I wouldn't do that with OS X, and I am a devoted, nay, obsessed Mac evangelist. Get ONE computer working how you want it. Let family members use it. Desensitize them. Find games and neat stuff. Make sure your peripherals work. Then ask for a volunteer. Check the hardware and make sure Linux thinks it can do that hardware, then install on another partition or drive. Let them dual boot for a while.
If you're feeling really evil, infect the Windows OS with spyware so it slows down. Stop supporting it. Delete the TCP/IP stack....
Really, this can be done with a little forethought. But simply switching everyone with no backup and no preparation is not gonna work.
"are all Parlimentary speeches in England that long? Holy shit. He walked through his whole constitutency house by house and described what everyone did. What kind of speech is that?"
In what way is this an improvement over using a client-side whitelist with today's email?
1. Personally maintaining that contact list will be really annoying. Even I, a card-carrying slashdot geek, have enough email correspondants to make that prohibitive.
2. People don't necessarily always use the same email address. Any time someone changes, uses a different address, or whatever, you have to update your polling list.
3. You've just exponentially raised network traffic: everyone polling everyone else for messages? Eek.
4. As JGC pointed out, no unsolicited mail. (I don't consider challenge/response a solution to that, either: I like it when people send me kudos, but they're unlikely to bother if I make it annoying.) If you're thinking of using today-style email for the unsolicited, then you've just hurt the signal-to-noise ratio even more.
5. Something will be maintaining a large database of legitimate email addresses, with trusted relationships -- how long before those databases are themselves exploited and we're back to square one?
It is very true that a zero-day exploit can affect anyone. People who think that Mac or Linux boxen are "safe" are in cloud-cuckoo land. That said, it's a lot easier to get a malicious zero-day exploit to run on a system with poor privilege management, as well as easier to get it to propagate automagically. It's not safe, but it's probably safer.
This is GREAT for Mac, absolutely wonderful and fantabulous, because it means you don't have to buy a Mac copy of Office if you already have the Windows version. Or Photoshop, or whatever. Software inertia is a major factor in switching. Eliminate that and a lot of people, who suddenly don't have to cut their losses on their software investment, will See the Light. And more users means more developers -- both commercial and F/OSS -- that want to make stuff for us.
This factor hasn't been such a big deal on Linux/BSD, because there aren't many major commercial apps for them. If you wanted to use Photoshop on your Linux box, you learned to love the GIMP. But it's a definite factor with Macs. I don't know how many people have told me, "I'd switch, but I'd have to buy all my applications all over again." Of the non-geeky types, only those driven truly desperate by malware have willing to chuck major investments. (Not to mention the time invested in the learning curve...)
And anyway, sometimes the Mac ports of popular applications are a little lacking. Quicken is vile, to put it really bluntly. I've never used Office X, but I've heard it's not up to the Windows version's, er, high standards.
This contest has already been slashdotted, but the idea is sublime: "write code that is as readable, clear, innocent and straightforward as possible, and yet it must...do something subtly evil." And the prize is beer!
Renowned security researchers need to flog this stuff to become renowned outside their own heads?
Perhaps I'm betraying my own ignorance (who, me?), but I've never heard of this guy, I don't particularly respect people who flog their MS MVPness as a qualification, and a quick look on Google shows his general tone to be somewhat...hysterical. The spywares are coming to get us! Run away! Run away!
We have several laws that apply to personal data. There are gaps you can drive a truck through, and the industry has spent decades doing just that. (I particularly like the part about how the laws specify that they only apply to "authorized uses" of personal data--so if it's not an authorized use, you can do anything. No, I'm not kidding.)
The OS will only run IE and Windows Media; everything else will be on an application server. I do not think this solves the actual problem. We have terminals.
I like this quite a bit. However, I think it's suffering from the same problem most people have with the term identity on the Internet -- binding.
"Identity," formally, means who you are -- the unique person with your identity. I'm not going to write my real name here, but that's my identity. No one else is me: my identity is bound to me, even if there are people with the same name.
"Identity," colloquially, means "that person I know." You may not know me by my name. You know me by "daedala." That's my handle. I always post here as daedala, so that's my consistent presense on slashdot (and my journal, and my email, and most other places I post...).
It's pretty difficult to establish a unique identity, bound to an individual, on the Internet. People screw this up all the time. It's not nearly as difficult to establish a consistent handle. From my review of this system, what it's doing is the latter.
I work in security. I have heard far, far too many of my coworkers joke about how much spyware they have on their computers. They are in the field; some of them are brain dead, but some of them are quite good. If security wonks can't keep Windows clean, I don't think normal users should be expected to.
As soon as I read this article, I sent it to many of my friends, because it's funny. It's an elegant, understated, hilarious demonstration of an important point. It starts perfectly reasonably and gets progressively sillier, until by the end it's way over-the-top hyperbole. This essay is a really lovely piece of writing, because at first it suckers you in with its reasonably paranoid stance, and when you realize you've been had -- I guess that's if you realize you've been had -- makes you think about diminishing returns.
They aren't lying. They're just not explaining that their observations include all of your encrypted transactions, because they install their own root certificate. Suddenly, all your SSL transactions go to MarketScore. They are decrypted and read, then reencrypted and sent on to their destination. This means that they have access to credit card numbers, CVV2, passwords, PINs, social security numbers -- anything you type into a website, whether or not that website is "secure."
They claim they don't keep that information. If you believe that, and believe that they have sufficiently secured the process that no one else can read and keep the information, then sure. But would Gramma understand what I just said? And would anyone get that from their "Terms of Service"?
"Special hardware" does not mean "encrypted." Kryptonite locks require special hardware to open, too (a ballpoint pen). My floppy disk requires special hardware to read (a floppy drive). Compression algorithms are not encryption algorithms; they are meant to allow you to read the data, not prevent it.
Proper disaster recovery means keeping offsite backups. Stuff happens with physical transit. You know that, I know that, everyone knows that. It's precisely because it is a known risk that it needs to be mitigated. The mitigation is, in this case, encryption: so that the data cannot be read by anyone, even if lost. "Every reasonable precaution" must include encryption. Of course, changing your whole backup system is a pain when you're backing up that much every day.
You're probably right that it was just lost in transit. You're definitely right that it's not a big risk to you, because to be perfectly blunt your information was probably long gone anyway. That doesn't mean that Ameritrade didn't screw up badly. "It's the shipping company's fault" is not an acceptable excuse in this case.
Encryption is not expensive financially. Decent encryption tends to be computationally expensive, though, and may slow backups. Worse, it involves changing processes. Ever tried to make a bank change how they do things?
This isn't a recent spate of customer data loss. It is, as you note, a recent spate of customer data loss reporting.
It's mostly due to California Civil Code 1798, formerly known as State Bill 1386. Before we were just quietly leaking like a sieve; now we know we are.
He makes the argument that people who think Firefox is better believe so because of the smaller installed user base. IEusers = stupid, FFusers = smart. Therefore, of course Firefox comes off better. If Firefox had as many stupid users as IE, it would be considered as bad as IE.
I call bullshit. His own argument doesn't make sense, because then he argues that IE might have the same percentage of problems as Firefox. He's begging the question of whether the percentage of problem users is the same with each browser. What do you want to bet that someone is going to quote this article saying that "5% of Firefox users have problems! That's the same percentage of IE users that have problems!" Those are made-up numbers. He's using them as an example. He hasn't proven that they're equivalent
He also digresses, severely, into "Linux isn't really more secure." Well, actually, it is. To my mind, the worst vulnerability out there is one that allows an attacker to remotely execute arbitrary code without user intervention and without personal intervention by the attacker, either. Getting someone to type in a password is a cross-platform vulnerability. Spending a few hours individually targetting that Linux server with old updates happens (just ask me about my friend's goddam mail server). Reading email in an email client with IE-HTML-rendering -- a proven way to do this -- is pretty specific to IE.
After all, it's Windows that has spawned the Sargasso Sea of worms, viruses, Trojans, etc. etc. etc. ad infitum ad nauseum. There is a self-sustaining ecosystem of malicious code that infects and reinfects Windows. UNIX doesn't have that. Of course, UNIX is such a newcomer to the Internet that it hasn't had time to develop that ecosystem -- sorry, what did you say? I'm sure UNIX must be brand new, that's why there are so few automatic exploits, right?
Third, he thinks the raw numbers for vulnerabilities mean anything. They mean nothing, especially when you compare the different philosophies of Microsoft vs. most Linux distributions. Microsoft = admit a problem only if we have to, and then only before it's patched, and if you don't give us 6 months to patch it you're an irresponsible extortionist creep. Linux = full disclosure of every nitpicky bug anyone can think up, like the one where someone with physical access to your box can open the case and copy the hard drive! Claiming that CERT is a wonderful impartial catalogue of vulnerabilities -- when they roll over for vendors, and without mentioning their recommendation to avoid IE -- is disingenuous at best.
The real question for these security vulnerabilities is: do they matter? You can tell by identifying the following: Are they remote? How much user intervention is needed? What can happen if the vulnerability is exploited? DoS is sad but not, frankly, that big a deal. Arbitrary code execution is bad. Priviledge escalation is bad. Sniffing passwords is bad. Does the attacker need to sit there and think about your computer or can he just turn loose an automatic exploit? It might even be that IE is better than FireFox on that at the moment -- I doubt it, but it's possible. However, Langa doesn't examine the real question. It's easier to count beans than to identify them, or know how to make use of them.
His argument seems to be that since Firefox isn't perfectly secure, it's as insecure as Internet Explorer. This is a fallacy. I can't remember which one. The stupid one, I guess.
Ok, now I feel better.
Poster bias: I loathe and despise Microsoft. I think Symantic is a parasite. I like Open Software but "free as in beer" means nothing to me because I also loathe and despise beer. I think Firefox is fine on Windows but it is lousy on Macintosh. My personal favorite browser is Safari.
Also, basic keystrokes (like tabbing to checkboxes so you can check them with the spacebar, or backspace = Back) just don't work. I do have keyboard access turned on.
Now that I've posted this, half a dozen people will tell me how to fix it. However, it's a widespread complaint.
Slashdot Mirror
That's what I was thinking.
I wouldn't do that with OS X, and I am a devoted, nay, obsessed Mac evangelist. Get ONE computer working how you want it. Let family members use it. Desensitize them. Find games and neat stuff. Make sure your peripherals work. Then ask for a volunteer. Check the hardware and make sure Linux thinks it can do that hardware, then install on another partition or drive. Let them dual boot for a while.
If you're feeling really evil, infect the Windows OS with spyware so it slows down. Stop supporting it. Delete the TCP/IP stack....
Really, this can be done with a little forethought. But simply switching everyone with no backup and no preparation is not gonna work.
"are all Parlimentary speeches in England that long? Holy shit. He walked through his whole constitutency house by house and described what everyone did. What kind of speech is that?"
Substantive?
In what way is this an improvement over using a client-side whitelist with today's email?
1. Personally maintaining that contact list will be really annoying. Even I, a card-carrying slashdot geek, have enough email correspondants to make that prohibitive.
2. People don't necessarily always use the same email address. Any time someone changes, uses a different address, or whatever, you have to update your polling list.
3. You've just exponentially raised network traffic: everyone polling everyone else for messages? Eek.
4. As JGC pointed out, no unsolicited mail. (I don't consider challenge/response a solution to that, either: I like it when people send me kudos, but they're unlikely to bother if I make it annoying.) If you're thinking of using today-style email for the unsolicited, then you've just hurt the signal-to-noise ratio even more.
5. Something will be maintaining a large database of legitimate email addresses, with trusted relationships -- how long before those databases are themselves exploited and we're back to square one?
That's all I can do off the top of my head.
It is very true that a zero-day exploit can affect anyone. People who think that Mac or Linux boxen are "safe" are in cloud-cuckoo land. That said, it's a lot easier to get a malicious zero-day exploit to run on a system with poor privilege management, as well as easier to get it to propagate automagically. It's not safe, but it's probably safer.
Because there's no crossgrade price?
This is GREAT for Mac, absolutely wonderful and fantabulous, because it means you don't have to buy a Mac copy of Office if you already have the Windows version. Or Photoshop, or whatever. Software inertia is a major factor in switching. Eliminate that and a lot of people, who suddenly don't have to cut their losses on their software investment, will See the Light. And more users means more developers -- both commercial and F/OSS -- that want to make stuff for us.
This factor hasn't been such a big deal on Linux/BSD, because there aren't many major commercial apps for them. If you wanted to use Photoshop on your Linux box, you learned to love the GIMP. But it's a definite factor with Macs. I don't know how many people have told me, "I'd switch, but I'd have to buy all my applications all over again." Of the non-geeky types, only those driven truly desperate by malware have willing to chuck major investments. (Not to mention the time invested in the learning curve...)
And anyway, sometimes the Mac ports of popular applications are a little lacking. Quicken is vile, to put it really bluntly. I've never used Office X, but I've heard it's not up to the Windows version's, er, high standards.
Thanks for calling attention to that.
I don't know about you, but I have no need for a source of "Congressional action." In fact, I'd really rather not think about it at all.
This contest has already been slashdotted, but the idea is sublime: "write code that is as readable, clear, innocent and straightforward as possible, and yet it must...do something subtly evil." And the prize is beer!
Renowned security researchers need to flog this stuff to become renowned outside their own heads?
Perhaps I'm betraying my own ignorance (who, me?), but I've never heard of this guy, I don't particularly respect people who flog their MS MVPness as a qualification, and a quick look on Google shows his general tone to be somewhat...hysterical. The spywares are coming to get us! Run away! Run away!
Am I missing something?
In a word, no.
We have several laws that apply to personal data. There are gaps you can drive a truck through, and the industry has spent decades doing just that. (I particularly like the part about how the laws specify that they only apply to "authorized uses" of personal data--so if it's not an authorized use, you can do anything. No, I'm not kidding.)
WE always had problems with the batteries and logic boards going out like crazy. Would anyone care to wager a guess why?
Because you were working in a repair company, so people didn't bring you the ones that worked?
Is this due out before or after Longhorn?
The OS will only run IE and Windows Media; everything else will be on an application server. I do not think this solves the actual problem. We have terminals.
I like this quite a bit. However, I think it's suffering from the same problem most people have with the term identity on the Internet -- binding.
"Identity," formally, means who you are -- the unique person with your identity. I'm not going to write my real name here, but that's my identity. No one else is me: my identity is bound to me, even if there are people with the same name.
"Identity," colloquially, means "that person I know." You may not know me by my name. You know me by "daedala." That's my handle. I always post here as daedala, so that's my consistent presense on slashdot (and my journal, and my email, and most other places I post...).
It's pretty difficult to establish a unique identity, bound to an individual, on the Internet. People screw this up all the time. It's not nearly as difficult to establish a consistent handle. From my review of this system, what it's doing is the latter.
So really, they should be calling it OpenHandle.
You don't know any wine geeks, do you?
It's definitely nerdy.
I work in security. I have heard far, far too many of my coworkers joke about how much spyware they have on their computers. They are in the field; some of them are brain dead, but some of them are quite good. If security wonks can't keep Windows clean, I don't think normal users should be expected to.
No. You're on slashdot. You are not allowed to get irony. Unless you're British.
As soon as I read this article, I sent it to many of my friends, because it's funny. It's an elegant, understated, hilarious demonstration of an important point. It starts perfectly reasonably and gets progressively sillier, until by the end it's way over-the-top hyperbole. This essay is a really lovely piece of writing, because at first it suckers you in with its reasonably paranoid stance, and when you realize you've been had -- I guess that's if you realize you've been had -- makes you think about diminishing returns.
My bank doesn't. Which banks do ban Marketscore?
They aren't lying. They're just not explaining that their observations include all of your encrypted transactions, because they install their own root certificate. Suddenly, all your SSL transactions go to MarketScore. They are decrypted and read, then reencrypted and sent on to their destination. This means that they have access to credit card numbers, CVV2, passwords, PINs, social security numbers -- anything you type into a website, whether or not that website is "secure."
They claim they don't keep that information. If you believe that, and believe that they have sufficiently secured the process that no one else can read and keep the information, then sure. But would Gramma understand what I just said? And would anyone get that from their "Terms of Service"?
"Special hardware" does not mean "encrypted." Kryptonite locks require special hardware to open, too (a ballpoint pen). My floppy disk requires special hardware to read (a floppy drive). Compression algorithms are not encryption algorithms; they are meant to allow you to read the data, not prevent it.
Proper disaster recovery means keeping offsite backups. Stuff happens with physical transit. You know that, I know that, everyone knows that. It's precisely because it is a known risk that it needs to be mitigated. The mitigation is, in this case, encryption: so that the data cannot be read by anyone, even if lost. "Every reasonable precaution" must include encryption. Of course, changing your whole backup system is a pain when you're backing up that much every day.
You're probably right that it was just lost in transit. You're definitely right that it's not a big risk to you, because to be perfectly blunt your information was probably long gone anyway. That doesn't mean that Ameritrade didn't screw up badly. "It's the shipping company's fault" is not an acceptable excuse in this case.
Encryption is not expensive financially. Decent encryption tends to be computationally expensive, though, and may slow backups. Worse, it involves changing processes. Ever tried to make a bank change how they do things?
This isn't a recent spate of customer data loss. It is, as you note, a recent spate of customer data loss reporting. It's mostly due to California Civil Code 1798, formerly known as State Bill 1386. Before we were just quietly leaking like a sieve; now we know we are.
He makes the argument that people who think Firefox is better believe so because of the smaller installed user base. IEusers = stupid, FFusers = smart. Therefore, of course Firefox comes off better. If Firefox had as many stupid users as IE, it would be considered as bad as IE.
I call bullshit. His own argument doesn't make sense, because then he argues that IE might have the same percentage of problems as Firefox. He's begging the question of whether the percentage of problem users is the same with each browser. What do you want to bet that someone is going to quote this article saying that "5% of Firefox users have problems! That's the same percentage of IE users that have problems!" Those are made-up numbers. He's using them as an example. He hasn't proven that they're equivalent
He also digresses, severely, into "Linux isn't really more secure." Well, actually, it is. To my mind, the worst vulnerability out there is one that allows an attacker to remotely execute arbitrary code without user intervention and without personal intervention by the attacker, either. Getting someone to type in a password is a cross-platform vulnerability. Spending a few hours individually targetting that Linux server with old updates happens (just ask me about my friend's goddam mail server). Reading email in an email client with IE-HTML-rendering -- a proven way to do this -- is pretty specific to IE.
After all, it's Windows that has spawned the Sargasso Sea of worms, viruses, Trojans, etc. etc. etc. ad infitum ad nauseum. There is a self-sustaining ecosystem of malicious code that infects and reinfects Windows. UNIX doesn't have that. Of course, UNIX is such a newcomer to the Internet that it hasn't had time to develop that ecosystem -- sorry, what did you say? I'm sure UNIX must be brand new, that's why there are so few automatic exploits, right?
Third, he thinks the raw numbers for vulnerabilities mean anything. They mean nothing, especially when you compare the different philosophies of Microsoft vs. most Linux distributions. Microsoft = admit a problem only if we have to, and then only before it's patched, and if you don't give us 6 months to patch it you're an irresponsible extortionist creep. Linux = full disclosure of every nitpicky bug anyone can think up, like the one where someone with physical access to your box can open the case and copy the hard drive! Claiming that CERT is a wonderful impartial catalogue of vulnerabilities -- when they roll over for vendors, and without mentioning their recommendation to avoid IE -- is disingenuous at best.
The real question for these security vulnerabilities is: do they matter? You can tell by identifying the following: Are they remote? How much user intervention is needed? What can happen if the vulnerability is exploited? DoS is sad but not, frankly, that big a deal. Arbitrary code execution is bad. Priviledge escalation is bad. Sniffing passwords is bad. Does the attacker need to sit there and think about your computer or can he just turn loose an automatic exploit? It might even be that IE is better than FireFox on that at the moment -- I doubt it, but it's possible. However, Langa doesn't examine the real question. It's easier to count beans than to identify them, or know how to make use of them.
His argument seems to be that since Firefox isn't perfectly secure, it's as insecure as Internet Explorer. This is a fallacy. I can't remember which one. The stupid one, I guess.
Ok, now I feel better.
Poster bias: I loathe and despise Microsoft. I think Symantic is a parasite. I like Open Software but "free as in beer" means nothing to me because I also loathe and despise beer. I think Firefox is fine on Windows but it is lousy on Macintosh. My personal favorite browser is Safari.
Also, basic keystrokes (like tabbing to checkboxes so you can check them with the spacebar, or backspace = Back) just don't work. I do have keyboard access turned on.
Now that I've posted this, half a dozen people will tell me how to fix it. However, it's a widespread complaint.
The next line is "Actually he didn't - we just made that quote up."
The problem with your statement is that the U.S. does a crap job of responding to criminal identity theft.