a port-80 restrictive firewall And how would this prevent exploits in applications that can use the port 80, like browsers ? Sites like http://secunia.com/ are full of reasons why a restrictive firewall is clearly not enough.
Tighter integration with the human body can prevent these problems while still maintaining the benefits of having the symbiont. Aa long as the symbiont will be a real species that can mutate and evolve, it will be difficult to rule out any evolution towards a parasite or killer. And by definition a symbiont has to be a real species.
Some solutions: 1. invent a new DNA that does not mutate... could be useful for cancer too 2. integrate the symbiont DNA into our genome, so that it will generate a new type of cell, closely mimicking the symbiont cells. New potential cancer cells ensue. 3. just modify our existing cells so that they are no longer vulnerables to some "attacks". Security patch:)
1. and 3. look less dangerous. 3. can be done already.
Well, you could kill off all of the bacteria in your body, but you'd have to figure out a different way to digest your food. Not all food need bacteria to be digested. In fact we can choose or process our food so bacterias are not useful anymore.
Face it, we've got a symbiotic relationship. It's a good thing. The boundaries between symbionts and parasites are very blurry. It's in a parasite species "best interest" to keep at least some of its hosts able to reproduce. It is even "better" if the host can become a widepsread species with some help of its parasite, thus becoming a symbiont.
On the other hand, mutated symbionts that "steal" more stuff from the other species can get an advantage over their non-mutated brothers, thus becoming parasites and/or killers.
The more we will get better at genetic engineering, the more we will find that having symbionts is a potential hazard that is no longer needed.
Also, don't forget the billions of bacteria in every human body. While new antibiotics could possibly get rid of all these bacterias, there is no foreseeable way to get rid of all the viruses that have inserted their genes inside our cells genome. Thus they do have got us as a space plan.
friend-to-friend P2P is less risky and is TFA answer: http://en.wikipedia.org/wiki/Friend-to-friend Now the only ones that know that you provided some files are your friends. Will they sue you for providing or censoring a file ? Less risky, definitely.
No, RTFA: "A drawback to Psiphon is that the person behind the firewall has to be given a user name and password by the person offering up the computer. With this kind of setup, Mr. Villeneuve said, activists may end up working with specific dissidents and people in repressive countries may rely on relatives abroad to help them get connected."
That depends. In a server environment you could even forbid scripts from running unless the signed and checked. Ever heard of security bugs that allow soemone to execute code without having permission to do so? Buffer overflows are only an example of those bugs. http://secunia.com/ is full of them . the TPM won't protect from all these bugs, it's not a magical wand.
Won't help, a TPM checks each time an application is executed and doesn't permit anything to write to the app's program area after the initial load. Obviously you don't know what a TPM is. The definition of a TPM comes from TCPA/TCG. It is mainly a device used to store cryptographic hashes. What you are talking about here is much more along the lines of the NGSCB/Palladium OS from Microsoft. But it won't be a magical tool able to remove all bugs !
Think about it, any non-minor bug that can be voluntary triggered, can be a security hole, at least for a denial of service, and often for tampering data or getting access to forbidden data. You don't always need to execute arbitrary code in order to do harm to a system.
TPMS are going in to corporate laptops, because they let the IT dept lock down the box against, spyware, trojans and end users. If they blindly trust the TPM to protect against all security holes and bugs, they should get another job. The TPM won't prevent the users putting at risk corporate information when they use IE: http://secunia.com/product/11/ Same thing for all applications and OS that have critical remote holes. And they are many.
The idea of being able to sign every binary on the machine and KNOW to a high degree of certainty is a great thing. You can already do this by booting on a Tripwire boot disk. No TPM needed. And Tripwire is open source that you can verify yourself, while the TPM can't be opened to see what's really inside.
No matter how on top of updating you are, no matter how anan you are with the iptables rules, you always wonder if somebody out there who knows a trick you missed has rooted ya. The TPM won't fix all OS and application bugs that allow someone to tamper with your data, unless you live in wonderland. What if the attacker make sure that all OS files on your disk are restored each time you reboot ? All the attacker does is break again into your OS each time you boot, using the same bugs in your OS or applications (or new ones, since new ones appear everyday on secunia.com).
Of course, the attacker may be the receiver, in which case she KNOWS the value at one end. And that is the trivial breaking case. You've got the same problem when you send photons (the quantum version). But if what you send is a long random key (a long one-time-pad) and the checksum of the measures sent back (encrypted by an already verified and smaller one-time-pad) by the receiver doesn't match , then you know there was a man-in-the-middle and that the new long pad should not be used.
You are right. And don't forget that Apache (and all HTTPD servers), FTP servers, NFS, can be used to exchange copyrighted works. So they will be also forbidden.
I could be wrong, though...rusty, as I said. In any case, it doesn't seem that different from other laws passed elsewhere, and the firefox/OpenOffice people could relax? Someone else can confirm/refute. No. This go quite further than the DMCA or EUCD. DMCA only prevent you from breaking DRM protections. Here, they say they will forbid every software that is not DRM enabled ! And the DRM has to be "up-to-date", whatever that means. This will prevent the use of a lot of free open-source software.
any script kiddie can use them to break into a Linux program (like SSL, SMBFS) whenever he wants to. OK here are critical unpatched vulnerabilities for an up-to-date XP (anyone can use these now) http://secunia.com/product/22/ for IE: http://secunia.com/product/11/
Now show me the same critical unpatched flaws for Linux + openSSL + smbFS + Firefox !
unpatched and known (exploits) vulnerabilities are still a big MS problem: any script kiddie can use them to break into a MS program (like XP or IE) whenever he wants to. Any day, any time, you find plenty of these: http://secunia.com/
testing now with installer and security updates
on
Etch Goes Beta
·
· Score: 2, Informative
This doesn't mean etch will be released as stable soon. All RC bugs will have to be fixed first. But since there is now a security team for testing, http://secure-testing-master.debian.net/ , it means you can now install testing and use apt to get security updates.
"testing" is now a full debian distro (if not official) as are "oldstable", "stable" and "unstable"
debian-installer for etch hits beta
on
Etch Goes Beta
·
· Score: 3, Informative
"debian-installer for etch hits beta" would be a more accurate title. etch is "testing" ever since sarge was released as "stable"
Re:one time pad: proven to be the only secure ciph
on
RSA-640 Factored
·
· Score: 1
What you mean is: the one time pad is the only available cipher that has been proven to be secure. No. from wikipedia: Universal unbreakability: Claude Shannon's work showed any perfect encryption system requires that the number of possible plaintext messages does not exceed the number of possible keys. If the number of possible keys and plaintexts are measured in, say, bits, this is equivalent to saying that the key must be at least as long as the plaintext.
You can find the Shannon proof on the web.
one time pad: proven to be the only secure cipher
on
RSA-640 Factored
·
· Score: 1
What every sysadmin should know is that the unpatched known holes of today are not only open doors for crackers, they are the open doors for the next worms. Every sysadmin should check security sites like Secunia, with a list of unpatched known holes for each software they use: http://secunia.com/
I notice the words Linux and Unix share many of the same letters. Guilty! That's why I bought a lot of SCO stock at 100$ each ! Oups, it appears Unix is a trademark from the OpenGroup... http://opengroup.org/certification/unix-home.html I'm selling... at 4$:(
Slashdot Mirror
a port-80 restrictive firewall
And how would this prevent exploits in applications that can use the port 80, like browsers ?
Sites like http://secunia.com/ are full of reasons why a restrictive firewall is clearly not enough.
Tighter integration with the human body can prevent these problems while still maintaining the benefits of having the symbiont.
:)
Aa long as the symbiont will be a real species that can mutate and evolve, it will be difficult to rule out any evolution towards a parasite or killer. And by definition a symbiont has to be a real species.
Some solutions: 1. invent a new DNA that does not mutate... could be useful for cancer too
2. integrate the symbiont DNA into our genome, so that it will generate a new type of cell, closely mimicking the symbiont cells. New potential cancer cells ensue.
3. just modify our existing cells so that they are no longer vulnerables to some "attacks". Security patch
1. and 3. look less dangerous.
3. can be done already.
Well, you could kill off all of the bacteria in your body, but you'd have to figure out a different way to digest your food.
Not all food need bacteria to be digested. In fact we can choose or process our food so bacterias are not useful anymore.
Face it, we've got a symbiotic relationship. It's a good thing.
The boundaries between symbionts and parasites are very blurry. It's in a parasite species "best interest" to keep at least some of its hosts able to reproduce. It is even "better" if the host can become a widepsread species with some help of its parasite, thus becoming a symbiont.
On the other hand, mutated symbionts that "steal" more stuff from the other species can get an advantage over their non-mutated brothers, thus becoming parasites and/or killers.
The more we will get better at genetic engineering, the more we will find that having symbionts is a potential hazard that is no longer needed.
Also, don't forget the billions of bacteria in every human body.
While new antibiotics could possibly get rid of all these bacterias, there is no foreseeable way to get rid of all the viruses that have inserted their genes inside our cells genome. Thus they do have got us as a space plan.
Start your own net with your friends and their own friends and so on.
For more information see http://en.wikipedia.org/wiki/Friend-to-friend
http://www.tonymcfadden.net/tpmvendors.html
/ 2006/02/yes_trusted_com.html
You can see that a lot of intel chipsets do have tcpa/tcg.
And yes tcg is used for drm (and remote identification of your hardware aka "remote attestation"):
http://www.informationweek.com/blog/main/archives
friend-to-friend P2P is less risky and is TFA answer:
http://en.wikipedia.org/wiki/Friend-to-friend
Now the only ones that know that you provided some files are your friends. Will they sue you for providing or censoring a file ? Less risky, definitely.
No, RTFA:
"A drawback to Psiphon is that the person behind the firewall has to be given a user name and password by the person offering up the computer. With this kind of setup, Mr. Villeneuve said, activists may end up working with specific dissidents and people in repressive countries may rely on relatives abroad to help them get connected."
This is not far from a Friend-to-Friend network (F2F P2P):
http://en.wikipedia.org/wiki/Friend-to-friend
That depends. In a server environment you could even forbid scripts from running unless the signed and checked.
Ever heard of security bugs that allow soemone to execute code without having permission to do so? Buffer overflows are only an example of those bugs. http://secunia.com/ is full of them . the TPM won't protect from all these bugs, it's not a magical wand.
Won't help, a TPM checks each time an application is executed and doesn't permit anything to write to the app's program area after the initial load.
Obviously you don't know what a TPM is. The definition of a TPM comes from TCPA/TCG. It is mainly a device used to store cryptographic hashes. What you are talking about here is much more along the lines of the NGSCB/Palladium OS from Microsoft. But it won't be a magical tool able to remove all bugs !
Think about it, any non-minor bug that can be voluntary triggered, can be a security hole, at least for a denial of service, and often for tampering data or getting access to forbidden data. You don't always need to execute arbitrary code in order to do harm to a system.
TPMS are going in to corporate laptops, because they let the IT dept lock down the box against, spyware, trojans and end users.
If they blindly trust the TPM to protect against all security holes and bugs, they should get another job.
The TPM won't prevent the users putting at risk corporate information when they use IE:
http://secunia.com/product/11/
Same thing for all applications and OS that have critical remote holes. And they are many.
The idea of being able to sign every binary on the machine and KNOW to a high degree of certainty is a great thing.
You can already do this by booting on a Tripwire boot disk. No TPM needed. And Tripwire is open source that you can verify yourself, while the TPM can't be opened to see what's really inside.
No matter how on top of updating you are, no matter how anan you are with the iptables rules, you always wonder if somebody out there who knows a trick you missed has rooted ya.
The TPM won't fix all OS and application bugs that allow someone to tamper with your data, unless you live in wonderland. What if the attacker make sure that all OS files on your disk are restored each time you reboot ? All the attacker does is break again into your OS each time you boot, using the same bugs in your OS or applications (or new ones, since new ones appear everyday on secunia.com).
Of course, the attacker may be the receiver, in which case she KNOWS the value at one end. And that is the trivial breaking case.
You've got the same problem when you send photons (the quantum version).
But if what you send is a long random key (a long one-time-pad) and the checksum of the measures sent back (encrypted by an already verified and smaller one-time-pad) by the receiver doesn't match , then you know there was a man-in-the-middle and that the new long pad should not be used.
You are right. And don't forget that Apache (and all HTTPD servers), FTP servers, NFS, can be used to exchange copyrighted works. So they will be also forbidden.
I could be wrong, though...rusty, as I said. In any case, it doesn't seem that different from other laws passed elsewhere, and the firefox/OpenOffice people could relax? Someone else can confirm/refute.
No. This go quite further than the DMCA or EUCD. DMCA only prevent you from breaking DRM protections.
Here, they say they will forbid every software that is not DRM enabled ! And the DRM has to be "up-to-date", whatever that means. This will prevent the use of a lot of free open-source software.
any script kiddie can use them to break into a Linux program (like SSL, SMBFS) whenever he wants to.
OK here are critical unpatched vulnerabilities for an up-to-date XP (anyone can use these now)
http://secunia.com/product/22/
for IE:
http://secunia.com/product/11/
Now show me the same critical unpatched flaws for Linux + openSSL + smbFS + Firefox !
I think it's a new method to combat OSS.
m anagement)&oldid=27780071
Not really new. According to Wikipedia, Scrum was first used at Easel Corporation in 1993.
As for "Schedule a demo of the software with the customer/client of the software for one month from now", OSS CVS snapshots are quite close to this.
http://en.wikipedia.org/w/index.php?title=Scrum_(
http://madwifi.org/wiki/UserDocs/GettingMadwifi
unpatched and known (exploits) vulnerabilities are still a big MS problem: any script kiddie can use them to break into a MS program (like XP or IE) whenever he wants to. Any day, any time, you find plenty of these:
http://secunia.com/
This doesn't mean etch will be released as stable soon. All RC bugs will have to be fixed first.
But since there is now a security team for testing, http://secure-testing-master.debian.net/ ,
it means you can now install testing and use apt to get security updates.
"testing" is now a full debian distro (if not official) as are "oldstable", "stable" and "unstable"
"debian-installer for etch hits beta" would be a more accurate title.
etch is "testing" ever since sarge was released as "stable"
What you mean is: the one time pad is the only available cipher that has been proven to be secure.
No.
from wikipedia:
Universal unbreakability:
Claude Shannon's work showed any perfect encryption system requires that the number of possible plaintext messages does not exceed the number of possible keys. If the number of possible keys and plaintexts are measured in, say, bits, this is equivalent to saying that the key must be at least as long as the plaintext.
You can find the Shannon proof on the web.
The "one time pad" has been proven to be the only secure cipher that will ever be available:
http://en.wikipedia.org/wiki/One-time_pad
Yipee, the good ole days never ended...
http://secunia.com/product/22/
http://secunia.com/product/11/
It seems "hot fixes" are just for some of the old (and mildly warm) vulnerabilties.
What every sysadmin should know is that the unpatched known holes of today are not only open doors for crackers, they are the open doors for the next worms.
Every sysadmin should check security sites like Secunia, with a list of unpatched known holes for each software they use:
http://secunia.com/
I notice the words Linux and Unix share many of the same letters. Guilty! :(
That's why I bought a lot of SCO stock at 100$ each !
Oups, it appears Unix is a trademark from the OpenGroup... http://opengroup.org/certification/unix-home.html
I'm selling... at 4$