It proposes to waste even more bandwidth. It hopes that this worm will be able to cope with a multitude of differently configured systems (malicious worms don't care if they accidentally break something, including existing security solutions, but nematodes must be benign). It takes away people's control over their own machines (it's still unauthorized use and access of resources, and against the law in many countries). In addition, how will this solution cope with existing AV software and firewalls? What if the update breaks security somewhere else - who is responsible for fixing that?
though I guess the bad ones could also patch up the exploits themselves and create easier ways for hackers to get into the systems.. but again a friendly automated system could be created to access machines via these backdoors and patch them up
And of course the malicious crackers will then create a worm to close that hole and replace it with another one - maybe one that requires special authentication to gain access to, locking out the white-hats. Cue all-out warfare, with network bandwidth being the victim.
Sorry, went off on one a bit there...
I think you're right about the need to improve local security policies, though. But of course, as you point out, that doesn't protect you against idiots who will gladly open up executable email attachments and click "Run anyway".
If I understand you, you're talking about releasing these worms on the internet at large. Immediately you have to worry about bandwidth consumption (from probing) and the potential for abuse. I know how annoying it is that people don't secure their machines, but maybe this solution isn't the best possible one.
if the concept is proven to work well, then governments could maybe use worms such as these to patch up the machines of idiots who let their machines be turned into tools for spammers/zombies etc, which just clutter up the internet for everyone.
I wonder what less ethical administrations could abuse this system for? Anyway, tinfoil hat aside, I still don't understand why each PC can't periodically query the server to see if relevant updates are available and then download said updates without the user's permission. After all, if you can write a worm to patch a machine you could write a "standard" patch too. Surely that would be more efficient? And it would eliminate the potential for abuse outside the corporate context.
wouldn't it be a lot easier to fix the operating systems, networks, and the policies applied to them, such that you don't have a malicious worm problem to begin with?
If I understand your argument correctly, it also applies to patches. Problem being, "to err is human".
The idea is to only spread to machines with the particular vulnerabilitly you're attempting to patch. But nevertheless, this still uses up a lot more bandwidth than would be used by people simply bothering to download the patches they need, due to the scanning networks for vulnerabilities. Also, rather than having people download at their conveinience (spread over a long period of time), I presume that a nematode infecting a network would cause a large surge in demand on the patch server. I can see what their motivation is, as it is frustrating when not everyone on a network is up to date, but it seems like a misguided solution.
Diameter of sun is approx 1,400,000 km. So the gravitational field strength at 10,000 km from the centre of the sun will be considerably less than that 10,000 km from the centre of a neutron star. Also it'd be a bit warm - T-shirt and shorts weather, I think.
IIRC, Newtek's Lightwave 3D allows you to have up to 999 render nodes on a single license(!), because you do not need to actually have any Newtek software/hardware installed on the nodes. Everything is accessed via shared drives.
If the whole line from the factory has a fundamental design flaw which renders them unfit for the purpose they were designed for, then yes, I would feel perfectly justified in demanding a refund. Whether I'd get one is a different story.:-)
But it goes further, to say: if you have defective brakes, you are not entitled to a free replacement - even if those brakes are shown to have caused serious accidents.
Here is the Wikipedia entry for Harriet Miers... apparently she has not once served as a judge, nor has she ever argued a case in the Supreme Court. Interesting choice.
I guess it's a matter of opinion. Personally, although it took some getting use to at first (like all things) I rate the eqn editor in OOo 1.1.x (which I use at home) as being slightly better than the current MS Office one (which I use at work) - it's subjective, YMMV, etc:-)
On a related note, are there more really bad "tech journalists" out there who just don't understand technology or are shills for some company or trade group than in other areas of journalism or does it just seem that way?
Probably just seems that way, because this is a field that you know about. At least, that's how I feel when I read New Scientist special reports sometimes... (there was a recent article about caffeine addiction. Google for it, and turn cynicism up to +11).
Do these people even read their own bullshit any more?
What's worrying, of course, is that plenty of not-too-well-informed people do read their bullshit, and although (naturally) savvy/.ters (I heard they exist) don't fall for this crap, a significant number of people in management/politics etc. (especially outside of Mass.) might. Sigh.
I apologise for the first reply. I wasn't really concentrating. I have to admit their claim is a little hard to fathom.... but nevertheless I presume any extra cost is justified by the fact that it is, after all, a good cause. I just hope they go ahead with the idea of selling them commercially for ~$200 to provide even more cash for the cause.
That's the same impression I got when reading this article. For example:
In a letter to Governor Mitt Romney about the policy, Citizens Against Government Waste righlty(sic) pointed out that, "Not only will this mandate undermine free market competition and drive up costs, it will also curtail the ability of the people and government of Massachusetts to benefit from future innovation."
Rightly? I think the issue is far from settled. I'd argue that encouraging the use of a common standard would enable competition, by preventing lock-in to a specific vendor. But hey, there I go refusing to look at things in the same short-sighted way as the reporter...
Slashdot Mirror
Okay, but still have issues with this idea.
It proposes to waste even more bandwidth. It hopes that this worm will be able to cope with a multitude of differently configured systems (malicious worms don't care if they accidentally break something, including existing security solutions, but nematodes must be benign). It takes away people's control over their own machines (it's still unauthorized use and access of resources, and against the law in many countries). In addition, how will this solution cope with existing AV software and firewalls? What if the update breaks security somewhere else - who is responsible for fixing that?
though I guess the bad ones could also patch up the exploits themselves and create easier ways for hackers to get into the systems.. but again a friendly automated system could be created to access machines via these backdoors and patch them up
And of course the malicious crackers will then create a worm to close that hole and replace it with another one - maybe one that requires special authentication to gain access to, locking out the white-hats. Cue all-out warfare, with network bandwidth being the victim.
Sorry, went off on one a bit there...
I think you're right about the need to improve local security policies, though. But of course, as you point out, that doesn't protect you against idiots who will gladly open up executable email attachments and click "Run anyway".
If I understand you, you're talking about releasing these worms on the internet at large. Immediately you have to worry about bandwidth consumption (from probing) and the potential for abuse. I know how annoying it is that people don't secure their machines, but maybe this solution isn't the best possible one.
if the concept is proven to work well, then governments could maybe use worms such as these to patch up the machines of idiots who let their machines be turned into tools for spammers/zombies etc, which just clutter up the internet for everyone.
I wonder what less ethical administrations could abuse this system for? Anyway, tinfoil hat aside, I still don't understand why each PC can't periodically query the server to see if relevant updates are available and then download said updates without the user's permission. After all, if you can write a worm to patch a machine you could write a "standard" patch too. Surely that would be more efficient? And it would eliminate the potential for abuse outside the corporate context.
If so, that'd be cool - you might foresee security breaches before they even happened.
wouldn't it be a lot easier to fix the operating systems, networks, and the policies applied to them, such that you don't have a malicious worm problem to begin with?
If I understand your argument correctly, it also applies to patches. Problem being, "to err is human".
But how is this system better than simply having the OS automatically check for updates and download them silently?
The idea is to only spread to machines with the particular vulnerabilitly you're attempting to patch. But nevertheless, this still uses up a lot more bandwidth than would be used by people simply bothering to download the patches they need, due to the scanning networks for vulnerabilities. Also, rather than having people download at their conveinience (spread over a long period of time), I presume that a nematode infecting a network would cause a large surge in demand on the patch server. I can see what their motivation is, as it is frustrating when not everyone on a network is up to date, but it seems like a misguided solution.
Don't forget pasta-worship, or maintaining the stability of global climate!
Diameter of sun is approx 1,400,000 km. So the gravitational field strength at 10,000 km from the centre of the sun will be considerably less than that 10,000 km from the centre of a neutron star. Also it'd be a bit warm - T-shirt and shorts weather, I think.
Maybe he was after revenge...
IIRC, Newtek's Lightwave 3D allows you to have up to 999 render nodes on a single license(!), because you do not need to actually have any Newtek software/hardware installed on the nodes. Everything is accessed via shared drives.
Should've called the firstborn "Trinity" :-)
If the whole line from the factory has a fundamental design flaw which renders them unfit for the purpose they were designed for, then yes, I would feel perfectly justified in demanding a refund. Whether I'd get one is a different story. :-)
Isn't storing data reliably a primary function of an OS?
But it goes further, to say: if you have defective brakes, you are not entitled to a free replacement - even if those brakes are shown to have caused serious accidents.
Mucked up the link... here it is ... sorry.
Here is the Wikipedia entry for Harriet Miers... apparently she has not once served as a judge, nor has she ever argued a case in the Supreme Court. Interesting choice.
I guess it's a matter of opinion. Personally, although it took some getting use to at first (like all things) I rate the eqn editor in OOo 1.1.x (which I use at home) as being slightly better than the current MS Office one (which I use at work) - it's subjective, YMMV, etc :-)
On a related note, are there more really bad "tech journalists" out there who just don't understand technology or are shills for some company or trade group than in other areas of journalism or does it just seem that way?
Probably just seems that way, because this is a field that you know about. At least, that's how I feel when I read New Scientist special reports sometimes... (there was a recent article about caffeine addiction. Google for it, and turn cynicism up to +11).
Do these people even read their own bullshit any more?
What's worrying, of course, is that plenty of not-too-well-informed people do read their bullshit, and although (naturally) savvy /.ters (I heard they exist) don't fall for this crap, a significant number of people in management/politics etc. (especially outside of Mass.) might. Sigh.
I apologise for the first reply. I wasn't really concentrating. I have to admit their claim is a little hard to fathom.... but nevertheless I presume any extra cost is justified by the fact that it is, after all, a good cause. I just hope they go ahead with the idea of selling them commercially for ~$200 to provide even more cash for the cause.
It's not about software it's about standards which anyone (including Microsoft) is free to adopt.
make sure you always have a fresh page by hitting SHIFT-F5!
*ahem* you mean Ctrl+R, right?
That's the same impression I got when reading this article. For example:
In a letter to Governor Mitt Romney about the policy, Citizens Against Government Waste righlty (sic) pointed out that, "Not only will this mandate undermine free market competition and drive up costs, it will also curtail the ability of the people and government of Massachusetts to benefit from future innovation."
Rightly? I think the issue is far from settled. I'd argue that encouraging the use of a common standard would enable competition, by preventing lock-in to a specific vendor. But hey, there I go refusing to look at things in the same short-sighted way as the reporter...