Real computer forensics involves getting the computer powered down, removing the disk, setting it up in a test jig with write protect enabled, and reading the complete image from the disk onto a sterile environment for analysis.
That was true.. in 1998 (the fact that it's still such a pervasive misconception is a seperate problem). We now know there's a wide variety of critical information that isn't available when a computer's powered off - if a (trojan) malware object was present on the drive at capture, with a purely offline view can you prove whether it was loaded into the OS when the evidence was seized? How about open file handles/network connections? Encryption keys?
If he has interfered with the computer in any way by plugging in a USB key, then the evidence is contaminated.
The article probably oversimplifies, simple USB keys that just come pre-loaded with software to search drives aren't that interesting anymore, the idea is probably close to Tribble or something similar. Not that there aren't problems with those kinds of devices... Rutkowska, 2007 (pdf)
If only somebody could distribute their bots into a kind of network? Then you'd get traffic arriving from all over the place, that would be significantly more difficult to detect!
Quick, mod this post down, in case a neer-do-well were to get any ideas.
I recently used a similar system with a bank account in Germany and it worked great. They use a plain username/password combination to login, but you have a sheet of one-use only transaction numbers.
If you want to make a payment/transfer online, you enter one number from the sheet, make a note that you've used it already, and then *boom* you can't use that number again.
Maybe it's just me, but I've always found the indentation in KDevelop's editor to be fairly, well, retarded. No configuration, other than selecting between a few common types, no way to set 'tab' to reindent the current line instead of inserting a new tab character etc.
If it wasn't for that, I'd be happily using KDevelop, but right now I'll stick with Emacs.
There's no reason you can't enforce those kind of restraints in your database _and_ use rails, for instance this is from one of the (postgresql) ActiveRecord migrations I'm working on now:
# Foreign key referencing Target
execute SQL ALTER TABLE exclude_sets_targets
ADD FOREIGN KEY (target_id)
REFERENCES targets(id)
ON DELETE CASCADE; SQL
# Foreign key referencing ExcludeSet
execute SQL ALTER TABLE exclude_sets_targets
ADD FOREIGN KEY (exclude_set_id)
REFERENCES exclude_sets(id)
ON DELETE CASCADE; SQL
I'm doing the same kind of thing for some triggers - using Rails and database integrity aren't in opposition. The only thing that really gets me about Rails is the lack (in the core) of composite key support, hopefully that'll be eradicated soonish though.
Essentially there's little difference between the two, but for these shut-ins the boundaries are a little better defined and far more honest. The social creatures argument and needing to interact is an appeal to nature, and obviously these people don't feel that way? So either your definition of nature is wrong, or the implication is that they're unnatural.
To some the question may be would I rather be in prison than in wage-slavery in a dishonest society?
> but in the long run we look as such people as kooky
Thinking this sounded a bit like sensationalism, I just went to read the actual bill. It looks like this does not automatically apply to everyone, but is retrospective once ordered. The more interesting part of the text seems to be in the 'interpretation' section of this part of the bill:
>"key", in relation to any electronic data, means any key, code, > password, algorithm or other data the use of which (with or > without other keys)- > > (a) allows access to the electronic data, or > (b) facilitates the putting of the data into an intelligible > form;
Also, to give the people stating the obvious a break, this was also a proviso in the bill:
> (d) that it is not reasonably practicable for the person with the > appropriate permission to obtain possession of the protected > information in an intelligible form without the giving of a notice > under this section
So, if its easier to get the information another way, that's taken care of. It's also not a case of needing to send all your keys to the government either. Not that I don't think this bill is a problem, but its the smallest of problems we have right now - people can already be arrested and detained if an officer suspects they might probably, possibly, do something illegal.
However, I also can't see a police officer understanding that you don't actually have the key needed to decrypt that SSH session you made 3 months ago to that web server that was also used to host a site suspected of being used by terrorists or paedophiles, which you had no idea existed.
Unfortunately, who's to say the barcode actually corresponds to the text printed on the ballot, in a small enough number of cases to have a possibility of being missed if it's only being checked by one person? Seperating the ballots and using OCR could work, but again, a voter wouldn't know whether that X is in the place that marks Nader or Bush, despite where the labels are printed.
We can never completely eliminate fraud, but in First Past the Post, we don't need to. You only need to reduce the possibility of fraud to an amount that's negligible for each constituency.
Because of all of the above, I would still want humans doing my sampling. If they're selected properly, and the testing is distributed, even if there is collusion it wouldn't change the result.
It's pointless talking about securing something that's inherently a terrible idea. You can't have voting performed by something that is, for most people, magical.
A good way to be certain these machines are sending the correct votes is to have a paper trail. When a person votes, a transaction id and their vote are printed to a piece of card or something, which is then put in a ballot box.
To verify that no votes have been sent by the machine without interaction, a random set of votes is selected from the result the machine sent and these are checked against the paper votes. To check that all votes have been sent correctly, a random set of paper votes are checked against the records sent by the machine. If either of these doesn't correlate, the paper votes are always assumed to be correct.
Even if this were to happen, it would (probably) take almost as much effort as counting the votes by hand!
ActiveState Komodo is an _excellent_ development tool. It's pretty much replaced Vim on my desktop for most editing, although I've not quite gotten the hang of the GUI editor.
Syntax highlighting warning you of standards incompatible XHTML? Go Komodo:)
True, I _did_ have to buy it, but maybe they'll Open Source it now?
Slashdot Mirror
Real computer forensics involves getting the computer powered down, removing the disk, setting it up in a test jig with write protect enabled, and reading the complete image from the disk onto a sterile environment for analysis.
That was true.. in 1998 (the fact that it's still such a pervasive misconception is a seperate problem). We now know there's a wide variety of critical information that isn't available when a computer's powered off - if a (trojan) malware object was present on the drive at capture, with a purely offline view can you prove whether it was loaded into the OS when the evidence was seized? How about open file handles/network connections? Encryption keys?
If he has interfered with the computer in any way by plugging in a USB key, then the evidence is contaminated.
The article probably oversimplifies, simple USB keys that just come pre-loaded with software to search drives aren't that interesting anymore, the idea is probably close to Tribble or something similar. Not that there aren't problems with those kinds of devices... Rutkowska, 2007 (pdf)
If only somebody could distribute their bots into a kind of network? Then you'd get traffic arriving from all over the place, that would be significantly more difficult to detect!
Quick, mod this post down, in case a neer-do-well were to get any ideas.
I for one welcome our new, star-headed overlords.
Seriously, watch out for the Plateau of Leng guys.
Bastard, so did I :( It'd been a good year or so too!
Can anyone remember the name of that assembler that only had the 'not' operator? Maybe it's time for a port :)
I recently used a similar system with a bank account in Germany and it worked great. They use a plain username/password combination to login, but you have a sheet of one-use only transaction numbers.
If you want to make a payment/transfer online, you enter one number from the sheet, make a note that you've used it already, and then *boom* you can't use that number again.
Maybe it's just me, but I've always found the indentation in KDevelop's editor to be fairly, well, retarded. No configuration, other than selecting between a few common types, no way to set 'tab' to reindent the current line instead of inserting a new tab character etc.
If it wasn't for that, I'd be happily using KDevelop, but right now I'll stick with Emacs.
There's no reason you can't enforce those kind of restraints in your database _and_ use rails, for instance this is from one of the (postgresql) ActiveRecord migrations I'm working on now:
# Foreign key referencing Target
execute SQL
ALTER TABLE exclude_sets_targets
ADD FOREIGN KEY (target_id)
REFERENCES targets(id)
ON DELETE CASCADE;
SQL
# Foreign key referencing ExcludeSet
execute SQL
ALTER TABLE exclude_sets_targets
ADD FOREIGN KEY (exclude_set_id)
REFERENCES exclude_sets(id)
ON DELETE CASCADE;
SQL
I'm doing the same kind of thing for some triggers - using Rails and database integrity aren't in opposition. The only thing that really gets me about Rails is the lack (in the core) of composite key support, hopefully that'll be eradicated soonish though.
I for one welcome our new, many-tentacled, overlord.
You forgot 'Capita'
All I ever had to do to get Ubuntu looking right (particularly firefox):
/etc/fonts/conf.d/autohint.conf /etc/fonts/conf.d/40-autohint.conf /etc/fonts/conf.d/sub-pixel.conf /etc/fonts/conf.d/41-sub-pixel.conf
ln -s
ln -s
Yes, this should be done by default.
GPL for the kernel module won't taint, and allows it to be included by default in distributions like Ubuntu, Debian and Fedora etc.
As for the MIT license, see the first paragraph of:
http://en.wikipedia.org/wiki/MIT_License
"The MIT License, also called the X License or the X11 License..."
Essentially there's little difference between the two, but for these shut-ins the boundaries are a little better defined and far more honest. The social creatures argument and needing to interact is an appeal to nature, and obviously these people don't feel that way? So either your definition of nature is wrong, or the implication is that they're unnatural.
;)
To some the question may be would I rather be in prison than in wage-slavery in a dishonest society?
> but in the long run we look as such people as kooky
Who's the "we" here?
Don't mod up for creativity! It's Byron, the original is:
Posterity will ne'er survey
A nobler grave than this:
Here lie the bones of Castlereagh:
Stop, traveller, and piss.
The meter and intention were too perfect to pass on though. Byron really is excellent though, and well worth a read.
Posterity will ne'er survey
A nobler grave than this:
Here lie the bones of Kenneth Lay:
Stop, traveller, and piss.
Brought to the US via unmarked flights directed through Europe, maybe? ;)
http://packages.ubuntu.com/dapper/
A fairly complete list of packages there, things like w32codecs and realplayer can be fetched from Debian Marillat.
Thinking this sounded a bit like sensationalism, I just went to read the actual bill. It looks like this does not automatically apply to everyone, but is retrospective once ordered. The more interesting part of the text seems to be in the 'interpretation' section of this part of the bill:
>"key", in relation to any electronic data, means any key, code,
> password, algorithm or other data the use of which (with or
> without other keys)-
>
> (a) allows access to the electronic data, or
> (b) facilitates the putting of the data into an intelligible
> form;
Also, to give the people stating the obvious a break, this was also a proviso in the bill:
> (d) that it is not reasonably practicable for the person with the
> appropriate permission to obtain possession of the protected
> information in an intelligible form without the giving of a notice
> under this section
So, if its easier to get the information another way, that's taken care of. It's also not a case of needing to send all your keys to the government either. Not that I don't think this bill is a problem, but its the smallest of problems we have right now - people can already be arrested and detained if an officer suspects they might probably, possibly, do something illegal.
However, I also can't see a police officer understanding that you don't actually have the key needed to decrypt that SSH session you made 3 months ago to that web server that was also used to host a site suspected of being used by terrorists or paedophiles, which you had no idea existed.
Unfortunately, who's to say the barcode actually corresponds to the text printed on the ballot, in a small enough number of cases to have a possibility of being missed if it's only being checked by one person? Seperating the ballots and using OCR could work, but again, a voter wouldn't know whether that X is in the place that marks Nader or Bush, despite where the labels are printed.
We can never completely eliminate fraud, but in First Past the Post, we don't need to. You only need to reduce the possibility of fraud to an amount that's negligible for each constituency.
Because of all of the above, I would still want humans doing my sampling. If they're selected properly, and the testing is distributed, even if there is collusion it wouldn't change the result.
It's pointless talking about securing something that's inherently a terrible idea. You can't have voting performed by something that is, for most people, magical.
A good way to be certain these machines are sending the correct votes is to have a paper trail. When a person votes, a transaction id and their vote are printed to a piece of card or something, which is then put in a ballot box.
To verify that no votes have been sent by the machine without interaction, a random set of votes is selected from the result the machine sent and these are checked against the paper votes. To check that all votes have been sent correctly, a random set of paper votes are checked against the records sent by the machine. If either of these doesn't correlate, the paper votes are always assumed to be correct.
Even if this were to happen, it would (probably) take almost as much effort as counting the votes by hand!
> I wouldn't be suprised if I saw
Okay so far...
> Althougth [sic] I don't think it'll ever happen
Blown it.
FLCL - "Bad Ramen can be good too"
'nuff said.
Solaris, at least, yes. See http://www.tarantella.com/
*raises hand*
:)
ActiveState Komodo is an _excellent_ development tool. It's pretty much replaced Vim on my desktop for most editing, although I've not quite gotten the hang of the GUI editor.
Syntax highlighting warning you of standards incompatible XHTML? Go Komodo
True, I _did_ have to buy it, but maybe they'll Open Source it now?
I'm sorry, but parallax is new?
:)
Find me a decent platformer or space shooter (apart from that one Team 17 did) on the Amiga that didn't use parallax scrolling.