The A/V industry is having difficulty keeping up with the ever evolving and growing malware industry, but "completely wasted"? I don't think so.
For Geeks who delete suspicious emails, use Thunderbird (so emails are not rendered in the IE engine), etc., sure, an AV may be a useless waste of CPU cycles. But for the nontechnical user, it's important. While it's difficult to keep up with outbreaks, it's important for older viruses in the wild- something Grandma may not catch.
Now, as for a whitelist. Dumb idea. It puts too much power in the hands of AV companies (who can say "$$$ to get on the list!" or if users can change it, they'll get "IMPORTANT WINDOWS UPDATE- REMEMBER TO ADD TO YOUR WHITELIST!". What about unsigned programs? Updated versions?
A whitelist might work for children, for work PCs, for other non-administrators. But people ultimately want to install their own programs without the blessing of company XYZ.
And, as a geek, I strongly disagree that it's impossible to remain secure, it just takes a little training. I know nontechnical users, I teach them for 10 minutes, and they have good habits. Don't open emails saying "A greeting card from a classmate", don't run unsolicited programs, if you get an email saying it's from chase.com "Important Account Update" visit their directly, etc.). Those habits go a long way, along with some layered protection (ZoneAlarm Free, Router w/ a firewall, Avast Home, Immunize in SpywareBlaster, and Immunize in Spybot S&D). That user still has some trouble with some tasks, but with a little common sense and some good protection, they've stayed infection free for 4 years.
(And, of course, I fix the computer as a friend, and I occasionally run rootkit detection and AV from a LiveCD just to make sure).
I wonder if they'll update the machines beforehand. Anyone remember how long it takes for a Pre-SP2 copy of Windows without a good AV and firewall takes to get a worm? Minutes?
In all seriousness, I hope that they take some precautionary steps before plugging in the LAN cables...
Doesn't the OLPC use a lower power screen? How does the battery life with these cheaper, power hungry screens? It would kind of defeat the purpose of this if you could only use it for an hour without plugging it in...
If you have $30 router and a minor issue with it, the 2 minutes it takes to apply new firmware isn't a terrible inconvenience.
And, thanks to new exploits like this, firmware upgrades may be necessary to block exploits from sabotaging your network equipment, simply maliciously (bricking) or for profit (undetectable redirects to phishing sites, attaching your affiliate ID to all ads, catching any SSN/Credit Card Number/Login going through even if it is not a phishing site.
Is it possible to exploit firmware from the outside, unless the person has enabled remote management and is using the default password?
Those two rarely go hand in hand.
However, I think we'll see a lot of trojans with firmware payloads. How many people use the WRT54G? And how many access points are unsecured with the name "linksys"? Those people probably didn't change their admin password.
Simple solution: Hardware button. You have to press it to flash the router, and you have a minute after you press it to upload the firmware. Should be an easy thing to do and provide a great amount of protection.
I'd have to fully agree with the author's opinion. Like an earlier poster, however, I've had several people (including 70+ yr olds) to the Ubuntu GUI. When compared to Vista or XP, they agreed it was easier.
Linux faces a few problems that are slowing widespread adoption:
-Hardware support. This becomes less of a problem everyday. Dell supplies Linux drivers for every component of my 2 year old budget (less than $1000 USD) laptop, and as a result, Ubuntu compatibility is amazing.
-Program support. This is currently the Achilles heel of Linux- many people are trained on Outlook, Photoshop,etc. GIMP isn't as elegant to use, and while Evolution is much more intuitive in a lot of ways, some people just don't want to switch.
-Protocol support. Sorry, but I haven't found a reliable or consistent way to import DOCX/XLSX/etc. files into Openoffice. And Evolution flat out refuses to work with my Exchange server (with the same settings as the Windows partition on the same PC). Sure, I can use IMAP personally and always save as DOC. But every day it's more frequent to get those new Office 2007 files from others, and my work email isn't really a choice for me. If I have to constantly bootup into my Windows partition, Linux is more difficult to use.
I'm really excited about the progress that desktop Linux has made and will make. Wireless support has gone from poor to amazing within the past 3 years, and other hardware support has gotten better too. Repositories have grown, programs have become more stable, distros have become easier (easier than Windows!) to setup and maintain...in a lot of ways, Linux IS "ready for the desktop". The community has a few big issues to tackle before more people adopt it, however.
I buy the argument that it would be better to focus on Sugar as educational software, and let it run on Linux, Windows, whatever.
Isn't that the whole point of it being distributed with free educational software? No propietary software restrictions, copyright infringement for sharing programs, no licenses, no future lock in? It seems to me that this insider can't see past the fact that MS wants to subsidize Windows on the OLPC to lock in a new customer base...
These PCs have nowhere near the power of a full fledged desktop. The EEE scares MS because it showed that Linux could be user friendly, secure, and cheap- at regular OEM prices, a $400 laptop wouldn't be profitable with an $100+ OEM license for Windows and a $30+ license for works.
To keep people using XP, MS is probably giving away (or close to it) the licenses to ASUS. Combined with the fact that the Xandros is a commercial distro that Asus needs to provide updates for and the additional 8GB of space in the Linux version, it's not terribly suprising.
I'm typing this post on an EEE 4G now, and I'm really pleased with the built in Xandros. Lightweight, Word/Excel/PowerPoint compatible, not prone to viruses. If I was in the market for a new EEE for the price difference and the ability to dual boot with no additional cost I'd probably buy the Windows version and put Ubuntu on it. I have a few Windows specific apps still...
Actually, you'd be surprised. Try reading your consumer ISP contract some time. Optimum Online sells service at 15mbps/2mpbs down/up but will only guarantee 1/10th of each. If they provide you with 1.6mbps/,3mpbs for 15/2 service, they are providing you with enough broadband legally. That is typically what they will "cap" you to on OOL.
Really, the RIAA is just casting a wider net. By putting out more notices:
A) They are more likely to deter casual, nontechnical users who get them, most of whom will either stop or reduce their P2P use.
B) They are more likely to scare others; e.x. "Yo, did you hear? Joe Smith got a warning about music downloading!".
C) Many colleges and ISPs (Dartmouth and Optimum Online, at least) will often reduce the speed of account holders who have been the target of DCMA letters.
D) For settlement offers, the wider the net, the more fish you catch. If people put up an ounce of resistance, just drop the extortion attempt and move on to the next guy.
Not really that surprising. The technology hasn't improved, the RIAA is just sending out more letters.
In a nutshell, Google is saying that, based on statements that Verizon has given, that they will not really follow the open access provisions that Verizon agreed to when they made the bid. Google wants the FCC to make Verizon firmly and explicitly pledge that they will follow said open access provisions before performing the final, actual sale of the spectrum.
Apparently the state wants to sue Amazon. NY is arguing that having affiliates (in links) that live in NY constitutes a physical precense in the state. Amazon counters that it's overly broad, unconstitutional, and hard to enforce reliably.
If Amazon gives in by banning NY retailers, they will lose the battle as other states pass similar provisions. They can't ban every state, and every state wants a cut of the pie.
As a New Yorker, I'm offended by what (legally) appears to be an unconstitutional money grab. The problem is that very, very few people declare excise tax, and if they do it is typically for under $100 in goods.
x64 Windows runs 32-bit applications fine unless they rely on some 16-bit components, or it relies on some form of virtual driver. Photoshop CS3 is a x32 program, and it runs on my x64 Vista.
He's convinced, he confides, that SSD makers like Samsung and Intel (INTC) are violating Seagate's patents. (An Intel spokeswoman says the company doesn't comment on speculation.) Seagate and Western Digital (WDC), two of the major hard drive makers, have patents that deal with many of the ways a storage device communicates with a computer, Watkins says. It stands to reason that sooner or later, Seagate will sue - particularly if it looks like SSDs could become a real threat.
Yeah, personally I'd like to see some actual specific patents rather than a CEO full of hot air making baseless threats. I'm sure Seagate has patents on storage device communication, but this article offers no insight on how SSD makers could be infringing. This is like the crazy patent claims Microsoft made against Linux (what was that? 184 alleged patents? More?) Examples would be nice.
Anyhow, flash prices may be dropping, but I don't see SSDs gaining majority marketshare within the next 5 years. Developers get lazy, cameras get more mega pixels, more people need digital video. Spinning disks are still massively cheaper per GB than SSDs, and unless the price were to drop dramatically, hard disks will still have the edge to keep the throne. Laptops may see SSDs sooner due to power, but I'd imagine that one way to forestall the inevitable victory of SSD would be more intelligent caching and a larger onboard cache for hard drives.
Anyhow, Seagate is worrying about market dominance, and the Seagate CEO makes vague threats that the lawyers at Intel and Samsung probably laughed off. Not that newsworthy in my opinion. Specific patents or litigation would be very notable though.
I honestly can't believe the amount of crap coming from Comcast.
The congressional policy and agency practice of relying on the marketplace instead of regulation to maximize consumer welfare has been proven by experience (including the Comcast customer experience) to be enormously successful,"
Yeah, right. Which is why US broadband penetration continues to rank lower and lower worldwide despite $200 Billion from the government. And people are protesting traffic filtering. And your company is so afraid of actual people sitting at an FCC public hearing that they pay people to hold seats for employees, busing the employees in, and locking the public out from the meeting.
What Comcast is doing with the sandvine filtering is forging packets. That's fraud.
Hmm, my AV doesn't require UAC for automatic updating. What A/V do you use?
I'm running Photoshop CS3 on a PC with 2GB of RAM. It took as long on XP (I had a retail license, and this newer computer replaced an old one with a dead mobo, so I had it left over). I disagree. At 4GB I got the performance of XP with 2GB. XP used quite a bit more resources than 2000/NT too...
I've been a happy Vista user since the beta. I bought Vista post beta and I've been happy since.
I grabbed the X64 update from Microsoft's OEM website a few weeks ago.
First off, SP1 is a massive improvement. It installs a lot of bugfixes (including ones not released publicly before)... and it improves other stuff quite a bit. Disk performance is much better- you could argue that copy and paste tasks should not be slowed down by the speed of the OS, but it's improvement.
Overall, my Vista install rarely runs into errors- maybe one or two non-system apps are hanging a week. UAC got less annoying (it wasn't that bad to begin with).
It took an hour to install on my PC, and I didn't run into any issues. I think it helps Vista a lot. Honestly, I prefer Vista on newer machines; it's RAM heavy requiring 2GB+ to run well but RAM is very cheap nowadays and the x64 version works quite well; I had no driver issues personally.
(I still recommend backing up though. I always back up before a major update, whether it's XP, Vista, OS X or Ubuntu).
-They're looking to dynamically take popular videos and put commercials in at points deemed good by the computer
-They put in something that they think you will like (based on your Google history/ad watching history/content of the video)
-They take your reaction to the newest ad and use it to better insert ads for both content and length. Maybe you like computing ads, or maybe you'll interact if the commercials are less often but longer (30 secs instead of 15 secs maybe).
-Ads are taken by bid amounts- it'll prioritize ads that pay more to Google.
-It'll automatically insert ads as it sees fit- if it can't find relevance, you don't get charged; if it finds people with interests similar to your ad, it will get inserted.
This falls into a huge debate under the "don't be evil" motto. On one hand, Google is trying to make advertising $ better spent and make ads that the viewer will actually like. On the other hand, it opens a whole can of worms on privacy. One big one I see is shared computers. Having more than one user can really mess with the profile building it is trying to do...
Personally, I see any implementation of this as a massive intrusion on my privacy- if YouTube implemented this, I'd stop going there. But Slashdotters aren't representative of the internet population as a whole; will people really mind targeted ads? Most people don't see adwords as an invasion of privacy, but this approaches a whole new level...
Slashdot Mirror
The A/V industry is having difficulty keeping up with the ever evolving and growing malware industry, but "completely wasted"? I don't think so.
For Geeks who delete suspicious emails, use Thunderbird (so emails are not rendered in the IE engine), etc., sure, an AV may be a useless waste of CPU cycles. But for the nontechnical user, it's important. While it's difficult to keep up with outbreaks, it's important for older viruses in the wild- something Grandma may not catch.
Now, as for a whitelist. Dumb idea. It puts too much power in the hands of AV companies (who can say "$$$ to get on the list!" or if users can change it, they'll get "IMPORTANT WINDOWS UPDATE- REMEMBER TO ADD TO YOUR WHITELIST!". What about unsigned programs? Updated versions?
A whitelist might work for children, for work PCs, for other non-administrators. But people ultimately want to install their own programs without the blessing of company XYZ.
And, as a geek, I strongly disagree that it's impossible to remain secure, it just takes a little training. I know nontechnical users, I teach them for 10 minutes, and they have good habits. Don't open emails saying "A greeting card from a classmate", don't run unsolicited programs, if you get an email saying it's from chase.com "Important Account Update" visit their directly, etc.). Those habits go a long way, along with some layered protection (ZoneAlarm Free, Router w/ a firewall, Avast Home, Immunize in SpywareBlaster, and Immunize in Spybot S&D). That user still has some trouble with some tasks, but with a little common sense and some good protection, they've stayed infection free for 4 years.
(And, of course, I fix the computer as a friend, and I occasionally run rootkit detection and AV from a LiveCD just to make sure).
Let's hope that this company has greater success than earlier ones...
(Yeah, I know that the wired article says "Dead cats", but Genetic Savings & Clone was also a dog cloning company)
I wonder if they'll update the machines beforehand. Anyone remember how long it takes for a Pre-SP2 copy of Windows without a good AV and firewall takes to get a worm? Minutes?
In all seriousness, I hope that they take some precautionary steps before plugging in the LAN cables...
Doesn't the OLPC use a lower power screen? How does the battery life with these cheaper, power hungry screens? It would kind of defeat the purpose of this if you could only use it for an hour without plugging it in...
A flash could put firmware that redirected to phishing sites, added affiliate IDs to banner ads, or do other things beyond bricking...
If you have $30 router and a minor issue with it, the 2 minutes it takes to apply new firmware isn't a terrible inconvenience.
And, thanks to new exploits like this, firmware upgrades may be necessary to block exploits from sabotaging your network equipment, simply maliciously (bricking) or for profit (undetectable redirects to phishing sites, attaching your affiliate ID to all ads, catching any SSN/Credit Card Number/Login going through even if it is not a phishing site.
Is it possible to exploit firmware from the outside, unless the person has enabled remote management and is using the default password?
Those two rarely go hand in hand.
However, I think we'll see a lot of trojans with firmware payloads. How many people use the WRT54G? And how many access points are unsecured with the name "linksys"? Those people probably didn't change their admin password.
Simple solution: Hardware button. You have to press it to flash the router, and you have a minute after you press it to upload the firmware. Should be an easy thing to do and provide a great amount of protection.
And, for reasons unknown, Slashdot decided to cutoff my title. Sorry. "GUI is ready, HW support is better, still probs."
I'd have to fully agree with the author's opinion. Like an earlier poster, however, I've had several people (including 70+ yr olds) to the Ubuntu GUI. When compared to Vista or XP, they agreed it was easier.
Linux faces a few problems that are slowing widespread adoption:
-Hardware support. This becomes less of a problem everyday. Dell supplies Linux drivers for every component of my 2 year old budget (less than $1000 USD) laptop, and as a result, Ubuntu compatibility is amazing.
-Program support. This is currently the Achilles heel of Linux- many people are trained on Outlook, Photoshop,etc. GIMP isn't as elegant to use, and while Evolution is much more intuitive in a lot of ways, some people just don't want to switch.
-Protocol support. Sorry, but I haven't found a reliable or consistent way to import DOCX/XLSX/etc. files into Openoffice. And Evolution flat out refuses to work with my Exchange server (with the same settings as the Windows partition on the same PC). Sure, I can use IMAP personally and always save as DOC. But every day it's more frequent to get those new Office 2007 files from others, and my work email isn't really a choice for me. If I have to constantly bootup into my Windows partition, Linux is more difficult to use.
I'm really excited about the progress that desktop Linux has made and will make. Wireless support has gone from poor to amazing within the past 3 years, and other hardware support has gotten better too. Repositories have grown, programs have become more stable, distros have become easier (easier than Windows!) to setup and maintain...in a lot of ways, Linux IS "ready for the desktop". The community has a few big issues to tackle before more people adopt it, however.
Isn't that the whole point of it being distributed with free educational software? No propietary software restrictions, copyright infringement for sharing programs, no licenses, no future lock in? It seems to me that this insider can't see past the fact that MS wants to subsidize Windows on the OLPC to lock in a new customer base...
And my "s" key just broke (hyper sensitive) on my EEE, which is why cousrse is a word. What an excellent testimonial for the product. ;)
These PCs have nowhere near the power of a full fledged desktop. The EEE scares MS because it showed that Linux could be user friendly, secure, and cheap- at regular OEM prices, a $400 laptop wouldn't be profitable with an $100+ OEM license for Windows and a $30+ license for works.
To keep people using XP, MS is probably giving away (or close to it) the licenses to ASUS. Combined with the fact that the Xandros is a commercial distro that Asus needs to provide updates for and the additional 8GB of space in the Linux version, it's not terribly suprising.
I'm typing this post on an EEE 4G now, and I'm really pleased with the built in Xandros. Lightweight, Word/Excel/PowerPoint compatible, not prone to viruses. If I was in the market for a new EEE for the price difference and the ability to dual boot with no additional cost I'd probably buy the Windows version and put Ubuntu on it. I have a few Windows specific apps still...
Actually, you'd be surprised. Try reading your consumer ISP contract some time. Optimum Online sells service at 15mbps/2mpbs down/up but will only guarantee 1/10th of each. If they provide you with 1.6mbps/,3mpbs for 15/2 service, they are providing you with enough broadband legally. That is typically what they will "cap" you to on OOL.
Really, the RIAA is just casting a wider net. By putting out more notices:
A) They are more likely to deter casual, nontechnical users who get them, most of whom will either stop or reduce their P2P use.
B) They are more likely to scare others; e.x. "Yo, did you hear? Joe Smith got a warning about music downloading!".
C) Many colleges and ISPs (Dartmouth and Optimum Online, at least) will often reduce the speed of account holders who have been the target of DCMA letters.
D) For settlement offers, the wider the net, the more fish you catch. If people put up an ounce of resistance, just drop the extortion attempt and move on to the next guy.
Not really that surprising. The technology hasn't improved, the RIAA is just sending out more letters.
In a nutshell, Google is saying that, based on statements that Verizon has given, that they will not really follow the open access provisions that Verizon agreed to when they made the bid. Google wants the FCC to make Verizon firmly and explicitly pledge that they will follow said open access provisions before performing the final, actual sale of the spectrum.
Apparently the state wants to sue Amazon. NY is arguing that having affiliates (in links) that live in NY constitutes a physical precense in the state. Amazon counters that it's overly broad, unconstitutional, and hard to enforce reliably.
If Amazon gives in by banning NY retailers, they will lose the battle as other states pass similar provisions. They can't ban every state, and every state wants a cut of the pie.
As a New Yorker, I'm offended by what (legally) appears to be an unconstitutional money grab. The problem is that very, very few people declare excise tax, and if they do it is typically for under $100 in goods.
... why wouldn't you just post a story about it? That way we don't all panic when Slashdot won't load (and hit the site nonstop when it comes back).
x64 Windows runs 32-bit applications fine unless they rely on some 16-bit components, or it relies on some form of virtual driver. Photoshop CS3 is a x32 program, and it runs on my x64 Vista.
It's part of the warranty terms with the shipping.
Anyhow, the address is: 920 Disc Dr
Scotts Valley, CA 95066-4544
Disc Drive. Ugh.
Yeah, personally I'd like to see some actual specific patents rather than a CEO full of hot air making baseless threats. I'm sure Seagate has patents on storage device communication, but this article offers no insight on how SSD makers could be infringing. This is like the crazy patent claims Microsoft made against Linux (what was that? 184 alleged patents? More?) Examples would be nice.
Anyhow, flash prices may be dropping, but I don't see SSDs gaining majority marketshare within the next 5 years. Developers get lazy, cameras get more mega pixels, more people need digital video. Spinning disks are still massively cheaper per GB than SSDs, and unless the price were to drop dramatically, hard disks will still have the edge to keep the throne. Laptops may see SSDs sooner due to power, but I'd imagine that one way to forestall the inevitable victory of SSD would be more intelligent caching and a larger onboard cache for hard drives.
Anyhow, Seagate is worrying about market dominance, and the Seagate CEO makes vague threats that the lawyers at Intel and Samsung probably laughed off. Not that newsworthy in my opinion. Specific patents or litigation would be very notable though.
Yeah, right. Which is why US broadband penetration continues to rank lower and lower worldwide despite $200 Billion from the government. And people are protesting traffic filtering. And your company is so afraid of actual people sitting at an FCC public hearing that they pay people to hold seats for employees, busing the employees in, and locking the public out from the meeting.
What Comcast is doing with the sandvine filtering is forging packets. That's fraud.
Hmm, my AV doesn't require UAC for automatic updating. What A/V do you use?
I'm running Photoshop CS3 on a PC with 2GB of RAM. It took as long on XP (I had a retail license, and this newer computer replaced an old one with a dead mobo, so I had it left over). I disagree. At 4GB I got the performance of XP with 2GB. XP used quite a bit more resources than 2000/NT too...
I've been a happy Vista user since the beta. I bought Vista post beta and I've been happy since.
I grabbed the X64 update from Microsoft's OEM website a few weeks ago.
First off, SP1 is a massive improvement. It installs a lot of bugfixes (including ones not released publicly before)... and it improves other stuff quite a bit. Disk performance is much better- you could argue that copy and paste tasks should not be slowed down by the speed of the OS, but it's improvement.
Overall, my Vista install rarely runs into errors- maybe one or two non-system apps are hanging a week. UAC got less annoying (it wasn't that bad to begin with).
It took an hour to install on my PC, and I didn't run into any issues. I think it helps Vista a lot. Honestly, I prefer Vista on newer machines; it's RAM heavy requiring 2GB+ to run well but RAM is very cheap nowadays and the x64 version works quite well; I had no driver issues personally.
(I still recommend backing up though. I always back up before a major update, whether it's XP, Vista, OS X or Ubuntu).
So, having read the patent filing;
-They're looking to dynamically take popular videos and put commercials in at points deemed good by the computer
-They put in something that they think you will like (based on your Google history/ad watching history/content of the video)
-They take your reaction to the newest ad and use it to better insert ads for both content and length. Maybe you like computing ads, or maybe you'll interact if the commercials are less often but longer (30 secs instead of 15 secs maybe).
-Ads are taken by bid amounts- it'll prioritize ads that pay more to Google.
-It'll automatically insert ads as it sees fit- if it can't find relevance, you don't get charged; if it finds people with interests similar to your ad, it will get inserted.
This falls into a huge debate under the "don't be evil" motto. On one hand, Google is trying to make advertising $ better spent and make ads that the viewer will actually like. On the other hand, it opens a whole can of worms on privacy. One big one I see is shared computers. Having more than one user can really mess with the profile building it is trying to do...
Personally, I see any implementation of this as a massive intrusion on my privacy- if YouTube implemented this, I'd stop going there. But Slashdotters aren't representative of the internet population as a whole; will people really mind targeted ads? Most people don't see adwords as an invasion of privacy, but this approaches a whole new level...