>Unless there is a TCPA-bootable-disk-key-checker the BIOS runs, but why?
It's the way security protocols normally change. First generation will support the old way. Second generation will support old and new way. aka (switch hitting). Third generation ONLY supports the new way. This by the way means the machine wont boot without DRM at the trusted root hardware level
When we get third gen hardware, it is the full intent of the TCP to eliminate old and switch hitting implementations, which means without DRM, your OS can not, WILL NOT boot.
This is what Microsoft and Intel think of, when they think of DRM, this is not what the public believes DRM is at all.
To give you an example, SHA-1 is a crypto hashing routine which will require extensive mods to several existing implemented encryption protocols. They can't just remove SHA-1 and come out with version 2 they have to transition it. When the new crypto protocols come in they also will HAVE to support the transition in stages as described above.
For more Crypto-Babble( all be it, excellent) on transitions for old, switch hitting and new. See "Deploying a New Hash Algorithm", Steven M. Bellovin and Eric K. Rescorla. http://www.cs.columbia.edu/~smb/papers/new-hash.pd f
I gurantee you, 3rd gen DRM at the hardware level WILL abosolutly require a full DRM TCP Linux implimentation or Linux my friend, wont run.
Hit the nail on the head, TCO $ MS numbers should then skyrocket for infecting ones business with Microsoft products.
It doesn't just affect documents, its affects motherboard and card imbedded DRM pseudo safe storage areas.
It will be interesting to see how MS DRM screws Old hardware which can't speak to new DRM software. Switch-hitting Hardware conponents which can speak both DRM and non DRM OS'es and software. And the New DRM hardware Agents which can only speak the new MS DRM.
In case anyone has doubts, New DRM MB's will not be able to run any current Linux distro, and new linux distros will have to USE ms DRM or as Microsoft hopes, die on the vine.
Apparently MS can't see the forest through the trees.
I fervently hope, that when people consider migration from 2000, 2003 and XP to Vista, they consider the parent TCO implications on all the DRM'd documents. Not to mention having to low level format all their drives and Bios chips to remove MS infection.
The level at which this is supported is the same as any other Linux obscured poorly documented mess of text files.
For the average use including system admin its nothing but a pain in the ass to get the 1450 Broadcom wireless card to run on SUSE 9.3 with and AES WPA
It's little crap like this that would overwhelm any Whindhowes Convert trying to go cold turkey
And the sad part is that the average new windows convert is likely going to select SUSE.
Deserved or not, SUSE has good PR with respect to breath of supported drivers.
-- Why did the Linux user cross the road? To crack the flawed windows on the other side.
And with about an hour I could easily document 30 more nearly identical real life Whuupses. Now if we didint have google to show us all the idiots you'd be quite correct but we do.
Had this fool not connected his company, email servers, passwords and lack of authentication up to his code, he would be completely OUT of MIND not obscured. His systems are MUCH more likley to face attack (which are likley to be successfull) not becasue of his stupid code, but becasue HE is! This Moron at the Bank of America published not only the source in a base 64 zip attachments any child could decode. He follow up with which servers use no authentication, no password needed its in the zip.
This is not about GPL'ling vs or convincing your boss on merits its bout not committing carrier limiting moves BY HOW you DO GPL your code.
How you GPL it is much more important that the code or the GPL it's self.
How did I find the above security abomination by Googling for @bankofamerica.com base64 , it's on the first page half way down.
I have had several other real life experiences in coders compromising their companies. With respect to security I have personally been witness to by way of programmers GPL'ing code huge confidential information disclosures due to GPL and poor brain use by the GPL'ing coders. . This fools code his email finding its way to Google has made his systems a lot more vulnerable. And IM sorry I can't blame Google, so I have to blame the coder with the small ego.
Obscurity is not the same thing as knowing how and when to keep your mouth sgut and your email address private. Had he not disclosed who he is and who he works for the same email would have had virtually NO VALUE given the same content. He has identified the server targets by name which we would not know the meaning of but because he she disclosed its a bank system they have inherently larger value.
Now the because this moron is blathering their code, server names, passwords, associates names, non use of authentication we DONT know if its related to a GPL ego trip but this is exactly what I have seen when coders DO GPL their code.
The risks include direct hacking, blackmail, spear physhing. This is not a theoretical risk.
Follow my previous advice and the chances of stepping on your own dick are greatly reduced should you want to GPL company code.
I didn't say code should not be GPL'd. I said HOW its GPL'd will make the difference between day and night! If I forwarded the link to Bank SOX auditors(I have those email addresses handy) this moron would face investigation, suspension, perhaps firing. We don't know and I don't care about this cases particular circumstances.
Google hacking for code is common, books written about it. Look it up on slash Dhot.
-- Hacking is what happens between the lines of code.
Eliminate anything that costs over $500 from your list.
Its reasonable to assume the average home user will not consider any license costs over $500 for any operating system linux, Red hat , Solaris or any version of windows
How many are left in the Unix group to select from? About 409, how many in the windows group maybe 6 at most.
I believe that death can be welcomed, expecially to the sheer quanity of linux distros.
Of the 409 nearly identical Linux distributions cataloged at http://www.linux.org/dist/list.html , I believe 400 should probably be killed murdered folded spindled and mutilated with permanent life time breathing bans for any one caught seeking a new distro out.
Many point out, you have to try the distro before you can evaluate if you like it. My favorites are slackware, ubuntu, solaris, and suse.
Microsoft has 11 distinctly different distros, and look at the hell they go through with all their code.
The average Linux interested person has not 9 distributions to choose from but 409. Is it any wonder why average user can't seem to put one of the 409 on the home desktop?
I believe adoption and acceptance if Linux on the home desktop would be quantum leaps ahead of where it is now if a little butchering were to some how happen.
The First and a very formidable roadblock to Linux adoption is the quantities of Distros to pick from, I guess the average home Linux user feels beguiled when tasked with picking the correct distro not to help, the Linux community just nods and smiles as if to them, it's just not important to the meaning of life to bring order the chaos.
Imagine this; 400 slightly different windows versions with nearly the same names. XP pro -1 XP lite, Xp light, XP, lxp, Exppepro, Xp-Peppy-pro, XP-Porn master, XP shockwave edition, windows 2000, windowsXp2, windows200Xp, Windows system 5 xp single user SMP, windows 2003xp.311, trs80-xp-pro, amiga-xp, Xp-Java, windows 3.11 enterprise server pro, windows 2000 millennium, windows-cpm86 edition, and last but not least windows xp pro fro the Cray with porn storage module.
Thankfully Microsoft makes enough bugs with the 11 os'es they have their name. MS DOS 6.xx, Windows 95, Windows NT Workstation 4.xx, Windows 98, Windows 98 SE, Windows Millennium Edition (Windows Me), Windows 2000 Professional, Windows XP Professional, Windows XP Home Edition, Windows 2000 Server, Windows 2003 Server
The tangible affects of so many distros is hard to see, but I believe it affects focus or lack of focus on packages which bears results as better or worse code, features, security, compatibility, emulations, interfaces, code reviews etc..
Is their really a need for so many, or is it something else?
I recently asked most of my friends which Linux was favored by them amongst Linux distros, the answer was a resounding unanimous OS-X.:) I hope many of these unkempt, un-washed spam of un-maintained and pointless distros evaporate and their sites go dark so that others may be embraced and shine over the mediocrity we have today.
-- Please remember to have your non domesticated Linux distro's Spayed or Neutered today!
1) Assume, you're not as bright as you think you are The security architecture flaws in the code will be revealed, exploits developed that with your self ingratiating credits attributing your handiwork to your company by way of email addresses with the companies domain and along with the unwitting conspirators names and emails who helped with the code all of which are very easy to track down using Google.
GPL Lesson 1 Do not attribute the code so that it can be linked back to the associates or persons or company you work for that uses it. Do not gain personally from your companies work. It just smells like your trying to look good in the GPL community.
Assets of a company are company property even though you conceived developed and birthed the ugly baby, remember you're just its care taker. Do you really need that much attention; are you able to keep up with and tolerate hands all over your pride any joy?
What happens if that encryption code you implemented, you know the one with the name "Base64_encryption() turns out to NOT be encryption at all, but no one bothers to tell you for 6 months? You and your company could suffer irreparable damage to the public's opinion when all their accounts are stolen from your base 64 encoded databases.
Lesson 2 if you still have to enlarge your ego, Get a large consensus of reviewer in company, including legal department, and at least one officer of the company before anonymously releasing your baby into the world.
By eliminating the perception of self ego ingratiation, you will gain true respect( A harder commodity)
If the resulting GPL release could ever be traced back to theft of records, the SOX and HIPAA folks would roast those responsible.
But the best reason to forget your idea, is simpler then all of the above. If god wants your source code GPL'd he will accommodate you by way of haxxors who will know if your code is good enough to publish better then you do when they see it.
-- Why did the haxxor cross the road? To bit to the other side..
Well Hmm... is Zotob D scheduled for release tomorrow.
Perhaps Symantec should invest in some of those Desk calendars to schedule the virus releases.
Seriously, for the suxxors who rely on Symantec Live update, they will have to wait another day to get virus patters for viruses out TODAY. While anyone with smarts enough to manually download the so called intelligent updater can have today's patterns.
Just why Symantec waits, I suppose is so Press consumer pain can and is generated about infections which only boost sales. Or presuming no ulterior motives, its because their download servers are weak and can't update same day scheduled over the whole day for their paying user base. I seem to remember AOL being sued ( and end users winning) for over selling service lines and having over loaded networks.
Don't know why this came out as Symantec bashing, just they way the note was written. By the way after replacing NIS 2003 with 2005 with anti spam, my advertising is %1000 more of a pain in the ass and the Ad trash can is missing from the product.
Guess the ad's spam and missing ad trash can is why this came out as Symantec bashing, guess Symantec's bad karma's just making the rounds.
Kind 1 are those who cal roll with the punches and Kind 2, have a knack for making the worst out of any situation.
Examples Kind 1 May 13, 2005, 16 current and former law enforcement officers and U.S. soldiers who had accepted more than $222,000 in bribes to help move drugs past checkpoints http://www.foxnews.com/story/0,2933,156471,00.html All apparently arrested without incident.
Fed-ex is now in league with the guy last month in Atlanta GA who killed 4 people by exploiting a security flaw in a deputy's pistol holster security containment system.
At most, he would have done 10 to 180 days on the pending Marijuana charge but he traded the multi day vacation for a death sentence.
The states and Feds desperately want embedded DRM to link purchases and taxes to change the discretionary tax collection to mandatory tax collection.
It's all a Mac vs. Dac ploy.
You didn't actually think Intel execs were being Arseholes solely just because they are(assholes), did you? I expect a lot of pressure has been applied to Intel to get embedded DRM in as soon as convenient.
I have to completely agree that it is entirely redundant with well established systems. Examples include
www.pgp.com for encrypted file systems.
Even Encrypting File System EFS which is free will do I know of a few system that encrypt from bootstrap to power off as well
Their are potentially hundreds of products which perform the function of TPM today(without the DRM)
Their is no functional gain for anyone but those who want to whole sale DRM content for a premium to suxxors who now pay.5c to.10c a track, but I guarantee you they will pay $10 to $20 a track after Intel promulgates this bastage of a trogon horse.
But Intel will do as Intel has always done. Ignore all the users on the planet, brown nose to Microsoft the RIAA and government who would dearly love to enable un by passable real time tax assessments on all internet on-line purchases.
I'll bet you the same year Intel succeeds; suddenly the Federal government will waffle and legalize every sort of crap now illegal because they can then tax it.
So you want legal drugs on line tax real time epay and a DRM album that costs $160 sign on to DRM
-- After were gone who will remember what we were fighting for?
It's clear that they are in a very deep way, Nasa and its vendors are quickly learning from mistakes.
Some people have a knack for making the worst of bad situations. I'm pleased that those who nearly wrecked the program are either gone or sidelined.
I find this new found ability to be humble about "things" to be excellent.
Nasa has a long and fruitful future ahead if they continue to learn from mistakes / not repeat them.
This fundamental shift from "hide head in clouds" to realistic optimism is just what the doctor order.
I wish people would recognize this as constructive and stop with the whining about it like its a problem which needs re-fixing.
Compared to other highly polished vehicle transport systems (like Airbus, or any car), the shuttle buss is new and way under funded for the risks they accept.
/sarcasm By that logic we could probably save Aviation billions by skipping all the pre flight checks on aircraft too. I mean they consume time, manpower, resources not to mention we could nearly eliminate the stockpiles of spare parts too.
I mean hell, if the thing flew last time why should we need to check those pesky breakables again!/. --- Next time Ill have a real sig, yea thats it thats the ticket!
One recent concern at least in Banking is the use of cheap programmers.
The consensus after analysis was as follows;
1) Cheap Indian programmers are more likely have access to over 65% of the corporations entire on-line source code.
2) They Usually come to the US for training / assimilation and return to India with a few CD's of the complete source library.
3) CD's have no access or audit controls, no expiration date are not signed, dated or checked out.
4) A small suitcase of 5,000-10,000 cash can buy all the CD's from a collection of Indian programmers no questions asked with ZERO hesitation or reporting on the part of the programmers tested.
You get what you pay for.
Some one recently said, "Their will be no Digital Pearl Harbor",
I say you got another thing coming suxxor.
Recommendations: Suggest your local news paper reporter take several small suitcases of cash to India and Buy most of the financial sectors source code.
Also his C share is Wideee open with no firewall at \\127.63.232.12\C$
Some one with l33t hacking skills and no clue should hack the living hell out of this guy!.
An MBSA scan shows a blank administratrs password and lots of missing critical patches, and port 80, 21, 5000, 8001, 137, 138, 139 wide open.
Boy, isn't hacking fun. now if some one can only bring him down we'd all be much happier wouldn't we? Huge collection of credit cards and porn, lots of hacking tools.
Even has the newest Camerion Diaz topless flick ready for download. Man Cameron looks good with a whip!
Its called Status Quo VS Best Practice. Look it up somewhere geessh.
These days they will give trained monkeys any Certs they can pay for.
Ill take someone with best practice depth and breadth experience and no certs over the Cert Monkeys any day.
Just like the access db only geeks pretend to be programmers, so do some alleged security professionals. And we security professional geeks are tired of the bad image these slackers give us as professional experienced nerds.
This will give most average consumers a simple understandable logical reason to Finally ask the following question.
"Ok Microsoft is out, like Tandy computer was when they made their cases too short to fit most 16 bit cards, What else is their?"
Biggest mistake Tandy ever made was peeing in the face that fed it.
Welcome to your new home. Linux here, can I help you?>
Now about 900 of the 1,000 Linux distros need to consolidate collapse into the remaining, fix what needs to be fixed.
Its not the same day as it was yesterday. The average Joe or Joanne has good reason to feel about windows the same way the average Linux admin does now.
You know if I didint know better I would have to say microsoft wants out of the PC market entirely.
This technology is about the functional control of WHAT content you see, not just IF you SEE it or not.
So depending on social class, skin color, race, age, sexual preference you may end up seeing different content than your neighbor based solely on the type of hardware you purchased
You might say "No!" laws exist on the books to prevent that kind of racist discrimination! I say you are deluded and must be in the US or a country like the US, most of the rest of the world has no such public covenant / contract / constitution against discrimination.
Its a mandatory access control (operated by people with many different Axes to grind) on the input (what you can click) and output paths of the display( What you can see) and sound.
This has incredible potential to subtly be abused. And Not so subtly, if you buy a monitor made in china for Chinese, guess what, INSTANT Censorship so easy the Chinese government only has to ban non Chinese monitors from their markets. Not to mention adding and mixing content, like all American news outlets have content distorted (as in re-written in real time)
Also automatic redlining, no more will neighborhoods have to PUT up with the wrong crowd making a home in the elite posh suburbs because they wont be able to find the houses unless they have l33t equipment.
Banks don't need to worry about writing loans they don't want to over the net, insurance companies can filter you out by buying lists of Serial numbers that are likely in hurricane ravaged areas.
The potential abuses of this bright shiny new technology are limitless. Not to mention guaranteed delivery of SPAM to your desktop etc.
If Bill freaking Gates wants to do the world a favor he will quickly get a list of the supporters of this "Feature" and squash them and this like the Bug that it is.
And comparing the abuse potential of this new DRM feature to the relatively benign abuse potential of the patriot act is like comparing a faithful alter boy to Darth Vader and Hitler combined into one.
-- Anakin Skywalker is a serial child killer, and everyone who plays an Imperial type on Star Wars Galaxies has a serial child killer as a Hero figure and role model
Instead of being able to look at a beautiful women, she will be replaced in real time with a floating thumbnail of her most conservative picture and a permission slip to date my daughter. But, thanks to Microsoft earlier that year the permission slip will be based on more flawed Gemini technology (an encrypted SAML message, with a return IP address of 127.12.52.200)
Microsoft is after all the earth women for themselves!
I think the metaphor fits. 1) Penicillin cells are pencil-shaped when you look at them under a microscope (very suspicious) 2) Eating moldy bread will NOT cure your ear ache -- or anything else. (The UN is just as Non-effective with curing) 3) Bacteria that don't have cell walls are immune to penicillins ( We need to throw up more Walls, no less walls ahaaa.) 4) Most bacteria do have cell walls, but many have changed their wall-building systems so that penicillins can't interfere ( Does this sound familiar?, Bacteria for food for Oil!) 5) We first started using penicillin in the 40's and 50's, most bacteria could be killed by plain penicillin ( Back in the day the UN was effective now its corrupted and just as ineffective as penicillin) The UN was founded April 25th in San Francisco ( And they been Flamboyantly trying to live it down ever sense) 6) Side effects include rashes, allergy and hives ( the Un will just make you vomit these days.) 7) The scariest -- side effect is "anaphylactic" allergy SHOCK, in which your airway swells up you wish you were dead, then you die like a Rwandan in a Greek tragady ( Because that is the script the UN cast for you)
The UN as more in common with moldy bread than they do with charity, compassion, courage, heroism or intelligence. PS and I sure dont want them running any protocols the internet relies on, especially Root TLD's
Slashdot Mirror
>Unless there is a TCPA-bootable-disk-key-checker the BIOS runs, but why?
d f
It's the way security protocols normally change.
First generation will support the old way.
Second generation will support old and new way. aka (switch hitting).
Third generation ONLY supports the new way.
This by the way means the machine wont boot without DRM at the trusted root hardware level
When we get third gen hardware, it is the full intent of the TCP to eliminate old and switch hitting implementations, which means without DRM, your OS can not, WILL NOT boot.
This is what Microsoft and Intel think of, when they think of DRM, this is not what the public believes DRM is at all.
To give you an example, SHA-1 is a crypto hashing routine which will require extensive mods to several existing implemented encryption protocols.
They can't just remove SHA-1 and come out with version 2 they have to transition it.
When the new crypto protocols come in they also will HAVE to support the transition in stages as described above.
For more Crypto-Babble( all be it, excellent) on
transitions for old, switch hitting and new.
See "Deploying a New Hash Algorithm", Steven M. Bellovin and Eric K. Rescorla.
http://www.cs.columbia.edu/~smb/papers/new-hash.p
I gurantee you, 3rd gen DRM at the hardware level WILL abosolutly require a full DRM TCP Linux implimentation or Linux my friend, wont run.
Hit the nail on the head, TCO $ MS numbers should then skyrocket for infecting ones business with Microsoft products.
It doesn't just affect documents, its affects motherboard and card imbedded DRM pseudo safe storage areas.
It will be interesting to see how MS DRM screws Old hardware which can't speak to new DRM software.
Switch-hitting Hardware conponents which can speak both DRM and non DRM OS'es and software.
And the New DRM hardware Agents which can only speak the new MS DRM.
In case anyone has doubts, New DRM MB's will not be able to run any current Linux distro, and new linux distros will have to USE ms DRM or as Microsoft hopes, die on the vine.
Apparently MS can't see the forest through the trees.
I fervently hope, that when people consider migration from 2000, 2003 and XP to Vista, they consider the parent TCO implications on all the DRM'd documents. Not to mention having to low level format all their drives and Bios chips to remove MS infection.
-----BEGIN PGP SIGNED MESSAGE-----
J D6UVm3rjwAni4r
Hash: SHA1
Bruce, when you going to run for something I can help vote you in on?
My educated sentiments parallel Mr. Schneier's.
Not much more to say but thanks again Bruce.
Regards sir.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBQxY/ET40OzQY/jmJEQJF+gCghwtbQ71nbU1lpC8J5
jPinOQbsxGaIKSJlAGKEPTrq
=e9ml
-----END PGP SIGNATURE-----
The level at which this is supported is the same as any other Linux obscured poorly documented mess of text files.
For the average use including system admin its nothing but a pain in the ass to get the 1450 Broadcom wireless card to run on SUSE 9.3 with and AES WPA
It's little crap like this that would overwhelm any Whindhowes Convert trying to go cold turkey
And the sad part is that the average new windows convert is likely going to select SUSE.
Deserved or not, SUSE has good PR with respect to breath of supported drivers.
--
Why did the Linux user cross the road? To crack the flawed windows on the other side.
Want another reason to mod this up, how about real life examples.
: mail.zope.org/pipermail/zope/2002-June/117241.html +%40bankofamerica.com+base64&hl=en
Here is Real life example of where you are proven wrong.
http://64.233.161.104/search?q=cache:h-1fz6LRxFsJ
And with about an hour I could easily document 30 more nearly identical real life Whuupses.
Now if we didint have google to show us all the idiots you'd be quite correct but we do.
Had this fool not connected his company, email servers, passwords and lack of authentication up to his code, he would be completely OUT of MIND not obscured.
His systems are MUCH more likley to face attack (which are likley to be successfull) not becasue of his stupid code, but becasue HE is!
This Moron at the Bank of America published not only the source in a base 64 zip attachments any child could decode. He follow up with which servers use no authentication, no password needed its in the zip.
This is not about GPL'ling vs or convincing your boss on merits its bout not committing carrier limiting moves BY HOW you DO GPL your code.
How you GPL it is much more important that the code or the GPL it's self.
How did I find the above security abomination by Googling for @bankofamerica.com base64 , it's on the first page half way down.
I have had several other real life experiences in coders compromising their companies. With respect to security I have personally been witness to by way of programmers GPL'ing code huge confidential information disclosures due to GPL and poor brain use by the GPL'ing coders.
.
This fools code his email finding its way to Google has made his systems a lot more vulnerable. And IM sorry I can't blame Google, so I have to blame the coder with the small ego.
Obscurity is not the same thing as knowing how and when to keep your mouth sgut and your email address private.
Had he not disclosed who he is and who he works for the same email would have had virtually NO VALUE given the same content.
He has identified the server targets by name which we would not know the meaning of but because he she disclosed its a bank system they have inherently larger value.
Now the because this moron is blathering their code, server names, passwords, associates names, non use of authentication we DONT know if its related to a GPL ego trip but this is exactly what I have seen when coders DO GPL their code.
The risks include direct hacking, blackmail, spear physhing.
This is not a theoretical risk.
Follow my previous advice and the chances of stepping on your own dick are greatly reduced should you want to GPL company code.
I didn't say code should not be GPL'd. I said HOW its GPL'd will make the difference between day and night!
If I forwarded the link to Bank SOX auditors(I have those email addresses handy) this moron would face investigation, suspension, perhaps firing.
We don't know and I don't care about this cases particular circumstances.
Google hacking for code is common, books written about it. Look it up on slash Dhot.
--
Hacking is what happens between the lines of code.
Eliminate anything that costs over $500 from your list.
Its reasonable to assume the average home user will not consider any license costs over $500 for any operating system linux, Red hat , Solaris or any version of windows
How many are left in the Unix group to select from? About 409, how many in the windows group maybe 6 at most.
Regards
I believe that death can be welcomed, expecially to the sheer quanity of linux distros.
:)
Of the 409 nearly identical Linux distributions cataloged at http://www.linux.org/dist/list.html ,
I believe 400 should probably be killed murdered folded spindled and mutilated with permanent life time breathing bans for any one caught seeking a new distro out.
Many point out, you have to try the distro before you can evaluate if you like it. My favorites are slackware, ubuntu, solaris, and suse.
Microsoft has 11 distinctly different distros, and look at the hell they go through with all their code.
The average Linux interested person has not 9 distributions to choose from but 409.
Is it any wonder why average user can't seem to put one of the 409 on the home desktop?
I believe adoption and acceptance if Linux on the home desktop would be quantum leaps ahead of where it is now if a little butchering were to some how happen.
The First and a very formidable roadblock to Linux adoption is the quantities of Distros to pick from, I guess the average home Linux user feels beguiled when tasked with picking the correct distro not to help, the Linux community just nods and smiles as if to them, it's just not important to the meaning of life to bring order the chaos.
Imagine this; 400 slightly different windows versions with nearly the same names. XP pro -1 XP lite, Xp light, XP, lxp, Exppepro, Xp-Peppy-pro, XP-Porn master, XP shockwave edition, windows 2000, windowsXp2, windows200Xp, Windows system 5 xp single user SMP, windows 2003xp.311, trs80-xp-pro, amiga-xp, Xp-Java, windows 3.11 enterprise server pro, windows 2000 millennium, windows-cpm86 edition, and last but not least windows xp pro fro the Cray with porn storage module.
Thankfully Microsoft makes enough bugs with the 11 os'es they have their name.
MS DOS 6.xx, Windows 95, Windows NT Workstation 4.xx, Windows 98, Windows 98 SE, Windows Millennium Edition (Windows Me), Windows 2000 Professional, Windows XP Professional, Windows XP Home Edition, Windows 2000 Server, Windows 2003 Server
The tangible affects of so many distros is hard to see, but I believe it affects focus or lack of focus on packages which bears results as better or worse code, features, security, compatibility, emulations, interfaces, code reviews etc..
Is their really a need for so many, or is it something else?
I recently asked most of my friends which Linux was favored by them amongst Linux distros, the answer was a resounding unanimous OS-X.
I hope many of these unkempt, un-washed spam of un-maintained and pointless distros evaporate and their sites go dark so that others may be embraced and shine over the mediocrity we have today.
--
Please remember to have your non domesticated Linux distro's Spayed or Neutered today!
After RTFA, I was astonished to see "expect edit traffic and vandalism to spike" from "Chairboy 16:51, 17 August 2005 (UTC)"
/.'ers vandalize and edit what ever they see?
This type of slander should be best kept whispered at the red neck wikpidea meetings not on the discussion tab.
Is their precedent for the assertion that
Mod charboy's karma down -1 flambait.
1) Assume, you're not as bright as you think you are
The security architecture flaws in the code will be revealed, exploits developed that with your self ingratiating credits attributing your handiwork to your company by way of email addresses with the companies domain and along with the unwitting conspirators names and emails who helped with the code all of which are very easy to track down using Google.
GPL Lesson 1
Do not attribute the code so that it can be linked back to the associates or persons or company you work for that uses it.
Do not gain personally from your companies work. It just smells like your trying to look good in the GPL community.
Assets of a company are company property even though you conceived developed and birthed the ugly baby, remember you're just its care taker.
Do you really need that much attention; are you able to keep up with and tolerate hands all over your pride any joy?
What happens if that encryption code you implemented, you know the one with the name "Base64_encryption() turns out to NOT be encryption at all, but no one bothers to tell you for 6 months?
You and your company could suffer irreparable damage to the public's opinion when all their accounts are stolen from your base 64 encoded databases.
Lesson 2 if you still have to enlarge your ego,
Get a large consensus of reviewer in company, including legal department, and at least one officer of the company before anonymously releasing your baby into the world.
By eliminating the perception of self ego ingratiation, you will gain true respect( A harder commodity)
If the resulting GPL release could ever be traced back to theft of records, the SOX and HIPAA folks would roast those responsible.
But the best reason to forget your idea, is simpler then all of the above.
If god wants your source code GPL'd he will accommodate you by way of haxxors who will know if your code is good enough to publish better then you do when they see it.
--
Why did the haxxor cross the road? To bit to the other side..
Today is Tuesday Aug 16, 2005 8:50 EST
c /data/w32.zotob.a.htmlc /data/w32.zotob.b.html
c /data/w32.zotob.d.html
c /data/w32.zotob.e.html
From securityresponse.symantec.com, the threat assessment included when patterns were released.
Zotob.A Aug 14 http://securityresponse.symantec.com/avcenter/ven
Zotob.B Aug 14 http://securityresponse.symantec.com/avcenter/ven
Visit this link --> Zotob.D Aug 17 http://securityresponse.symantec.com/avcenter/ven
Note the
Virus Definitions (Intelligent Updater) *
August 17, 2005
Virus Definitions (LiveUpdate(TM)) **
August 17, 2005
Zotob.E Aug 16 http://securityresponse.symantec.com/avcenter/ven
Well Hmm... is Zotob D scheduled for release tomorrow.
Perhaps Symantec should invest in some of those Desk calendars to schedule the virus releases.
Seriously,
for the suxxors who rely on Symantec Live update, they will have to wait another day to get virus patters for viruses out TODAY.
While anyone with smarts enough to manually download the so called intelligent updater can have today's patterns.
Just why Symantec waits, I suppose is so Press consumer pain can and is generated about infections which only boost sales. Or presuming no ulterior motives, its because their download servers are weak and can't update same day scheduled over the whole day for their paying user base. I seem to remember AOL being sued ( and end users winning) for over selling service lines and having over loaded networks.
Don't know why this came out as Symantec bashing, just they way the note was written.
By the way after replacing NIS 2003 with 2005 with anti spam, my advertising is %1000 more of a pain in the ass and the Ad trash can is missing from the product.
Guess the ad's spam and missing ad trash can is why this came out as Symantec bashing, guess Symantec's bad karma's just making the rounds.
Kind 1 are those who cal roll with the punches and
l
...
Kind 2, have a knack for making the worst out of any situation.
Examples
Kind 1
May 13, 2005, 16 current and former law enforcement officers and U.S. soldiers who had accepted more than $222,000 in bribes to help move drugs past checkpoints
http://www.foxnews.com/story/0,2933,156471,00.htm
All apparently arrested without incident.
Fed-ex is now in league with the guy last month in Atlanta GA who killed 4 people by exploiting a security flaw in a deputy's pistol holster security containment system.
At most, he would have done 10 to 180 days on the pending Marijuana charge but he traded the multi day vacation for a death sentence.
Fed-Ex traded good pr for bad pr.
--
What do you call 10,000 lawyers at
They don't
w w.kltprc.net/foresight/Chpt_44.htm+estimate+percen tage+of+unpaid+online+taxes&hl=enw w.offshorepress.com/amnesty-IRS-media.htm+estimate +percentage+of+unpaid+online+taxes&hl=enw w.stateline.org/live/ViewPage.action%3FsiteNodeId% 3D136%26languageId%3D1%26contentId%3D29157+estimat e+percentage+of+unpaid+online+taxes&hl=enh e.honoluluadvertiser.com/article/2005/Feb/08/bz/bz 04p.html+estimate+percentage+of+unpaid+online+taxe s&hl=enw w.nycclash.com/Taxes.html+estimate+percentage+of+u npaid+online+taxes&hl=en
3 minutes to find 5 references to the ugly truth about DRM.
Revenue Implications Grow as More Kentuckians Shop Online
http://66.102.7.104/search?q=cache:D2vchujp29wJ:w
IRS Unveils Offshore Voluntary Compliance Initiative; Chance for 'Credit-Card Abusers' to Clear Up Their Tax Liabilities
http://66.102.7.104/search?q=cache:B_ZGsIxdJqsJ:w
States hunt down online cigarette buyers
http://66.102.7.104/search?q=cache:Wgy5LyWZWtEJ:w
Online tax collection targeted
http://66.102.7.104/search?q=cache:i9kTiiJp7dIJ:t
CIGARETTE TAXES IN NYC
http://66.102.7.104/search?q=cache:z6YpvTYiV5QJ:w
The states and Feds desperately want embedded DRM to link purchases and taxes to change the discretionary tax collection to mandatory tax collection.
It's all a Mac vs. Dac ploy.
You didn't actually think Intel execs were being Arseholes solely just because they are(assholes), did you?
I expect a lot of pressure has been applied to Intel to get embedded DRM in as soon as convenient.
After a review of Intel's Trusted Platform Module,
o ads/trusted_platform_module_white_paper.pdf
.5c to .10c a track, but I guarantee you they will pay $10 to $20 a track after Intel promulgates this bastage of a trogon horse.
http://www.intel.com/design/mobile/platform/downl
I have to completely agree that it is entirely redundant with well established systems.
Examples include
www.pgp.com for encrypted file systems.
Even Encrypting File System EFS which is free will do
I know of a few system that encrypt from bootstrap to power off as well
Their are potentially hundreds of products which perform the function of TPM today(without the DRM)
Their is no functional gain for anyone but those who want to whole sale DRM content for a premium to suxxors who now pay
But Intel will do as Intel has always done.
Ignore all the users on the planet, brown nose to Microsoft the RIAA and government who would dearly love to enable un by passable real time tax assessments on all internet on-line purchases.
I'll bet you the same year Intel succeeds; suddenly the Federal government will waffle and legalize every sort of crap now illegal because they can then tax it.
So you want legal drugs on line tax real time epay and a DRM album that costs $160 sign on to DRM
--
After were gone who will remember what we were fighting for?
It's clear that they are in a very deep way, Nasa and its vendors are quickly learning from mistakes.
Some people have a knack for making the worst of bad situations. I'm pleased that those who nearly wrecked the program are either gone or sidelined.
I find this new found ability to be humble about "things" to be excellent.
Nasa has a long and fruitful future ahead if they continue to learn from mistakes / not repeat them.
This fundamental shift from "hide head in clouds" to realistic optimism is just what the doctor order.
I wish people would recognize this as constructive and stop with the whining about it like its a problem which needs re-fixing.
Compared to other highly polished vehicle transport systems (like Airbus, or any car), the shuttle buss is new and way under funded for the risks they accept.
I could not find the Wikpedia definition of "crapflooded" heh
Did they subcract any of it to Microsoft? Sounds just like a normal Windows OS beta cycle.
/sarcasm
/.
By that logic we could probably save Aviation billions by skipping all the pre flight checks on aircraft too.
I mean they consume time, manpower, resources not to mention we could nearly eliminate the stockpiles of spare parts too.
I mean hell, if the thing flew last time why should we need to check those pesky breakables again!
---
Next time Ill have a real sig, yea thats it thats the ticket!
One recent concern at least in Banking is the use of cheap programmers.
The consensus after analysis was as follows;
1) Cheap Indian programmers are more likely have access to over 65% of the corporations entire on-line source code.
2) They Usually come to the US for training / assimilation and return to India with a few CD's of the complete source library.
3) CD's have no access or audit controls, no expiration date are not signed, dated or checked out.
4) A small suitcase of 5,000-10,000 cash can buy all the CD's from a collection of Indian programmers no questions asked with ZERO hesitation or reporting on the part of the programmers tested.
You get what you pay for.
Some one recently said, "Their will be no Digital Pearl Harbor",
I say you got another thing coming suxxor.
Recommendations:
Suggest your local news paper reporter take several small suitcases of cash to India and Buy most of the financial sectors source code.
Obviously no one at Nasa reads ./ if they did, well I'm sure they would know the easy solution to cosmic Ray bombardment.
Which is of course, a tin foil hat, tin foil covering all electrical appliances, tin foil on the windows of the shuttle?
Maybe some one should send them a note before they have to hassle putting up the foil while space walking.
His IP was 127.63.232.12
Also his C share is Wideee open with no firewall at \\127.63.232.12\C$
Some one with l33t hacking skills and no clue should hack the living hell out of this guy!.
An MBSA scan shows a blank administratrs password and lots of missing critical patches, and port 80, 21, 5000, 8001, 137, 138, 139 wide open.
Boy, isn't hacking fun. now if some one can only bring him down we'd all be much happier wouldn't we?
Huge collection of credit cards and porn, lots of hacking tools.
Even has the newest Camerion Diaz topless flick ready for download. Man Cameron looks good with a whip!
Its called Status Quo VS Best Practice.
Look it up somewhere geessh.
These days they will give trained monkeys any Certs they can pay for.
Ill take someone with best practice depth and breadth experience and no certs over the Cert Monkeys any day.
Just like the access db only geeks pretend to be programmers, so do some alleged security professionals.
And we security professional geeks are tired of the bad image these slackers give us as professional experienced nerds.
This will give most average consumers a simple understandable logical reason to Finally ask the following question.
"Ok Microsoft is out, like Tandy computer was when they made their cases too short to fit most 16 bit cards, What else is their?"
Biggest mistake Tandy ever made was peeing in the face that fed it.
Welcome to your new home.
Linux here, can I help you?>
Now about 900 of the 1,000 Linux distros need to consolidate collapse into the remaining, fix what needs to be fixed.
Its not the same day as it was yesterday.
The average Joe or Joanne has good reason to feel about windows the same way the average Linux admin does now.
You know if I didint know better I would have to say microsoft wants out of the PC market entirely.
This technology is about the functional control of WHAT content you see, not just IF you SEE it or not.
So depending on social class, skin color, race, age, sexual preference you may end up seeing different content than your neighbor based solely on the type of hardware you purchased
You might say "No!" laws exist on the books to prevent that kind of racist discrimination!
I say you are deluded and must be in the US or a country like the US, most of the rest of the world has no such public covenant / contract / constitution against discrimination.
Its a mandatory access control (operated by people with many different Axes to grind) on the input (what you can click) and output paths of the display( What you can see) and sound.
This has incredible potential to subtly be abused.
And Not so subtly, if you buy a monitor made in china for Chinese, guess what, INSTANT Censorship so easy the Chinese government only has to ban non Chinese monitors from their markets.
Not to mention adding and mixing content, like all American news outlets have content distorted (as in re-written in real time)
Also automatic redlining, no more will neighborhoods have to PUT up with the wrong crowd making a home in the elite posh suburbs because they wont be able to find the houses unless they have l33t equipment.
Banks don't need to worry about writing loans they don't want to over the net, insurance companies can filter you out by buying lists of Serial numbers that are likely in hurricane ravaged areas.
The potential abuses of this bright shiny new technology are limitless.
Not to mention guaranteed delivery of SPAM to your desktop etc.
If Bill freaking Gates wants to do the world a favor he will quickly get a list of the supporters of this "Feature" and squash them and this like the Bug that it is.
And comparing the abuse potential of this new DRM feature to the relatively benign abuse potential of the patriot act is like comparing a faithful alter boy to Darth Vader and Hitler combined into one.
--
Anakin Skywalker is a serial child killer, and everyone who plays an Imperial type on Star Wars Galaxies has a serial child killer as a Hero figure and role model
Instead of being able to look at a beautiful women, she will be replaced in real time with a floating thumbnail of her most conservative picture and a permission slip to date my daughter.
But, thanks to Microsoft earlier that year the permission slip will be based on more flawed Gemini technology (an encrypted SAML message, with a return IP address of 127.12.52.200)
Microsoft is after all the earth women for themselves!
I think the metaphor fits.
:)
1) Penicillin cells are pencil-shaped when you look at them under a microscope (very suspicious)
2) Eating moldy bread will NOT cure your ear ache -- or anything else. (The UN is just as Non-effective with curing)
3) Bacteria that don't have cell walls are immune to penicillins ( We need to throw up more Walls, no less walls ahaaa.)
4) Most bacteria do have cell walls, but many have changed their wall-building systems so that penicillins can't interfere ( Does this sound familiar?, Bacteria for food for Oil!)
5) We first started using penicillin in the 40's and 50's, most bacteria could be killed by plain penicillin ( Back in the day the UN was effective now its corrupted and just as ineffective as penicillin)
The UN was founded April 25th in San Francisco ( And they been Flamboyantly trying to live it down ever sense)
6) Side effects include rashes, allergy and hives ( the Un will just make you vomit these days.)
7) The scariest -- side effect is "anaphylactic" allergy SHOCK, in which your airway swells up you wish you were dead, then you die like a Rwandan in a Greek tragady ( Because that is the script the UN cast for you)
The UN as more in common with moldy bread than they do with charity, compassion, courage, heroism or intelligence.
PS and I sure dont want them running any protocols the internet relies on, especially Root TLD's
Wet lasagne... Ewwwwueee Gross!