However, in the initial "grand scheme of things", Sony wanted Cell processors in every piece of consumer electronics to create a sort-of distributed computing model within your home. More processors and more potential entry points. Who knows if that'll still happen.
In any case, the point I've been trying to make is that vector processors can do crypto very well. The Cell's SPUs are just a very good example of that. Who knows what other vector processors could be used..
I want to apologise for the lack of technical detail available. I absolutely hate it when I read a news piece and can't find further info. The media piece came out of a pre-release talk I did at the Kiwicon security conference.
The full presentation will (hopefully) be done at some international security conference. All technical information and source code will be made available then. No software patents are involved;)
It's a list of every recorded vulnerability for the OS and applications which have security notices. With all *nix stuff bundled together with a lack of severity rating.
How the hell can you write an article on that? This is retarded journalism at it's finest - generating bullshit stats from a list that's meant to be a reference point! Bah.
Distributions ship with a hell of a lot more than just a kernel and basic command-line tools. Windows, on the other hand, has quite a few. The data shown is really unclear on how an OS is defined. It would be much more interesting taking a standard Windows desktop installation as a base and pairing that with an open source OS that meets the same level of functionality - then doing the test.
And people tend to forget during a security debate that with proprietary products you're working on the assumption that the source code is never released. I think that's a rather dangerous assumption, given the history of this occuring.
New Zealand is relatively good. I'm biased, I live here.
One of the last attempts at privacy invasion that hit the media was a case of the postal service (which is an SOE) was gathering data on house conditions. This information was deemed to assist with targeted advertising, for a price. There was a large public backlash.
On TV news, there were some quick queries put forward to members of the public. I'll never forget the American dude was simply said, "I moved to here from America to get away from this kind of stuff."
The one thing worrying me is possibility of NZ signing a Free Trade agreement with the US. You get dicked when you do that. But we're quite anti-American here due to the Iraq war, so we may be safe for now =)
In this case, it's because there's a known defect across a range of consoles that is potentially life-threatening.
Microsoft haven't been able to identify affected consoles and there are no plans for a recall. Would you happily go and install one in a kid's bedroom without extensive testing?
Then start hacking your Thinstation dist around. Easy to maintain over time (just upload new Thinstation images). Write a quick shell script to ftp down an image off a server and use dd. The user could pick an image or alternatively use some hardware identifier (using lspci, etc.) to automatically pick one for a user.
Another idea would be to use a floppy-disk based Linux dist which does effectively the same thing. Maintenance is harder (new floppies / cdroms each time you want to change the system).
This also keeps your process nice and open for the future =)
So, effectively there's a Debian release that's caught up to distributions that's had some of this technology for years?
Don't get me wrong - it's great news. I've always believed that having different distributions has always been a strength of GNU/Linux.
But hey - Debian's only just finally caught up. Why's it taken so long? (low priority I'm guessing?) Where is this new release leading to? A new way of installing and managing Debian in general?
I'll personally be much more inclined to use Debian for certain tasks in my enterprise environment in the future. Specifically thanks to the safeguards against apt repository poisoning.
To my knowledge, there isn't _one_ RedHat partner in New Zealand. Let alone any presence from any other commercial dist.
Jumping on this, Novell New Zealand has quite successfully been pushing their product and support. Without really any competitor, they're taking over the public and private sector by storm.
So yeah. No suprise regarding the outcome of preferential Linux vendor choice =)
I never advocate Debian because of the lack of signed packages. Big security risk in my opinion.
Poison a Debian package repository and you have mass ownage.
Plus, the lack of stable releases. You can arguably use "testing" and there are good reasons to. I just hate the idea of using a release publicly stated as being in a "testing" state on enterprise production hardware =(
Also, there's the issue of support with proprietary software on Linux. There's always support for RedHat and SLES.. never Debian.
You're attempting to help diagnose a (presumably) large network. Very honourable, but attempting to do this gung-ho with a few responses from slashdot is very silly.
Grab a consultant from a local small Linux shop for a few days. Someone with good knowledge about system/network architecture.
Get them to poke around on your network. Provide all documentation you have available.
After the first day, you should have all the information necessary to write up a document regarding your existing issues. Make notes while he's using tools to investigate. From there you work with the consultant to come up with a separate document for resolutions with a criticality rating.
From there, you want systems in place to monitor the health of your network. Have a chat to him about it, but I'd be inclined to build a solution which was centered around using Nagios.
While consultants can (and frequently do) suck when you come to specifics, they are a valuable resource for pointing you in the right direction. And experience counts! They've done this stuff before, they know the pitfalls and proven solutions.
But we are definitely having problems abiding by the Kyoto protocol, because of sheep farts. I'm damn serious. We have many sheep and other livestock here in Kiwiland, which pump out a serious amount of methane. But there are good moves being done to curb this: http://www.google.com/search?q=sheep+methane+emiss ions
Because we all have fun using technology in ways that the inventor didn't invision.
Xbox's running custom media centre applications. Using game ROM's in emulators Overclocking and tweaking Gateways that use NAT for TCP/IP
They're effectively hacks. We enjoy using them.
Many of us here don't see computers as pre-assembled things which can do only specific tasks. We code, we hack, we play, we tinker. Screw anyone who tries to tell me this mindset is wrong.
From TFA: Hollywood reported global revenue of $84 billion in 2004, according to PricewaterhouseCoopers, the accounting firm. With most theatrical releases amounting to little more than an unprofitable, expensive form of marketing, DVD's have become Hollywood's lifeblood: together with videos, they kick in $55.6 billion, or about two-thirds of the industry's annual haul, with box-office receipts making up most of the rest.
From that paragraph, isn't it clear that accessibility ("freedom" to an extent?) is what people want. People want to be able to get access to a movie when they want to and watch it in whatever way they feel like.
The whole system is broken, because it's old and redundant. Money is spent exorbitantly in all the wrong places and, quite simply, isn't obeying simple rules of economics. You want to push your product out as much as possible at a price that people are prepared to pay.
The only saving grace is that this antiquated system is doomed. I, for one, welcome the new era of "Pro-Ams" and the demise of DRM.
Someone thought about screwing around with an Ipod to do things other than play music. Someone managed to get Linux on an Ipod and documented it. Someone saw a new product.
Innovation / Research -> Technology -> Product(s)
Innovation is not a driving force behind IT. As Microsoft constantly keep reminding us. Technology is constantly reused and recycled.
New Zealand's Ministry of Education has inked a deal to provide GNU/Linux under the Novell banner for public schools.
I feel that this is nothing other than an incredible breakthrough for us Kiwis. By giving our kids the opportunity to become aware of alternatives, we could definitely see some great change coming soon.
I'd gamble my money that if the ReactOS project (Windows clone) comes close to maturity.. you'll see more than just a little dent hit Windows.
People like things for free. Unfortunately few care about being free.
I see the ReactOS project as an unfortunate stepping stone. No disrespect to the developers - I have a lot of respect towards what they're doing and view it as necessary. People need to be weened off Windows and developers will follow. But ReactOS itself will have a finite lifespan.
Probably not a bad thing. Linux (the kernel), at least as we know it today, probably does too.
When ReactOS can install MS Office, DirectX and hardware drivers happily - just watch the shift. It will be more secure, faster and generally better than "Windows". The choice for gamers, the choice for PC manufacturers cutting costs, the choice to install on your parents' computer.
Today, GNU/Linux is a brilliant replacement for those who cut the cord and dive in. It's unfortunate that the masses won't realise or respect the parallel drive which has been occurring for over the past decade to give people another viable, open and free choice.
At least when ReactOS hits hard, developers will have portability as a focus. Everyone will win - it's called choice. And within the next decade I bet we'll see the a distributed share. Not a landslide "victory".
A month or go, a project was trialled in Wellington, New Zealand to get the local posties who work for NZ Post (an SOE) to make comments about the houses they visited. They would then relay data back for sale to marketing types.
Far too big brother-ish for us =D A handleful of people in the trial-based neighbourhood spit tacks and it was shut down in a couple of days.
On national news there was an American saying "I moved here to get away from this kinda stuff".
Yup. We're pretty damned liberal here. We like mocking the few conservatives around =)
-Decriminalised prostitution -Gay "civil union" marriage alternative -No force-feeding of religion in public schools etc. etc..
I would claim the majority of people in the IT industry just have little clue about what they're doing. It's a job to them, not a passion. They don't care about making things better, they care about getting their paycheck.
In this day, it's now painfully obvious that many people who work in IT are just bloodsuckers. They claim to know what they're doing and yet they manage to accomplish amazing feats of stupidity.
Come on. We all know that guy who's an Exchange administrator who can't explain how an e-mail gets from one persons computer to another. Or the web designer who solely uses Frontpage. Or the system administrator who has managed to get Windows installed on a PC.. but can't quite do anything else.
It's all too common. The IT industry just pisses me off now because it's filled with flunkies got an MCSE out of a crackerjack box.
And now Joe Public has a dim view on techies? Took them too bloody long imho.
With Win2k, maybe XP too, you need to download a special pack to get the 3des cipher if your copy is from outside the US. IIRC, this isn't even the default cipher. Plain DES is! (which is very insecure;))
Screw encrypting stuff with 3des =/ Laptop power is precious enough as it is.
-Port scan to find local e-mail server -Arp spoof e-mail server -Port scan to find local proxy server if no direct net access -HTTP PUT proxied email data to website x
Ok, there's lots of conditions and many different implementations. I'm just trying to point out that local storage is not necessary - or probably wanted.
Slashdot Mirror
Heya, Nick B here..
;)
The above author made a very valid point =)
However, in the initial "grand scheme of things", Sony wanted Cell processors in every piece of consumer electronics to create a sort-of distributed computing model within your home. More processors and more potential entry points. Who knows if that'll still happen.
In any case, the point I've been trying to make is that vector processors can do crypto very well. The Cell's SPUs are just a very good example of that. Who knows what other vector processors could be used..
I want to apologise for the lack of technical detail available. I absolutely hate it when I read a news piece and can't find further info. The media piece came out of a pre-release talk I did at the Kiwicon security conference.
The full presentation will (hopefully) be done at some international security conference. All technical information and source code will be made available then. No software patents are involved
I always scoffed when people claimed that Half-Life 2 was "so realistic". Well bugger me, they weren't wrong - just early.
Ok, I'm definitely a little hungover still.
It's a list of every recorded vulnerability for the OS and applications which have security notices. With all *nix stuff bundled together with a lack of severity rating.
How the hell can you write an article on that? This is retarded journalism at it's finest - generating bullshit stats from a list that's meant to be a reference point! Bah.
Distributions ship with a hell of a lot more than just a kernel and basic command-line tools. Windows, on the other hand, has quite a few. The data shown is really unclear on how an OS is defined. It would be much more interesting taking a standard Windows desktop installation as a base and pairing that with an open source OS that meets the same level of functionality - then doing the test.
And people tend to forget during a security debate that with proprietary products you're working on the assumption that the source code is never released. I think that's a rather dangerous assumption, given the history of this occuring.
New Zealand is relatively good. I'm biased, I live here.
One of the last attempts at privacy invasion that hit the media was a case of the postal service (which is an SOE) was gathering data on house conditions. This information was deemed to assist with targeted advertising, for a price. There was a large public backlash.
On TV news, there were some quick queries put forward to members of the public. I'll never forget the American dude was simply said, "I moved to here from America to get away from this kind of stuff."
The one thing worrying me is possibility of NZ signing a Free Trade agreement with the US. You get dicked when you do that. But we're quite anti-American here due to the Iraq war, so we may be safe for now =)
In this case, it's because there's a known defect across a range of consoles that is potentially life-threatening.
Microsoft haven't been able to identify affected consoles and there are no plans for a recall. Would you happily go and install one in a kid's bedroom without extensive testing?
Screw that. You can now get the Black Smoke-Screen Of Death!
Etherboot (http://etherboot.sourceforge.net/) + ThinStation (http://thinstation.sourceforge.net/wiki/index.php /ThIndex)
Then start hacking your Thinstation dist around. Easy to maintain over time (just upload new Thinstation images). Write a quick shell script to ftp down an image off a server and use dd. The user could pick an image or alternatively use some hardware identifier (using lspci, etc.) to automatically pick one for a user.
Another idea would be to use a floppy-disk based Linux dist which does effectively the same thing. Maintenance is harder (new floppies / cdroms each time you want to change the system).
This also keeps your process nice and open for the future =)
So, effectively there's a Debian release that's caught up to distributions that's had some of this technology for years?
Don't get me wrong - it's great news. I've always believed that having different distributions has always been a strength of GNU/Linux.
But hey - Debian's only just finally caught up. Why's it taken so long? (low priority I'm guessing?) Where is this new release leading to? A new way of installing and managing Debian in general?
I'll personally be much more inclined to use Debian for certain tasks in my enterprise environment in the future. Specifically thanks to the safeguards against apt repository poisoning.
Great stuff dudes =)
Cool! I think.. =/
Does this mean Debian packages (.deb's) now have signing support?
I mean, you just linked a gpg key. I want to know about the implementation =)
To my knowledge, there isn't _one_ RedHat partner in New Zealand. Let alone any presence from any other commercial dist.
Jumping on this, Novell New Zealand has quite successfully been pushing their product and support. Without really any competitor, they're taking over the public and private sector by storm.
So yeah. No suprise regarding the outcome of preferential Linux vendor choice =)
I never advocate Debian because of the lack of signed packages. Big security risk in my opinion.
Poison a Debian package repository and you have mass ownage.
Plus, the lack of stable releases. You can arguably use "testing" and there are good reasons to. I just hate the idea of using a release publicly stated as being in a "testing" state on enterprise production hardware =(
Also, there's the issue of support with proprietary software on Linux. There's always support for RedHat and SLES.. never Debian.
You're attempting to help diagnose a (presumably) large network. Very honourable, but attempting to do this gung-ho with a few responses from slashdot is very silly.
Grab a consultant from a local small Linux shop for a few days. Someone with good knowledge about system/network architecture.
Get them to poke around on your network. Provide all documentation you have available.
After the first day, you should have all the information necessary to write up a document regarding your existing issues. Make notes while he's using tools to investigate. From there you work with the consultant to come up with a separate document for resolutions with a criticality rating.
From there, you want systems in place to monitor the health of your network. Have a chat to him about it, but I'd be inclined to build a solution which was centered around using Nagios.
While consultants can (and frequently do) suck when you come to specifics, they are a valuable resource for pointing you in the right direction. And experience counts! They've done this stuff before, they know the pitfalls and proven solutions.
No! These other chat rooms have been acting as a great filter...
Heat producer? I've never heard that. Got a link?
s ions
But we are definitely having problems abiding by the Kyoto protocol, because of sheep farts. I'm damn serious.
We have many sheep and other livestock here in Kiwiland, which pump out a serious amount of methane. But there are good moves being done to curb this: http://www.google.com/search?q=sheep+methane+emis
Because we all have fun using technology in ways that the inventor didn't invision.
Xbox's running custom media centre applications.
Using game ROM's in emulators
Overclocking and tweaking
Gateways that use NAT for TCP/IP
They're effectively hacks. We enjoy using them.
Many of us here don't see computers as pre-assembled things which can do only specific tasks. We code, we hack, we play, we tinker. Screw anyone who tries to tell me this mindset is wrong.
From TFA:
Hollywood reported global revenue of $84 billion in 2004, according to PricewaterhouseCoopers, the accounting firm. With most theatrical releases amounting to little more than an unprofitable, expensive form of marketing, DVD's have become Hollywood's lifeblood: together with videos, they kick in $55.6 billion, or about two-thirds of the industry's annual haul, with box-office receipts making up most of the rest.
From that paragraph, isn't it clear that accessibility ("freedom" to an extent?) is what people want. People want to be able to get access to a movie when they want to and watch it in whatever way they feel like.
The whole system is broken, because it's old and redundant. Money is spent exorbitantly in all the wrong places and, quite simply, isn't obeying simple rules of economics. You want to push your product out as much as possible at a price that people are prepared to pay.
The only saving grace is that this antiquated system is doomed. I, for one, welcome the new era of "Pro-Ams" and the demise of DRM.
Someone thought about screwing around with an Ipod to do things other than play music.
Someone managed to get Linux on an Ipod and documented it.
Someone saw a new product.
Innovation / Research -> Technology -> Product(s)
Innovation is not a driving force behind IT. As Microsoft constantly keep reminding us. Technology is constantly reused and recycled.
Adding onto parent..
Would Apple actually have the resources and drive to get decent hardware support for non-Apple gear?
Is this possibly a simple resource issue for Apple?
http://www.stuff.co.nz/stuff/0,2106,3348057a28,00. html
New Zealand's Ministry of Education has inked a deal to provide GNU/Linux under the Novell banner for public schools.
I feel that this is nothing other than an incredible breakthrough for us Kiwis. By giving our kids the opportunity to become aware of alternatives, we could definitely see some great change coming soon.
I'd gamble my money that if the ReactOS project (Windows clone) comes close to maturity.. you'll see more than just a little dent hit Windows.
People like things for free. Unfortunately few care about being free.
I see the ReactOS project as an unfortunate stepping stone. No disrespect to the developers - I have a lot of respect towards what they're doing and view it as necessary. People need to be weened off Windows and developers will follow. But ReactOS itself will have a finite lifespan.
Probably not a bad thing. Linux (the kernel), at least as we know it today, probably does too.
When ReactOS can install MS Office, DirectX and hardware drivers happily - just watch the shift. It will be more secure, faster and generally better than "Windows". The choice for gamers, the choice for PC manufacturers cutting costs, the choice to install on your parents' computer.
Today, GNU/Linux is a brilliant replacement for those who cut the cord and dive in. It's unfortunate that the masses won't realise or respect the parallel drive which has been occurring for over the past decade to give people another viable, open and free choice.
At least when ReactOS hits hard, developers will have portability as a focus. Everyone will win - it's called choice. And within the next decade I bet we'll see the a distributed share. Not a landslide "victory".
Since you mentioned moving to New Zealand..
A month or go, a project was trialled in Wellington, New Zealand to get the local posties who work for NZ Post (an SOE) to make comments about the houses they visited. They would then relay data back for sale to marketing types.
Far too big brother-ish for us =D A handleful of people in the trial-based neighbourhood spit tacks and it was shut down in a couple of days.
On national news there was an American saying "I moved here to get away from this kinda stuff".
Yup. We're pretty damned liberal here. We like mocking the few conservatives around =)
-Decriminalised prostitution
-Gay "civil union" marriage alternative
-No force-feeding of religion in public schools
etc. etc..
I would claim the majority of people in the IT industry just have little clue about what they're doing. It's a job to them, not a passion. They don't care about making things better, they care about getting their paycheck.
In this day, it's now painfully obvious that many people who work in IT are just bloodsuckers. They claim to know what they're doing and yet they manage to accomplish amazing feats of stupidity.
Come on. We all know that guy who's an Exchange administrator who can't explain how an e-mail gets from one persons computer to another. Or the web designer who solely uses Frontpage. Or the system administrator who has managed to get Windows installed on a PC.. but can't quite do anything else.
It's all too common. The IT industry just pisses me off now because it's filled with flunkies got an MCSE out of a crackerjack box.
And now Joe Public has a dim view on techies? Took them too bloody long imho.
With Win2k, maybe XP too, you need to download a special pack to get the 3des cipher if your copy is from outside the US. IIRC, this isn't even the default cipher. Plain DES is! (which is very insecure ;))
Screw encrypting stuff with 3des =/ Laptop power is precious enough as it is.
Off the top of my head..
-Port scan to find local e-mail server
-Arp spoof e-mail server
-Port scan to find local proxy server if no direct net access
-HTTP PUT proxied email data to website x
Ok, there's lots of conditions and many different implementations. I'm just trying to point out that local storage is not necessary - or probably wanted.