You can't philosophically be a subset of something you don't philosophically agree with. Free Software is Free Software. Open Source came later, and if anything, is a watered-down version of Free Software.
GCC is NOT open source
on
GCC 4.1 Released
·
· Score: 2, Informative
Please refer to GCC as Free Software. Open Source is something completely different, and not nearly as inspiring, imho. Moreover, when GCC pretty much started the whole Free Software movement, it deserves a bit more caution in terminology;)
Precisely. They have a monopoly, just like MS, and they drown out the voices of other, legitimate business models. It's not that theirs model better; it's just that they abuse their power, and do everything they can to make governments side with them.
Once a new, better, shinier game box comes out these will be retired.
Yeah, but "Microsoft" will still be a name kids recognise and respond to as "cool", rather than as a big faceless corporation that sells office products. I don't think the X-Box project has ever been about selling games consoles. It's about getting in good with the next generation of consumers, and maybe crushing some competition along the way.
Dude. It's not about satisfying bureaucracy; it's about stopping the abuses of a monopolistic company that's deliberately disrespecting the societies we live in. You have every reason to want this to succeed, and none to expect it to fail, except for awareness of the fact that Microsoft are intent on circumventing the laws of our societies as long as it means profit for them.
The reason it failed is because Microsoft didn't market the thing like they market other products. I've never even heard of Windows XP N before now, and I have access to Microsoft's "special" news releases, training materials, etc. They still advertise Windows XP here, but I've never once seen an add for XP N.
So. Yes, it failed. But it failed because the company doesn't care about what the judge told it to do, just like when a judge tells an unruly kid to wise up and get back to school, it has no effect. What we need to do now is take harsher measures for the good of our society, not give up because an unruly brat doesn't see what's in everyone's interests including its own.
Actually it is associated with some nasty DRM. But the alternative, HD-DVD, is the one Microsoft REALLY wants to use instead. I'd almost take Sony's offering based on that alone. Luckily, Blu-Ray is also technically superior.
I was not pointing out SHA-1 as a weakness in hard disk encryption. I was pointing it out as evidence that "security holes appear frequently", as I clearly said. Let's stay on topic.
However, as a side note, SHA-1 is used in some block ciphers that have been used for hard drive encryption. And, as I said, if the security of that didn't matter, then no one would bother with cryptographic hash functions, since plain old hash functions would be just fine. There's a reason SHA-1's flaws were taken seriously.
This is a common approach to swap encryption on Linux and other Unices lately. What happens is that the encrypted drive is encrypted on every write, and decrypted on every read, at the single-block level. So even if the machine is suddenly powered-off and then the encrypted drive is read on another machine, it's still encrypted. It's more secure than data partition encryption, for sure. BUT, I think even this is probably flawed, unless you have audited the entire OS to make sure it doesn't store data on swap in any sort of predictable way. If you know that the kernel keeps data about the init process in the first block of swap, for instance, then you have a rosetta stone to break the encryption. A more likely example might be that the kernel might write certain patterns to swap frequently: say, a GNOME icon, followed by the data for the file associated with it. Each of these things in turn have certain recognisable patterns in memory or on swap, so that kind of thing would probably significantly reduce the data's secrecy.
Take it as flippantly as you like, but security holes appear frequently, even in algorithms that are believed to be sound. SHA-1 is a pretty good example.
You're not talking about the same thing I was talking about, though. The grandparent post was claiming that encryption could remain safe for 90 years. Which is clearly not a discussion about "now":)
1) There's nothing really to stop the power being abused by police who don't like the look of someone or have a grudge against them, which is exactly what it is designed to prevent. You do require the judges permission keep them for that long, but it's not too hard to create a case of why you suspect someone.
Agreed:(
2) This odd 90 days which the Police told Tony Blair that they can break any encryption in. They can't - it's impossible!
Nothing is impossible. Certainly not in the world of IT, where no one would ever really need computers, or more than 640K.
- There'll be multiple encrypted files, particularly if they are encrypting their communications (guilty or not guilty). Each one would need 90 days.
Usually, a drive or directory is encrypted en masse, or emails are encrypted with a single keypair. In such cases, deciphering only needs to be done once, and then everything is available.
- They'll not know the encryption algorithm in all cases, so would need to try every one. Each one would need 90 days.
No. I don't know of any computer systems that don't make the algorithm and encrypted data relatively obvious. OSes like Windows and OS X use pre-chosen algos. On systems like Linux, you can simply look at the startup scripts and fstab, to see what algorithms are being used. The only thing that's missing is the passphrase and/or key.
- There are HUNDREDS of encryption algorithms that use such large keys that you can't realistically expect to crack the password in 90 years, let alone 90 days.
You're forgetting how fast computers change. In 20 years, everything we ever thought of in terms of security will be pitifully obsolete.
There are a few around that even with all the supercomputers in the world working it won't have tried every key before the universe ends.
I don't know what you're referring to here. But again, I think you're forgetting the evolution of computers, and of human understanding. Eventually, someone will discover a way. Perhaps just because there is a relatively simple way that the algo's creators never envisaged.
I think the point is that they might very well be able to crack it in 90 days. We have no idea what kind of computer setups government intelligence agencies have. What we do know is that there are already computers out there publically that make a fast enterprise-class machine with many processors look puny, and that governments have big budgets, and quite a bit more interest in the hardware for this sort of thing. We also know that taxes keep rising here in the UK, while visible government services get worse.
Besides the immense CPU time governments may have, when you get to that kind of scale of computing power, the normal cracking rules and delays don't apply, because you have new techniques available, like using multi-terabyte pre-computed databases of passwords for a rainbow-style attack.
There is also the question of how many "gifted" individuals they have employed, who may not be functional enough to come up in normal academic circles, but could very well be catered for by government.
On a more everyday note, AES128 is great and all, but it won't make a damned bit of difference if there is a single hole in Apple's implementation, that lets someone bypass the encryption completely. Flaws in encryption systems come up all the time, even when the encryption algorithm itself isn't known to be flawed. And often, the algorithms are flawed.
Again, I don't want to sound paranoid here. BUT, the only way you can be sure you won't get in trouble is to not do anything you'll get in trouble for, or at least, not get caught. You can encrypt stuff, and even wipe your systems when you shut down etc. You can have smartcards with encryption keys that never leave your person. But at some point you have to log in. Will you get time to wipe that machine's memory and powerdown cleanly if a squad of policemen break the door down? I think not. And even if you do, they'll encourage you very strongly to give them access anyway, I'll bet.
Of course, the other alternative is to just actually be the government's enemy, and not care about your data being found out, because you're so pissed off with them. I think there'll never be a solution to someone who is determined to die for a cause, except to understand why they want to die for that cause, and to slowly help them to re-integrate into society on their terms as much as ours -- maybe more. Meanwhile, us average joes get to worry about our privacy when we really have nothing to feel guilty about.
Dear Sunbelt Software,
I just wanted to complain to someone about a crappy bit of software. c:\abc.exe is has been pissing me off for ages now. It does X, Y, and Z. I really wish there was some software out there to remove this crap.
Thanks for listening.
Dear Pissed Off User,
We actually make anti-spyware software, but I guess we can add this to the list, just because it bugs you so much.
Have a nice day:)
The overlap may be the correct time to call a telecon, but you don't seem to live in the real world where whoever is in charge calls the meetings and you need to be there. It's one of the biggest problems of being a worldwide organization, or even just nationwide.
You know, I find email/mailing lists much more convenient for this. I think it's obvious that the Free Software world is succeeding very well at being an international organisation by using communication methods that allow for time delays, but also cope with people who can respond quickly. Alternatively, if it's such a big organisation and the meeting is crucial to have in real-time for the sake of the company, then the regional managers can hop on a plane and meet in some nice location. If they *need* to have that kind of meeting all the time, then I think it indicates a deeper management structure problem.
If some organizations are using communication methods that don't suit the scale of their organization, it's really their own fault. It's not like there aren't alternatives.
Sounds like the difference there is that someone's in charge. It's hard to charge people for the use of a p2p network that they are a primary node in, just like everyone else.
Actually, most people -- adults especially -- tend to want to get things done on computers. They don't care about the fundamental security of their OS because that's not what's important just then: being able to use it easily to get their task done is. No one wants to be working on something that takes two hours, only to have the computer take them on a five-hour detour to figure out why the printer doesn't work. The average user finds that maddening. People who work in computers find it challenging, but fun.
I figure, whoever gets the most features, with the most DWIM(Do What I Mean)-like interface, will win.
When all OS's do that, then whichever one is more socially beneficial might get preference. Probably not, given how misleading adverts corrupt the direction of technology uptake.
Also, without source code, they're missing out on lots of Linux machines that don't run x86 CPUs, including major G5 clusters, Sparc workstations, Alpha workstations, etc.
A V8 is an engine design (or a class of engine designs), not a car.
You can't philosophically be a subset of something you don't philosophically agree with. Free Software is Free Software. Open Source came later, and if anything, is a watered-down version of Free Software.
Please refer to GCC as Free Software. Open Source is something completely different, and not nearly as inspiring, imho. Moreover, when GCC pretty much started the whole Free Software movement, it deserves a bit more caution in terminology ;)
Precisely. They have a monopoly, just like MS, and they drown out the voices of other, legitimate business models. It's not that theirs model better; it's just that they abuse their power, and do everything they can to make governments side with them.
Dude. It's not about satisfying bureaucracy; it's about stopping the abuses of a monopolistic company that's deliberately disrespecting the societies we live in. You have every reason to want this to succeed, and none to expect it to fail, except for awareness of the fact that Microsoft are intent on circumventing the laws of our societies as long as it means profit for them.
The reason it failed is because Microsoft didn't market the thing like they market other products. I've never even heard of Windows XP N before now, and I have access to Microsoft's "special" news releases, training materials, etc. They still advertise Windows XP here, but I've never once seen an add for XP N.
So. Yes, it failed. But it failed because the company doesn't care about what the judge told it to do, just like when a judge tells an unruly kid to wise up and get back to school, it has no effect. What we need to do now is take harsher measures for the good of our society, not give up because an unruly brat doesn't see what's in everyone's interests including its own.
.Actually it is associated with some nasty DRM. But the alternative, HD-DVD, is the one Microsoft REALLY wants to use instead. I'd almost take Sony's offering based on that alone. Luckily, Blu-Ray is also technically superior.
I was not pointing out SHA-1 as a weakness in hard disk encryption. I was pointing it out as evidence that "security holes appear frequently", as I clearly said. Let's stay on topic.
However, as a side note, SHA-1 is used in some block ciphers that have been used for hard drive encryption. And, as I said, if the security of that didn't matter, then no one would bother with cryptographic hash functions, since plain old hash functions would be just fine. There's a reason SHA-1's flaws were taken seriously.
With Free Software, you can port apps to new systems. Proprietary software and systems, or own your rights. Choose.
No. RAM needs to be wiped to securely erase it. Forensics teams can retrieve data from RAM even after power-down.
This is a common approach to swap encryption on Linux and other Unices lately. What happens is that the encrypted drive is encrypted on every write, and decrypted on every read, at the single-block level. So even if the machine is suddenly powered-off and then the encrypted drive is read on another machine, it's still encrypted. It's more secure than data partition encryption, for sure. BUT, I think even this is probably flawed, unless you have audited the entire OS to make sure it doesn't store data on swap in any sort of predictable way. If you know that the kernel keeps data about the init process in the first block of swap, for instance, then you have a rosetta stone to break the encryption. A more likely example might be that the kernel might write certain patterns to swap frequently: say, a GNOME icon, followed by the data for the file associated with it. Each of these things in turn have certain recognisable patterns in memory or on swap, so that kind of thing would probably significantly reduce the data's secrecy.
Take it as flippantly as you like, but security holes appear frequently, even in algorithms that are believed to be sound. SHA-1 is a pretty good example.
You're not talking about the same thing I was talking about, though. The grandparent post was claiming that encryption could remain safe for 90 years. Which is clearly not a discussion about "now" :)
Not to sound paranoid, but...
I think the point is that they might very well be able to crack it in 90 days. We have no idea what kind of computer setups government intelligence agencies have. What we do know is that there are already computers out there publically that make a fast enterprise-class machine with many processors look puny, and that governments have big budgets, and quite a bit more interest in the hardware for this sort of thing. We also know that taxes keep rising here in the UK, while visible government services get worse.
Besides the immense CPU time governments may have, when you get to that kind of scale of computing power, the normal cracking rules and delays don't apply, because you have new techniques available, like using multi-terabyte pre-computed databases of passwords for a rainbow-style attack.
There is also the question of how many "gifted" individuals they have employed, who may not be functional enough to come up in normal academic circles, but could very well be catered for by government.
On a more everyday note, AES128 is great and all, but it won't make a damned bit of difference if there is a single hole in Apple's implementation, that lets someone bypass the encryption completely. Flaws in encryption systems come up all the time, even when the encryption algorithm itself isn't known to be flawed. And often, the algorithms are flawed.
Again, I don't want to sound paranoid here. BUT, the only way you can be sure you won't get in trouble is to not do anything you'll get in trouble for, or at least, not get caught. You can encrypt stuff, and even wipe your systems when you shut down etc. You can have smartcards with encryption keys that never leave your person. But at some point you have to log in. Will you get time to wipe that machine's memory and powerdown cleanly if a squad of policemen break the door down? I think not. And even if you do, they'll encourage you very strongly to give them access anyway, I'll bet.
Of course, the other alternative is to just actually be the government's enemy, and not care about your data being found out, because you're so pissed off with them. I think there'll never be a solution to someone who is determined to die for a cause, except to understand why they want to die for that cause, and to slowly help them to re-integrate into society on their terms as much as ours -- maybe more. Meanwhile, us average joes get to worry about our privacy when we really have nothing to feel guilty about.
Well, I think AMD do create reference designs at least.
But yes, I think the OP was refering to the Intel x86 architecture, not the Intel's current physical products range.
You know, I find email/mailing lists much more convenient for this. I think it's obvious that the Free Software world is succeeding very well at being an international organisation by using communication methods that allow for time delays, but also cope with people who can respond quickly. Alternatively, if it's such a big organisation and the meeting is crucial to have in real-time for the sake of the company, then the regional managers can hop on a plane and meet in some nice location. If they *need* to have that kind of meeting all the time, then I think it indicates a deeper management structure problem.
If some organizations are using communication methods that don't suit the scale of their organization, it's really their own fault. It's not like there aren't alternatives.
Sounds like the difference there is that someone's in charge. It's hard to charge people for the use of a p2p network that they are a primary node in, just like everyone else.
Actually, most people -- adults especially -- tend to want to get things done on computers. They don't care about the fundamental security of their OS because that's not what's important just then: being able to use it easily to get their task done is. No one wants to be working on something that takes two hours, only to have the computer take them on a five-hour detour to figure out why the printer doesn't work. The average user finds that maddening. People who work in computers find it challenging, but fun.
I figure, whoever gets the most features, with the most DWIM(Do What I Mean)-like interface, will win.
When all OS's do that, then whichever one is more socially beneficial might get preference. Probably not, given how misleading adverts corrupt the direction of technology uptake.
Also, without source code, they're missing out on lots of Linux machines that don't run x86 CPUs, including major G5 clusters, Sparc workstations, Alpha workstations, etc.
I can just imagine it: "Please download this song, and tell us if it should be distributed to people who aren't paying customers."
It's right in the file associations tab of konqueror, or the same (integrated) tab in the KDE control panel.