Not to say Assange is not what he seems, but essays don't prove anything.
Perhaps not, but when these statements match perfectly with his actions, I'd say there's a pretty fucking good chance he is exactly what he seems.
Did you even read the essay before spouting this drivel?
(Mods: I don't normally feed the trolls, but this inane, insidious character assassination that substitutes for actual debate is just... wrong. Do your worst.)
The comments came as a former adviser to Stephen Harper, the Canadian prime minister, suggested a different solution to the international diplomatic crisis – assassinating Mr Assange.
Look, downplay Flanagan's influence all you like (I'm with you there), but please don't make shit up just to feed your favourite narrative.
Assange is a distraction and knows it. Chasing him wastes law enforcement resources and he knows that too. Wikileaks, the organization goes on while idiots chase their tails by chasing him.
That's only part of the story. Assange has written that he's interested in turning those systems that depend on secrecy inside out. In other words, it doesn't matter whether a particular leak hurts a government or an organisation; it only matters that the leaks continue. Those who feel the need to operate in secrecy will lose trust in their co-conspirators, thereby reducing the effectiveness of their operation.
In a situation where information flows freely, regardless of efforts to keep it from doing so, those who operate in the open will become more efficient and effective than those who require secrecy in order to operate.
So yes, wasting time and effort chasing Assange is part of the battle. The real battle, though (at least is Assange's eyes) is the one that's raging behind closed doors, between those who see information sharing as a tool and those who see it as a threat.
I support transparency, but I get the impression that Assange is a hypocrite and egotistical douche.
He may be a douche, but he is emphatically not a hypocrite. He's written several essays about what motivates him and why he's chosen the tactics that he has. You may not agree with his reasoning, but to his credit, he has been nothing if not consistent in his behaviour.
I can see where it would be useful in a server situation, but I would imagine no sane sysadmin would use Ubuntu in the server room.
Some of us are still sane, but have inherited it from others. 8^/
Give me another couple of months of twice-weekly kernel updates, mind you, and your assertion will be true once more....
Ubuntu is a consumer distro that is targeting the home PC / netbook segment, which loves the shiny. For them, Wayland is a perfect fit.
I refuse to allow any X libraries on my server systems. If it can't be scripted in a console, it better have either a web interface or a decent set of RPCs.
I could think of nothing I would like better, however, than to log into my workstation through my netbook/smart phone/tablet and run apps remotely and securely. I'm not suggesting X is the way; I'm suggesting that assuming that this functionality wouldn't be useful will probably bite Wayland in the ass sooner rather than later.
Seriously - everything is networked now. Who in their right mind would create a desktop environment and deliberately discard one of the most compelling use cases?
If Bush's FCC was trying to push through net neutrality, then you'd have the Democrats saying they'll oppose it simply because it's Bush doing it (just as they opposed Eisenhower's Civil Rights Act in the 50s).
I really doubt that. I think they would have insisted on some sort of payoff to go along, but I think they would ultimately have gone along.
The 'Dixie' Democrats who opposed the Civil Rights Act were largely right-wing, reactionary, racist plutocrats who, even if they did believe it was the Right Thing, couldn't have supported the legislation without facing the real prospect of violent opposition when they went back home.
When Johnson signed the civil rights bill into law in the '60s, he famously said the Democratic party would lose the South for a generation. He was wrong. The 'Dixiecrats' still have not come back. In fact these constituencies are today considered the core of the Republican base.
These idiots don't have any loyalty to the Country.
It only took two days since the attack occurred for the perpetrator to be tracked down and arrested? I can't say I've ever heard of such a fast response time to a computer crime. I'm quite surprised.
Is this typical these days?
Nah, not hardly. Let me demonstrate.
I'll just fire up my handy-dandy scrypto-rama botnet infestor... there... and point it at Amazon... like that. And - hang on, there's someone at the doo%$^&%&*+++NO CARRIER
It's the same part of me that, were I holding a cigarette lighter and a stick of dynamite, would be tempted to light the stick and throw it like they do in the movies, just to see what an exploding stick of dynamite really looks like. There's been so much greed and stupidity around the DNS, and it would be so *feasible* for someone to set up an independent alternative, I'd sort of like to see what it would look like when the existing system is blown to kingdom come.
However -- were I ever to be holding an actual stick of dynamite in my hands, the part of me that tends to say things like "this is not the optimum time to make an impulsive decision" would become quite strident. It's not that I would never, under any circumstance light a stick of dynamite and throw it. It's just that it being a really cool idea wouldn't be enough to make me try it until I'd thought through the consequences very, very carefully.
Dude, you made it all the through that metaphor without once throwing in a firewall reference?!?
Man, that's so lame, I oughta take this here stick o' dynamite and... hang on, let me think this through....
Over 100k people throughout the federal and state governments had access to these documents. You can't keep things secret when that many people know about them. I agree that any intelligence agency worth there salt had access to all of these documents a long time ago.
if by 100,000, you mean 3+ million, then yes, you're spot on. Here's what the Guardian says about SIPRNET:
The US general accounting office identified 3,067,000 people cleared to "secret" and above in a 1993 study. Since then, the size of the security establishment has grown appreciably.
``I'm certain more details will come out as people have more time to go through these documents. But so far what I've found most surprising is how unsurprising these documents are. So the US is spying. Big fucking deal, everybody spies. This isn't news.''
That's what I would think, too. So what _is_ the big deal here? Obviously, there is a big deal, otherwise governments wouldn't get so upset over it.
It's just that the US Government never thought they'd be forced through the moral equivalent of a backscatter scanner themselves.... It's unpleasant, being naked in front of a crowd.
I don't really think one day is really enough time to process these documents.
Indeed. Say what you like about wikileaks, but there is probably not a single researcher in International Relations, History or Political Science without a cum-stain in his pants today. Never in modern history has so much information been made available in such a readily accessible format about one point in history. This is, for researchers, a gift that will keep on giving for decades to come.
The thing that impressed me most from my brief perusal of the 200-odd documents released on the first day was the quality of the analysis. The 'scene setter' papers were well-written and obviously well-researched. I suspect that there's more than one junior foreign officer out there with a quiet smile on their face today, because finally the world will see just how good they are.
Yes, I'm ignoring completely the ethics and morality of the situation. That horse is out of the barn, but what a barn it is....
These cables will provide more insight and understanding into American diplomacy than anything else ever has. Just as access to hitherto proprietary source code sometimes unearths dirty secrets, there is a lot of unpleasantness to be found in the cables. I think the longer term result, however, will be that much of what's good about the US diplomatic corps (and there's a lot of that) will assist countless others to improve their own work and that of others.
...back in 1980, unfortunately I was too young to realise that plays had intermissions, so left after the first half thinking it had finished. I hope he didn't notice - his performance was very good!
I missed a chance to see it again a few years ago when he toured the UK, and now I'll never see it. At least, being a historical play, I know how it turned out...
Awww, dude, you walked out?!? The fight scene with the chimpanzee in the 2nd Act is the best part!
When you are a dramatic actor, it isn't too hard to transition into the "straight man" in a comedic routine. The reason it was so funny is exactly because he was a serious actor and had not done comedy before.
Oh my, you've never acted, have you?
Comedy - good comedy - is incredibly difficult to do. Far more difficult than straight drama. Ask yourself why De Niro has never done a good comic part. Now, one has to give full credit to the directors of Airplane and The Naked Gun series (remember: the movies themselves were funny), but Nielsen did an incredible job. Deadpan (sorry, Les) comedy is the hardest of all.
There's a good reason why people like Bob Newhart and Leslie Nielsen are so well-respected in their craft. It's because they were phenomenally good at what they did.
"How about sharing it quietly with a number of the most reputable meia organisations in the Western world."
That's not exactly what they did. They withheld information from all sources so they would have a "bombshell" to deliver.
I don't know where you're getting that. In the last three dumps, Wikileaks has followed the same pattern: Share the data with a limited number of news agencies, one each in multiple countries. Here's how the Guardian described this round:
The electronic archive of embassy dispatches from around the world was allegedly downloaded by a US soldier earlier this year and passed to WikiLeaks. Assange made it available to the Guardian and four other news organisations: the New York Times, Der Spiegel in Germany, Le Monde in France and El País in Spain. All five plan to publish extracts from the most significant cables, but have decided neither to "dump" the entire dataset into the public domain, nor to publish names that would endanger innocent individuals. WikiLeaks says that, contrary to the state department's fears, it also initially intends to post only limited cable extracts, and to redact identities.
So yes, they did exactly what you accused them of failing to do: They quietly distributed the data to a few discreet (and discrete) sources prior to the initial launch.
The only difference this time is that they haven't dumped the whole dataset. I was wrong to say they always do.
Some may consider this newfound discretion to be a good thing....
The fact is that their job is to get as much attention as possible..."
That's not their stated mission... it's to release this information to as many people as possible. There is a *huge* difference.
I can see the distinction you're drawing; it's quite a fascinating one.
It would be really interesting, actually, to consider what other tactics and methods could achieve the same strategy (i.e. run a generic whistle-blower service).
It would certainly elevate the debate about the nature of wikileaks, something which I think everyone would applaud. And it's vastly preferable to probing the rather facile question of whether Assange is an attention-whore or not.
I don't take issue with him being in the lime light... but he purposefully stretches it out.
I think this tactic is known as 'running cover'. Assange knows that someone has to be the focal point for the ogranisation, to make contact with media reps and various others in order to ensure the responsible dissemination of the data. Doing so allows a great many others to work quietly, undisturbed in the background. Say what you like about his motivation, he's chosen that role. I'd argue that, as someone who believes more in daylight than shadows, he's using the spotlight to keep himself out of harm's way.
he announces the release ahead of time so he can create a sensation
Sure. This actually is one of the largest leaks of information in modern history. It's sensational in its very essence. Given that wikileaks' reason for being is to disseminate leaked information as effectively as possible, advance press is perfectly understandable.
If they were really concerned about access to the information and not publicity the would "soft release" to trusted groups on BitTorrent a few days/weeks before they announced it.
Great idea. How about sharing it quietly with a number of the most reputable media organisations in the Western world? How about giving them months of prep time, so they could conduct analysis. How about -shocking, I know- even telling the affected agencies what was about to be released and offering them the opportunity to assist in the redaction process? That's exactly what they did.
Now, there's no way a government could be seen to be negotiating with them, so this might be seen as grandstanding, but who knows what contacts might have been made behind the scenes? (Well, wikileaks, of course, but... you get what I'm saying.)
That way the data is well seeded and a DDoS would be very difficult. That's why I'm accusing them of attention wh0ring... there are very easy ways of preventing this DDoS and they are smart enough to know that.
Indeed they are. And indeed they have.
You can characterise what they do as attention-whoring if you like. The fact is that their job is to get as much attention as possible on the data they're releasing. If you suffer from this process, you won't be glad about it. I can accept that.
I have friends who were directly affected by information divulged to wikileaks some years ago. While I'm still angry at those who so cynically used wikileaks to release context-free data that wrongly created some very nasty implications, I don't blame wikileaks for releasing the information. That's just what they do.
In fact, I'd rather see wikileaks do it than others. While they're occasionally guilty of editorialising about their data, at least they release all of it, providing others with the opportunity to draw their own conclusions. Most media organisations do not do this. They run with what they think will lead, and leave the rest by the roadside.
I don't always like the results of what wikileaks does, but at least they are exactly what the claim to be.
As for the inevitability, that's dead easy. Malware is business, and has been for years. For each platform, there are two relevant numbers: cost to produce a useful exploit, and value (income) from releasing that exploit. Currently, the former number is relatively high for Windows - it's been picked over pretty hard, and a lot of security hardening has gone into it. Again, see things like Pwn2Own.
It is interesting, isn't it, that people go to such efforts to find Windows-specific exploits when they could find exploits on other systems with far less effort?
That there's a reason for this, and it has everything to do with return on investment, as you rightly say:
However, the latter number - the money you can make with a good Windows exploit - is far, FAR higher. Many millions of dollars higher. The difference between that value on Windows and that value on other desktop operating systems is such that it's not worth developing malware for them if you could do it for free (i.e. be compensated for your time). If you're going to spend the time writing malware for desktop operating systems, there just isn't any target that makes sense other than Windows.
So I come back to the question I posed originally:
"Perhaps you could refute the contention that neither Linux nor Mac OS will ever recreate the monoculture we're seeing currently with Windows, that this heterogeneity is by design and that it's an innate strength in the development culture."
I'm not for a moment suggesting that writing malware as a business won't continue after Windows is long gone. Of course it will.
But just as US banks in the 1920s-30s learned (eventually) to make themselves less susceptible to bank robbers (whose activity peaked at that time due to recent improvements in transportation), personal and institutional computing will eventually learn to take malware in stride, to reduce the profits of any given exploit from its current colossal size to something much simpler.
There will always be another rube willing to allow another con-man to fleece him. There will always be innocent victims who get mugged because they were in the wrong place at the wrong time. But to suggest, as the GP does, that this somehow excuses the appallingly poor security models, practices and culture that ensure Microsoft's continued relegation to the security gutter... well, that's just disingenuous.
To tar other OSes with the same brush is to suggest that one should not move to another bank because, once enough people move to it, it too will become the target of bank robbers. It's wrong because:
Nobody is suggesting that everyone has to move all their money to one single bank;
The new bank might not be perfectly secure, but at least it doesn't leave all the money in a pile in the middle of the floor.
This move to a more heterogeneous and inherently secure environment will happen in small increments, and the process will lurch along in fits and starts, but it is far more likely to happen than another single, monolithic operating environment taking over from Microsoft Windows - and I include future versions of Microsoft Windows in that grouping.
And that, my friend, is why I find the contention that 'Linux and Mac OS will be just as bad when they get popular' to be inane, misleading and, frankly, intellectually lazy.
Seriously, let's hear this brilliant idea that a number of geeks on Slashdot seem to have as to how to design an OS that is perfectly secure against Malware and so on, yet still gives the user full administrative control over their system....
If you put any real thought in this, you'll realize it can't be done. There is no power without responsibility, there is no perfect system that is 100% bug free.
And if you put any reading into it, you'd accept the prevailing view that security is about processes, that it cannot be perfect and that it doesn't have to be perfect to be adequate for an individual's needs.
Then perhaps you'd quit focusing on unattainable silver bullets (which are either straw men or some unattainable fantasy born of your personal ignorance of security design) and start looking at development culture and UI philosophy that lead to environments in which heterogeneous systems can interact with an adequate level of security.
This won't protect the world from mind-bogglingly stupid choices like credit card companies who leave themselves open to SQL injections, but it would at least allow home users to actually have to earn their infection through willful ignorance, instead of being subject to exploits simply by opening a PDF file or landing on a web page.
People may be stupid, but some operating systems have staked their business on aiding and abetting said stupidity. Others have not. The latter are decidedly not perfect, but they are miles better than the former.
And if linux or osx ever exceed microsofts marketshare you'll see the malware flood onto them too.
Okay, I'm going to go all scientific on this and say: Prove it.
Don't just speculate based on false equivalence; don't just make shit up. Prove to me that Linux and Mac OS are not only equally susceptible to malware infection, but that a flood of exploits is the inevitable result of widespread adoption.
While you're doing that, perhaps you could explain at what point this becomes inevitable. After a million installations? Two million? Ten million?
Is it necessary that these installations happen only on personal computers? Would dominance of the server market suffice? Of the mobile market? How about tablets? Hand-helds? Home media servers? Surely any significant penetration into markets that enable the use and transmission of personal data would be ripe for the picking?
And then perhaps you could refute the contention that neither Linux nor Mac OS will ever recreate the monoculture we're seeing currently with Windows, that this heterogeneity is by design and that it's an innate strength in the development culture.
Until you do that, I'm going to assume that what you mean is, "When Mac OS or Linux become just like Windows, they will be just like Windows." And I'll treat your statement as the childish, simplistic tautology that it is.
Slashdot Mirror
Perhaps not, but when these statements match perfectly with his actions, I'd say there's a pretty fucking good chance he is exactly what he seems.
Did you even read the essay before spouting this drivel?
(Mods: I don't normally feed the trolls, but this inane, insidious character assassination that substitutes for actual debate is just... wrong. Do your worst.)
Former adviser. Media outside of Canada likes to leave that part out...
Except when they don't:
Look, downplay Flanagan's influence all you like (I'm with you there), but please don't make shit up just to feed your favourite narrative.
That's only part of the story. Assange has written that he's interested in turning those systems that depend on secrecy inside out. In other words, it doesn't matter whether a particular leak hurts a government or an organisation; it only matters that the leaks continue. Those who feel the need to operate in secrecy will lose trust in their co-conspirators, thereby reducing the effectiveness of their operation.
In a situation where information flows freely, regardless of efforts to keep it from doing so, those who operate in the open will become more efficient and effective than those who require secrecy in order to operate.
So yes, wasting time and effort chasing Assange is part of the battle. The real battle, though (at least is Assange's eyes) is the one that's raging behind closed doors, between those who see information sharing as a tool and those who see it as a threat.
I support transparency, but I get the impression that Assange is a hypocrite and egotistical douche.
He may be a douche, but he is emphatically not a hypocrite. He's written several essays about what motivates him and why he's chosen the tactics that he has. You may not agree with his reasoning, but to his credit, he has been nothing if not consistent in his behaviour.
You telling me I cant simply apt-get uninstall wayland?
Yes:
$ apt-get uninstall wayland
E: Invalid operation uninstall
$
You can, however, 'apt-get remove wayland'
</smartass>
Some of us are still sane, but have inherited it from others. 8^/
Give me another couple of months of twice-weekly kernel updates, mind you, and your assertion will be true once more....
I refuse to allow any X libraries on my server systems. If it can't be scripted in a console, it better have either a web interface or a decent set of RPCs.
I could think of nothing I would like better, however, than to log into my workstation through my netbook/smart phone/tablet and run apps remotely and securely. I'm not suggesting X is the way; I'm suggesting that assuming that this functionality wouldn't be useful will probably bite Wayland in the ass sooner rather than later.
Seriously - everything is networked now. Who in their right mind would create a desktop environment and deliberately discard one of the most compelling use cases?
I really doubt that. I think they would have insisted on some sort of payoff to go along, but I think they would ultimately have gone along.
The 'Dixie' Democrats who opposed the Civil Rights Act were largely right-wing, reactionary, racist plutocrats who, even if they did believe it was the Right Thing, couldn't have supported the legislation without facing the real prospect of violent opposition when they went back home.
When Johnson signed the civil rights bill into law in the '60s, he famously said the Democratic party would lose the South for a generation. He was wrong. The 'Dixiecrats' still have not come back. In fact these constituencies are today considered the core of the Republican base.
Well finally, something we can all agree on! 8^)
Okay, is my mind totally in the gutter, or is there a significance to the mammary gland / Dolly Parton link?
Well, if it helps, the meadow where they graze is called the Valley of the Dolls....
(If you were a New Zealander, the mere mention of sheep would have been enough....)
It only took two days since the attack occurred for the perpetrator to be tracked down and arrested? I can't say I've ever heard of such a fast response time to a computer crime. I'm quite surprised.
Is this typical these days?
Nah, not hardly. Let me demonstrate.
I'll just fire up my handy-dandy scrypto-rama botnet infestor... there... and point it at Amazon... like that. And - hang on, there's someone at the doo%$^&%&*+++NO CARRIER
It's the same part of me that, were I holding a cigarette lighter and a stick of dynamite, would be tempted to light the stick and throw it like they do in the movies, just to see what an exploding stick of dynamite really looks like. There's been so much greed and stupidity around the DNS, and it would be so *feasible* for someone to set up an independent alternative, I'd sort of like to see what it would look like when the existing system is blown to kingdom come.
However -- were I ever to be holding an actual stick of dynamite in my hands, the part of me that tends to say things like "this is not the optimum time to make an impulsive decision" would become quite strident. It's not that I would never, under any circumstance light a stick of dynamite and throw it. It's just that it being a really cool idea wouldn't be enough to make me try it until I'd thought through the consequences very, very carefully.
Dude, you made it all the through that metaphor without once throwing in a firewall reference?!?
Man, that's so lame, I oughta take this here stick o' dynamite and... hang on, let me think this through....
On the contrary, it would appear that a lack of shit is the problem. "More shit!" would be a more appropriate response.
No shit!
Over 100k people throughout the federal and state governments had access to these documents. You can't keep things secret when that many people know about them. I agree that any intelligence agency worth there salt had access to all of these documents a long time ago.
if by 100,000, you mean 3+ million, then yes, you're spot on. Here's what the Guardian says about SIPRNET:
``I'm certain more details will come out as people have more time to go through these documents. But so far what I've found most surprising is how unsurprising these documents are. So the US is spying. Big fucking deal, everybody spies. This isn't news.''
That's what I would think, too. So what _is_ the big deal here? Obviously, there is a big deal, otherwise governments wouldn't get so upset over it.
It's just that the US Government never thought they'd be forced through the moral equivalent of a backscatter scanner themselves.... It's unpleasant, being naked in front of a crowd.
I don't really think one day is really enough time to process these documents.
Indeed. Say what you like about wikileaks, but there is probably not a single researcher in International Relations, History or Political Science without a cum-stain in his pants today. Never in modern history has so much information been made available in such a readily accessible format about one point in history. This is, for researchers, a gift that will keep on giving for decades to come.
The thing that impressed me most from my brief perusal of the 200-odd documents released on the first day was the quality of the analysis. The 'scene setter' papers were well-written and obviously well-researched. I suspect that there's more than one junior foreign officer out there with a quiet smile on their face today, because finally the world will see just how good they are.
Yes, I'm ignoring completely the ethics and morality of the situation. That horse is out of the barn, but what a barn it is....
These cables will provide more insight and understanding into American diplomacy than anything else ever has. Just as access to hitherto proprietary source code sometimes unearths dirty secrets, there is a lot of unpleasantness to be found in the cables. I think the longer term result, however, will be that much of what's good about the US diplomatic corps (and there's a lot of that) will assist countless others to improve their own work and that of others.
...back in 1980, unfortunately I was too young to realise that plays had intermissions, so left after the first half thinking it had finished. I hope he didn't notice - his performance was very good! I missed a chance to see it again a few years ago when he toured the UK, and now I'll never see it. At least, being a historical play, I know how it turned out...
Awww, dude, you walked out?!? The fight scene with the chimpanzee in the 2nd Act is the best part!
When you are a dramatic actor, it isn't too hard to transition into the "straight man" in a comedic routine. The reason it was so funny is exactly because he was a serious actor and had not done comedy before.
Oh my, you've never acted, have you?
Comedy - good comedy - is incredibly difficult to do. Far more difficult than straight drama. Ask yourself why De Niro has never done a good comic part. Now, one has to give full credit to the directors of Airplane and The Naked Gun series (remember: the movies themselves were funny), but Nielsen did an incredible job. Deadpan (sorry, Les) comedy is the hardest of all.
There's a good reason why people like Bob Newhart and Leslie Nielsen are so well-respected in their craft. It's because they were phenomenally good at what they did.
I don't know where you're getting that. In the last three dumps, Wikileaks has followed the same pattern: Share the data with a limited number of news agencies, one each in multiple countries. Here's how the Guardian described this round:
So yes, they did exactly what you accused them of failing to do: They quietly distributed the data to a few discreet (and discrete) sources prior to the initial launch.
The only difference this time is that they haven't dumped the whole dataset. I was wrong to say they always do.
Some may consider this newfound discretion to be a good thing....
I can see the distinction you're drawing; it's quite a fascinating one.
It would be really interesting, actually, to consider what other tactics and methods could achieve the same strategy (i.e. run a generic whistle-blower service).
It would certainly elevate the debate about the nature of wikileaks, something which I think everyone would applaud. And it's vastly preferable to probing the rather facile question of whether Assange is an attention-whore or not.
I think this tactic is known as 'running cover'. Assange knows that someone has to be the focal point for the ogranisation, to make contact with media reps and various others in order to ensure the responsible dissemination of the data. Doing so allows a great many others to work quietly, undisturbed in the background. Say what you like about his motivation, he's chosen that role. I'd argue that, as someone who believes more in daylight than shadows, he's using the spotlight to keep himself out of harm's way.
Sure. This actually is one of the largest leaks of information in modern history. It's sensational in its very essence. Given that wikileaks' reason for being is to disseminate leaked information as effectively as possible, advance press is perfectly understandable.
Great idea. How about sharing it quietly with a number of the most reputable media organisations in the Western world? How about giving them months of prep time, so they could conduct analysis. How about -shocking, I know- even telling the affected agencies what was about to be released and offering them the opportunity to assist in the redaction process? That's exactly what they did.
Now, there's no way a government could be seen to be negotiating with them, so this might be seen as grandstanding, but who knows what contacts might have been made behind the scenes? (Well, wikileaks, of course, but... you get what I'm saying.)
Indeed they are. And indeed they have.
You can characterise what they do as attention-whoring if you like. The fact is that their job is to get as much attention as possible on the data they're releasing. If you suffer from this process, you won't be glad about it. I can accept that.
I have friends who were directly affected by information divulged to wikileaks some years ago. While I'm still angry at those who so cynically used wikileaks to release context-free data that wrongly created some very nasty implications, I don't blame wikileaks for releasing the information. That's just what they do.
In fact, I'd rather see wikileaks do it than others. While they're occasionally guilty of editorialising about their data, at least they release all of it, providing others with the opportunity to draw their own conclusions. Most media organisations do not do this. They run with what they think will lead, and leave the rest by the roadside.
I don't always like the results of what wikileaks does, but at least they are exactly what the claim to be.
It is interesting, isn't it, that people go to such efforts to find Windows-specific exploits when they could find exploits on other systems with far less effort?
That there's a reason for this, and it has everything to do with return on investment, as you rightly say:
So I come back to the question I posed originally:
"Perhaps you could refute the contention that neither Linux nor Mac OS will ever recreate the monoculture we're seeing currently with Windows, that this heterogeneity is by design and that it's an innate strength in the development culture."
I'm not for a moment suggesting that writing malware as a business won't continue after Windows is long gone. Of course it will.
But just as US banks in the 1920s-30s learned (eventually) to make themselves less susceptible to bank robbers (whose activity peaked at that time due to recent improvements in transportation), personal and institutional computing will eventually learn to take malware in stride, to reduce the profits of any given exploit from its current colossal size to something much simpler.
There will always be another rube willing to allow another con-man to fleece him. There will always be innocent victims who get mugged because they were in the wrong place at the wrong time. But to suggest, as the GP does, that this somehow excuses the appallingly poor security models, practices and culture that ensure Microsoft's continued relegation to the security gutter... well, that's just disingenuous.
To tar other OSes with the same brush is to suggest that one should not move to another bank because, once enough people move to it, it too will become the target of bank robbers. It's wrong because:
This move to a more heterogeneous and inherently secure environment will happen in small increments, and the process will lurch along in fits and starts, but it is far more likely to happen than another single, monolithic operating environment taking over from Microsoft Windows - and I include future versions of Microsoft Windows in that grouping.
And that, my friend, is why I find the contention that 'Linux and Mac OS will be just as bad when they get popular' to be inane, misleading and, frankly, intellectually lazy.
And if you put any reading into it, you'd accept the prevailing view that security is about processes, that it cannot be perfect and that it doesn't have to be perfect to be adequate for an individual's needs.
Then perhaps you'd quit focusing on unattainable silver bullets (which are either straw men or some unattainable fantasy born of your personal ignorance of security design) and start looking at development culture and UI philosophy that lead to environments in which heterogeneous systems can interact with an adequate level of security.
This won't protect the world from mind-bogglingly stupid choices like credit card companies who leave themselves open to SQL injections, but it would at least allow home users to actually have to earn their infection through willful ignorance, instead of being subject to exploits simply by opening a PDF file or landing on a web page.
People may be stupid, but some operating systems have staked their business on aiding and abetting said stupidity. Others have not. The latter are decidedly not perfect, but they are miles better than the former.
And if linux or osx ever exceed microsofts marketshare you'll see the malware flood onto them too.
Okay, I'm going to go all scientific on this and say: Prove it.
Don't just speculate based on false equivalence; don't just make shit up. Prove to me that Linux and Mac OS are not only equally susceptible to malware infection, but that a flood of exploits is the inevitable result of widespread adoption.
While you're doing that, perhaps you could explain at what point this becomes inevitable. After a million installations? Two million? Ten million?
Is it necessary that these installations happen only on personal computers? Would dominance of the server market suffice? Of the mobile market? How about tablets? Hand-helds? Home media servers? Surely any significant penetration into markets that enable the use and transmission of personal data would be ripe for the picking?
And then perhaps you could refute the contention that neither Linux nor Mac OS will ever recreate the monoculture we're seeing currently with Windows, that this heterogeneity is by design and that it's an innate strength in the development culture.
Until you do that, I'm going to assume that what you mean is, "When Mac OS or Linux become just like Windows, they will be just like Windows." And I'll treat your statement as the childish, simplistic tautology that it is.
HTH, HAND.
... Or, as non-technical folks prefer to call it, HELL.
So they think it's OK if journalists steal souls?
Well, it's only fair. After all, they've already sold their own.
A 4 Gigabyte printer driver? Really? Please have your friend contact me immediately!
Snidely Earnest
HR Manager
- Hewlett Packard