7 to allow genuine user functionality in user space with user apps that could talk to the OS and get work and peripherals to work.
Even now, the use of the registry database is an architectural defect, as once you're inside it, you can screw things up as you please. Want a nice registry hive masquerading as a CSS hack? Using the right stuff, its slips right past every defense. Today. This minute. Even if you're patched-- zero-days waiting on a shelf.
Consumers were taught that Windows was a playground. Please customize it with all this neat stuff. Move stuff around. Add-on with glee. Don't worry about security. Your username and password will protect you-- even on those old LANMAN hashed passwords.
This isn't the forum to do a long debate on the merits of OS architecture. There's not a single one of them without fault. But Gate's choice (ultimately it was his) to merge NT with 98 into 2000 left lots of holes open to allow 'legacy' applications to work. Did they sandbox user space? No. Did they allow apps to run as root and things killing those apps to run root/kernel space? Yes. Were there more sins? Yes. Does BSD, MacOS, and Linux have similar sins? Yes-- but not as many, and not as many that makes one slap their forehead in revilement. After 30years of doing this shit, I've seen too much for you to change my mind. The facts are the facts. History is what it is.
There's another side, a bit more onerous than "well, everyone else is doing it, why shouldn't they buy from US??".
That side is that these are international contracts, that when breached, have lots of implications for other contracts/contractors in that country. Arbitrarily killing someone's important software (to them) is as good as aiding the enemy in their minds. The paradox is that you can't censor this software, and no guidelines or international law covers what to do when something you've sold is abused by a foreign government to the perceived problem of the US government or its people.
Do you believe that oil drilling is bad? Should we censor software and equipment that does that? Should we stop searches that produce results that we don't like?
Can you sell to GB, whose human rights record is occasionally dubious? Or can you say no to South Africa, whose record until a couple of decades ago was abysmal? Should Israel get it, but not Egypt?
You open a can of worms if you start turning off or refusing to ratioanally update software to various regimes. If they should be quaratined, as I believe the McAfee-Iran citation is claimed, the McAfee has a clear 'out' by government fiat. If not, who's to say that Jordan is worse than Syria or Bahrain?
Until XP SP2, which did the same thing as Vista, user was root/admin. A lot of software had to run as root, too, which Microsoft forced a demotion of when they changed this policy.
It's really the architecture, and irresponsibly bad QA, as well as rush to market problems.
All of this is about native thru iteratively more difficult hurdles for bot makers. When an OS is inherently more simple to root and bot, the OS seems very likely to have been poorly designed.
Now that XP SP2+ inhibits this, there have been further exploits through email and browser payloads that have caused innumerable machines to become bot'd.
If you divide that out, let's look at the iPad phenomenon, where they outsell a lot of stuff, and Apple's total end-user marketshare has climbed through the roof. In the wild, I've seen exactly zero machines that have been bot'd using iOS or MacOS. I've seen all of one Linux machine bot'd-- as an experiment. I've seen rootkits on Linux servers, to my chagrin. I've had one of my critical web Linux servers get rooted, but we killed it as we watched it become injected by changing DNS.
So it's not misleading. It is what it is. It was really really easy, jaw-dropping easy. Now it's tougher. MacOS has its own foibles as does Linux. Statistics doesn't really account for the problem: bad coding and architecture do.
Microsoft's operating system architecture allowed users to have admin privileges, among other architectural mistakes. Defaults were made so that HTML rendering was done by default, as well. Many users were infected because of incompetence-- not by sheer numbers.
FOSS coders have the same loathing for spam and lack of prosecution that other coders do. That Microsoft has taken down a botnet is laudable. Others ought to join in, too. But first, perhaps online email services ought to acknowledge the role the play in allowing spammers to do their work. Microsoft is one of the good guys here, acknowledging abuse complaints quickly, but others like AOL and Yahoo, don't even acknowledge a complaint, let alone act on them.
Botnets are one part of the problem, but even users trying to do their very best get infected. It's less so than before XP SP2+ editions, but there are very few non-Microsoft botnet members out there. Think about that.
The fiber routers really aren't that expensive, and if you're sensitive, converting fiber to copper isn't that expensive, either. If you're going to go thru the expense, you might as well do it right unless geography and nearby drops are in your favor. Fiber terminations aren't that much more expensive than copper, and deliver long term viability that's hard to beat. If budget's a problem, then your up-thread spanning-tree suggestion is viable.
Ask the people in Loma Linda CA about what it's like to have FTTH; most don't care because they have two Cat6 jacks in every living space provided by a router in the upstairs master bedroom of all new construction in most of the past decade. Yes, the LL installation is close-in, has an IDF in each housing addition. But the principal is the same, and the retrofit isn't that much more expensive even given long runs-- no repeaters are necessary and fiber jackets are pretty bullet-proof and even spliceable these days.
I'm really familiar with business and rural broadband systems design. You'll have to trust me on that. Fiber is the best solution for the long run; it's better to terminate it and route indoors to a home cable plant of some kind.... call it a rural IDF.
Somewhere there's a communication breakdown; if on my part, I apologize. I've seen utilities try IP over utility wires in various configurations, modulated twisted pairs, point-to-point hybrid systems involving elaborate towers and pringles cans, and much other strangeness. Were I to recommend to Congress what to do, it would involve fiber to the home each and every time, and make the transport open to any reasonable provider as a service, as is done in a few progressive installations/sites/geographies.
Fiber is easier than ever to install, aerially, buried, across ponds, lakes and rivers, and alongside much other stuff. It's my preference, save that Corning wants to dominate the world with its fiber offerings.
No, not rocket science, but it has its own politic.
If you ran Cat6 to a rural home than you made an expensive and WRONG choice at best, and used a hammer where a screwdriver should go. TSB-67 cable isn't designed for rural home runs at all; if you got any kind of data rate, it was through luck, not design.
I, too, get things done, and with a great deal of experience running an enormous variety of installations, I don't believe you. If you have the how, then why are you using the wrong stuff for long end runs?
At lower data rates, Cat6 is good for longer distances, but I also disagree that it makes a good choice. Even shielded twisted pairs just aren't good for rural distances. This is the reason why DSL doesn't go far from a central office: the signal degrades.
But wiring it up IS a problem. You need poles, easements, contractors, and terminations. None of it's cheap. And fiber is a great solution if you can afford it. Some people have used Hughes sat dishes, which work ok if you don't mind the latency and cost.
You need people to fix it after bad weather, that have pretty expensive rolling costs, like training, trucks, TDRs, repair gear, and you have to pay them, their insurance, and so on. It's not a trivial endeavor.
We need something like the REA for other utilities, like broadband, etc. Then there's the backhaul/interconnect. You could help get it subsidized, but then we're back to who can we afford to subsidize, and to what cost? The rural poor are especially left behind.
This connotes that both sender and receiver know when channels switch. In Bluetooth, there's frequency hopping that allows this, albeit at really low power. But if your device is at one channel, and must suddenly shift away, then sender and receiver must know what they are, otherwise you're a broadcaster. Low power broadcast is ok, within certain bounds in the US, given certain spectra.
When the low power device interferes with something in a licensed band, it could be critical equipment, public safety, FAA, ship-to-shore, and other services that you shouldn't fool with or inadvertently jam.
Overall, I think Microsoft can find what it needs by polling with a spectrum analyzer, rather than have a bunch of people think they're doing something useful like SETI.
1) you're not going reduce the demand for bandwidth, just like you're not going to make taxes go down, for long.
2) the whole point of wireless is mobility, not fixed point-to-point multicasting. The 802.11a/b/g/n frequency allocation sucks, although the a/n that uses 5Ghz has more non-interfering channel allocations. But density is not in your favor no matter what wise-ass antenna you try to use. There's leakage and uncontrollable other-device-location that will always thwart your design. Some over come this, but it's an endpoint problem that's really not covered at all by this misadventure that Microsoft is embarking on, and
3) You have no clue what it takes to do rural broadband, nor the problems of how twisted pair networking operates, over what kind of distances, and to what degree of external signal problems.
Not like that at all. I started back when this whole thing was called "data processing". IBM made you genuflect in front of your Systems 36... or you were made a priest of the VAX.... or you were one of those turncoats that used those damned 6502s, 8080s, and something called a paper-tape load to program your "personal" computer.
Civilians are end-users. They're not programmers, and shouldn't be. If you can write even a basic DOS batch file, you join the ranks of the self-served. It gets better from there, until you're a master of a language. Then you get journeyman papers and do something fun and/or useful.
The moniker has nothing to do with movies, Rambo, or DADT.
It's not huge competition in terms of statistical quantity. Yet distos like Ubuntu had done a very good job. Given the pain and suffering of Windows XP-7, I believe Linux is progressing-- not statistically-- but rather in terms of quality, variety of applications, and lifecycle ownership costs.
The iPad isn't OS X, it's iOS. There's a small difference, sure, but it's a derivative. Is it as closed as WM7? No. It's compromised in my judgment, but for its target market, it's doing very, very well. I'm not its target market. You probably aren't, either. Is it more open than Windows 7 Tablet Edition? I think not. More open than Android Honeycomb? No.
You touch on a good point. The dominance of Windows was tough to beat. MacOS X changed much of that, as did Linux. If you're a civilian, you just want to get work done. For a long time, Windows dominated for many reasons, some of them illegal competition. MacOS put more non-Windows machines in peoples hands than Linux did. Eventually, Ubuntu and some other distros could be used by civilians. Fine.
MacOS X gave Windows the competition that OS/2 couldn't and Linux (at the time) couldn't in the general market place. SunOS/Solaris couldn't do it. Apple actually innovated, rather than relying on a lot of hardware partners to do this. They were consistent, where Microsoft's architectural compromises cased huge incompatibility issues and security nightmares until they were resolved.
Slashdot Mirror
And in other news, there was news.
See last post. Would you trust Kroger with a robot guided grocery cart? ;)
What it shows is that attacks will continue against just about every major US chain and their *contractors*, because there's a payoff for stealing info. The Kroger incident is one of the ones that we know of; there are probably many more that we have no idea about because they weren't detected.
Corporate security ought to be flawless, and it's not and their contractors should be held to the same high standarrds. This, along with TJMax and any number of breaches is a compelling reason to rethink garnering customer data at all, and probably the concept of expunging it quickly after use, and forbidding resale of the data. But the marketers will never do this, even though they should.
No, it was George Flint, a young man from Wales. The lore is that he was banging rocks around 842BCE, and sparks flew, catching his little pile of pine needles on fire. George ran to Uck, who said, "do it again". Bang, George went. Uck killed George, then claimed to invent fire and got 72 virgins. Uck's decendants include Edison and Sarnoff.
That sounds good, until you talk to the folks that paid all of that money, did the work, etc., etc. You see, their mentality is based (at least partially) on a sense of referential integrity, coupled to ego.
When you look at a Wikipedia entry, would you believe a civilian, or an ostensible academian first? If someone puts their academic creds on the line, then it's tough on them if areas are argumentative, and dammit, almost everything is argumentative. So, do you spend your time arguing, or citing so many references as to bulletproof a Wikipedia entry, or go do something that pays off better?
I'm credentialed, but not in my field of endeavor. Does that make me better or worse? People that are brains for a living have a just a bit more credibility. Joes like me that have been in the trenches for 30yrs might sound good, but credibility comes with referential integrity, and that, largely, are what the universities are for.
And good riddance.
Mod parent up. I'll bet that Microsoft or Nokia paid for the study. Unless they know something we don't, their predictions smell of sycophancy.
I guess you missed all of the demotion in SP2. Wasn't much, but it was a start. And while you're correct in citing that lowly NT3.5x could have users and administrators, no one coded that way. Everyone had to be an administrator to work. SP2 started the chain completed partially in Vista, then a bit better in 7 to allow genuine user functionality in user space with user apps that could talk to the OS and get work and peripherals to work.
Even now, the use of the registry database is an architectural defect, as once you're inside it, you can screw things up as you please. Want a nice registry hive masquerading as a CSS hack? Using the right stuff, its slips right past every defense. Today. This minute. Even if you're patched-- zero-days waiting on a shelf.
Consumers were taught that Windows was a playground. Please customize it with all this neat stuff. Move stuff around. Add-on with glee. Don't worry about security. Your username and password will protect you-- even on those old LANMAN hashed passwords.
This isn't the forum to do a long debate on the merits of OS architecture. There's not a single one of them without fault. But Gate's choice (ultimately it was his) to merge NT with 98 into 2000 left lots of holes open to allow 'legacy' applications to work. Did they sandbox user space? No. Did they allow apps to run as root and things killing those apps to run root/kernel space? Yes. Were there more sins? Yes. Does BSD, MacOS, and Linux have similar sins? Yes-- but not as many, and not as many that makes one slap their forehead in revilement. After 30years of doing this shit, I've seen too much for you to change my mind. The facts are the facts. History is what it is.
Egads.
There's another side, a bit more onerous than "well, everyone else is doing it, why shouldn't they buy from US??".
That side is that these are international contracts, that when breached, have lots of implications for other contracts/contractors in that country. Arbitrarily killing someone's important software (to them) is as good as aiding the enemy in their minds. The paradox is that you can't censor this software, and no guidelines or international law covers what to do when something you've sold is abused by a foreign government to the perceived problem of the US government or its people.
Do you believe that oil drilling is bad? Should we censor software and equipment that does that? Should we stop searches that produce results that we don't like?
Can you sell to GB, whose human rights record is occasionally dubious? Or can you say no to South Africa, whose record until a couple of decades ago was abysmal? Should Israel get it, but not Egypt?
You open a can of worms if you start turning off or refusing to ratioanally update software to various regimes. If they should be quaratined, as I believe the McAfee-Iran citation is claimed, the McAfee has a clear 'out' by government fiat. If not, who's to say that Jordan is worse than Syria or Bahrain?
Until XP SP2, which did the same thing as Vista, user was root/admin. A lot of software had to run as root, too, which Microsoft forced a demotion of when they changed this policy.
It's really the architecture, and irresponsibly bad QA, as well as rush to market problems.
All of this is about native thru iteratively more difficult hurdles for bot makers. When an OS is inherently more simple to root and bot, the OS seems very likely to have been poorly designed.
Now that XP SP2+ inhibits this, there have been further exploits through email and browser payloads that have caused innumerable machines to become bot'd.
If you divide that out, let's look at the iPad phenomenon, where they outsell a lot of stuff, and Apple's total end-user marketshare has climbed through the roof. In the wild, I've seen exactly zero machines that have been bot'd using iOS or MacOS. I've seen all of one Linux machine bot'd-- as an experiment. I've seen rootkits on Linux servers, to my chagrin. I've had one of my critical web Linux servers get rooted, but we killed it as we watched it become injected by changing DNS.
So it's not misleading. It is what it is. It was really really easy, jaw-dropping easy. Now it's tougher. MacOS has its own foibles as does Linux. Statistics doesn't really account for the problem: bad coding and architecture do.
Microsoft's operating system architecture allowed users to have admin privileges, among other architectural mistakes. Defaults were made so that HTML rendering was done by default, as well. Many users were infected because of incompetence-- not by sheer numbers.
FOSS coders have the same loathing for spam and lack of prosecution that other coders do. That Microsoft has taken down a botnet is laudable. Others ought to join in, too. But first, perhaps online email services ought to acknowledge the role the play in allowing spammers to do their work. Microsoft is one of the good guys here, acknowledging abuse complaints quickly, but others like AOL and Yahoo, don't even acknowledge a complaint, let alone act on them.
Botnets are one part of the problem, but even users trying to do their very best get infected. It's less so than before XP SP2+ editions, but there are very few non-Microsoft botnet members out there. Think about that.
The fiber routers really aren't that expensive, and if you're sensitive, converting fiber to copper isn't that expensive, either. If you're going to go thru the expense, you might as well do it right unless geography and nearby drops are in your favor. Fiber terminations aren't that much more expensive than copper, and deliver long term viability that's hard to beat. If budget's a problem, then your up-thread spanning-tree suggestion is viable.
Ask the people in Loma Linda CA about what it's like to have FTTH; most don't care because they have two Cat6 jacks in every living space provided by a router in the upstairs master bedroom of all new construction in most of the past decade. Yes, the LL installation is close-in, has an IDF in each housing addition. But the principal is the same, and the retrofit isn't that much more expensive even given long runs-- no repeaters are necessary and fiber jackets are pretty bullet-proof and even spliceable these days.
I'm really familiar with business and rural broadband systems design. You'll have to trust me on that. Fiber is the best solution for the long run; it's better to terminate it and route indoors to a home cable plant of some kind.... call it a rural IDF.
Somewhere there's a communication breakdown; if on my part, I apologize. I've seen utilities try IP over utility wires in various configurations, modulated twisted pairs, point-to-point hybrid systems involving elaborate towers and pringles cans, and much other strangeness. Were I to recommend to Congress what to do, it would involve fiber to the home each and every time, and make the transport open to any reasonable provider as a service, as is done in a few progressive installations/sites/geographies.
Fiber is easier than ever to install, aerially, buried, across ponds, lakes and rivers, and alongside much other stuff. It's my preference, save that Corning wants to dominate the world with its fiber offerings.
No, not rocket science, but it has its own politic.
No.
If you ran Cat6 to a rural home than you made an expensive and WRONG choice at best, and used a hammer where a screwdriver should go. TSB-67 cable isn't designed for rural home runs at all; if you got any kind of data rate, it was through luck, not design.
I, too, get things done, and with a great deal of experience running an enormous variety of installations, I don't believe you. If you have the how, then why are you using the wrong stuff for long end runs?
At lower data rates, Cat6 is good for longer distances, but I also disagree that it makes a good choice. Even shielded twisted pairs just aren't good for rural distances. This is the reason why DSL doesn't go far from a central office: the signal degrades.
There's a lot of dark fiber out there.
But wiring it up IS a problem. You need poles, easements, contractors, and terminations. None of it's cheap. And fiber is a great solution if you can afford it. Some people have used Hughes sat dishes, which work ok if you don't mind the latency and cost.
You need people to fix it after bad weather, that have pretty expensive rolling costs, like training, trucks, TDRs, repair gear, and you have to pay them, their insurance, and so on. It's not a trivial endeavor.
We need something like the REA for other utilities, like broadband, etc. Then there's the backhaul/interconnect. You could help get it subsidized, but then we're back to who can we afford to subsidize, and to what cost? The rural poor are especially left behind.
This connotes that both sender and receiver know when channels switch. In Bluetooth, there's frequency hopping that allows this, albeit at really low power. But if your device is at one channel, and must suddenly shift away, then sender and receiver must know what they are, otherwise you're a broadcaster. Low power broadcast is ok, within certain bounds in the US, given certain spectra.
When the low power device interferes with something in a licensed band, it could be critical equipment, public safety, FAA, ship-to-shore, and other services that you shouldn't fool with or inadvertently jam.
Overall, I think Microsoft can find what it needs by polling with a spectrum analyzer, rather than have a bunch of people think they're doing something useful like SETI.
No, no, and no.
1) you're not going reduce the demand for bandwidth, just like you're not going to make taxes go down, for long.
2) the whole point of wireless is mobility, not fixed point-to-point multicasting. The 802.11a/b/g/n frequency allocation sucks, although the a/n that uses 5Ghz has more non-interfering channel allocations. But density is not in your favor no matter what wise-ass antenna you try to use. There's leakage and uncontrollable other-device-location that will always thwart your design. Some over come this, but it's an endpoint problem that's really not covered at all by this misadventure that Microsoft is embarking on, and
3) You have no clue what it takes to do rural broadband, nor the problems of how twisted pair networking operates, over what kind of distances, and to what degree of external signal problems.
Go fish.
Not like that at all. I started back when this whole thing was called "data processing". IBM made you genuflect in front of your Systems 36... or you were made a priest of the VAX.... or you were one of those turncoats that used those damned 6502s, 8080s, and something called a paper-tape load to program your "personal" computer.
Civilians are end-users. They're not programmers, and shouldn't be. If you can write even a basic DOS batch file, you join the ranks of the self-served. It gets better from there, until you're a master of a language. Then you get journeyman papers and do something fun and/or useful.
The moniker has nothing to do with movies, Rambo, or DADT.
Oops. I meant some of the big problems, like user=root.
It's not huge competition in terms of statistical quantity. Yet distos like Ubuntu had done a very good job. Given the pain and suffering of Windows XP-7, I believe Linux is progressing-- not statistically-- but rather in terms of quality, variety of applications, and lifecycle ownership costs.
The iPad isn't OS X, it's iOS. There's a small difference, sure, but it's a derivative. Is it as closed as WM7? No. It's compromised in my judgment, but for its target market, it's doing very, very well. I'm not its target market. You probably aren't, either. Is it more open than Windows 7 Tablet Edition? I think not. More open than Android Honeycomb? No.
You touch on a good point. The dominance of Windows was tough to beat. MacOS X changed much of that, as did Linux. If you're a civilian, you just want to get work done. For a long time, Windows dominated for many reasons, some of them illegal competition. MacOS put more non-Windows machines in peoples hands than Linux did. Eventually, Ubuntu and some other distros could be used by civilians. Fine.
MacOS X gave Windows the competition that OS/2 couldn't and Linux (at the time) couldn't in the general market place. SunOS/Solaris couldn't do it. Apple actually innovated, rather than relying on a lot of hardware partners to do this. They were consistent, where Microsoft's architectural compromises cased huge incompatibility issues and security nightmares until they were resolved.