For example, Google could rig their search engine to never index any web pages that discuss either yahoo's mapping service (formerly mapquest) or microsoft's mapping service with it is really awesome "bird's eye view" feature.
Like Disk Manager telling me "Unknown filesystem" when they know full well it's an ext2?
Worse than that, passwords are considered THE worst for security. But they are the cheapest and most easily implemented, which is why everybody uses them.
Compared to what, exactly? I can't stress enough the importance of being able to replace security keys at will.
Also, there is absolutely nothing more secure than a used-up one-time password. Kinda hard to do with iris scans, don't you think?
A Responsible Citizen would have safeguarded his identity, and would never have engaged in physical conflict. I'm afraid that, in addition to your re-authentication penalty charge, that will be going on your permanent record...
Heh. Now it's even illegal if you didn't cause that car crash:)
If a password is broken, and your email account or whatever is compromised, that sucks; but you can generate a new one for future rounds. If a biometric ID is cracked, you can't generate a new one, so any and all systems, for the rest of your life, that are "secured" by biometrics aren't secure.
Which reminds me. What do you do with an iris scan if you lose your eyes? Fingerprint if you lose that finger? Facial recognition after a fight with the neighbor...
Iris and fingerprint recognition are mature technologies; they can deliver low false negatives with virtually no false positives.
Passwords deliver 0% false negatives and 0% false positives. If it rejects you, just type it again.
There are well-defined and effective ways of preventing spoofing.
Like what? A hash of my whole eyeball?
Anyway, nice job twisting my point. Let me repeat: 1. Not secret. Unique, but not secret. Which means, if someone gets the technology to spoof one, they can spoof all. What, fingerprints? They use them to catch criminals because we leave them all over the place. 2. Not replaceable. If you find out someone can spoof your iris, what do you do? Grow new ones?
Just because the technology isn't available yet, don't assume it never will be.
There is only one thing that biometrics add to security: noone has to tell the Big Boss he can't juse his initials as password anymore. Apparently it's worth it.
If that's the standard, all security features should be removed. Everything is somewhat vulnerable, and a determined intruder with infinite resource will almost always find a way in. The object is to make this unreasonably hard for most applications.
Not quite. Biometrics are horrible for security, because 1. they're not secret, 2. they're not easily replaceable. Once they have a picture of you, facial recognition is broken. Once they have your fingerprint, that's broken as well.
Once they have your password, you choose another one and that's it. I'd like to see you do that with your face.
If we went back to the halcyon having everyone assemble their own circuit boards, write their own BIOS and multitasking OS, there would be little chance of having the programs we do today. How would something like Photoshop run on a computer where each one had a different OS and different function calls?
Duh. This is what Unix history was all about. The answer is simple: standardized API. This is how Linus was able to build a kernel existing code would run on.
You can do what you want under the hood, as long as you keep the interface in tact.
Nice delusion, but totally false-to-fact. Maybe back in the day of the Altar or Apple II you could control the entire machine, but today you didn't write the OS, the BIOS, the device firmware, the drivers, the utilities, or the programs. You have no say in the matter.
Except you do, especially on Gentoo and LFS, where you can even make sure the code you're running is the code they say it is. You're not forced to blindly accept your OS, and that makes it credible. On LFS, you're encouraged to apply your own patches as you see fit.
Of course, they could use the Linux kernel. And they could call it 'Maginot Linux'!
To be fair, the Maginot Line had only one flaw: it only defended against an attack from Germany. Not Belgium. I think they deserve a collective Darwin Award for that.
More secure since your average botnet can't infect the machines?
Yep. until it gains enough popularity to be a target.
The only way against that is compile-time randomizations, so that for the same source code, no two binaries and running code can be hacked with the same method.
The internet is the cess pool^W^W happy village square where we all meet together. Your own network is not the "internet" and you can run it any way you want; it won't influence the rest of the world.
That's exactly why it's indestructable. And make no mistake, the real security problem is not anonymity, it's Windows. Or rather, all those programmers who don't give a boop about security.
Let's face it: the world is interconnected, and it will stay that way for a long, long time. We need to grow up to the challenge.
It's almost like saying "Yeah, he might have handed the guy a hammer and then watched and laughed, but he didn't beat that woman to death. Let him off!"
Keyword: almost. Except one is a crime, and against basically every moral code ever conceived by man.
Copying, on the other hand is absolutely natural. There was no concept of copyright until printing became semi-widely available, and it was originally meant to protect a select few who could afford a printing machine from each other.
You make "willingly aiding copyright infringement" sound like they're a bunch of pedophiles. Now go ahead and tell me that all the music to listen to came from a store.
I don't think so. Unless this case is radically different from all the others.
Oh, and
Just some stats...... here are some reasons why TPB is down sometimes - and how long it usually takes to fix: Tiamo gets *very* drunk and then something crashes: 4 days Anakata gets a really bad cold and noone is around: 7 days The US and Swedish gov. forces the police to steal our servers: 3 days.. yawn. Posted 06-05 2006 by tpb
Slashdot Mirror
But who's going to have the time to write reviews of so many feature films and their respective encode jobs?
The uploader of course.
For example, Google could rig their search engine to never index any web pages that discuss either yahoo's mapping service (formerly mapquest) or microsoft's mapping service with it is really awesome "bird's eye view" feature.
Like Disk Manager telling me "Unknown filesystem" when they know full well it's an ext2?
It'll be like MS Messenger and classify all .mp3 files as "dangerous".
I even had trouble sending .txt's. Now I'm sticking to Kopete, thank you very much.
Worse than that, passwords are considered THE worst for security. But they are the cheapest and most easily implemented, which is why everybody uses them.
Compared to what, exactly? I can't stress enough the importance of being able to replace security keys at will.
Also, there is absolutely nothing more secure than a used-up one-time password. Kinda hard to do with iris scans, don't you think?
A Responsible Citizen would have safeguarded his identity, and would never have engaged in physical conflict. I'm afraid that, in addition to your re-authentication penalty charge, that will be going on your permanent record...
Heh. Now it's even illegal if you didn't cause that car crash :)
If a password is broken, and your email account or whatever is compromised, that sucks; but you can generate a new one for future rounds. If a biometric ID is cracked, you can't generate a new one, so any and all systems, for the rest of your life, that are "secured" by biometrics aren't secure.
Which reminds me. What do you do with an iris scan if you lose your eyes? Fingerprint if you lose that finger? Facial recognition after a fight with the neighbor...
Maybe its time I got in touch with that bully I knew in kindergarten. He seemed to have a natural gift in that area.
He had two faces?
Iris and fingerprint recognition are mature technologies; they can deliver low false negatives with virtually no false positives.
Passwords deliver 0% false negatives and 0% false positives. If it rejects you, just type it again.
There are well-defined and effective ways of preventing spoofing.
Like what? A hash of my whole eyeball?
Anyway, nice job twisting my point. Let me repeat:
1. Not secret. Unique, but not secret. Which means, if someone gets the technology to spoof one, they can spoof all. What, fingerprints? They use them to catch criminals because we leave them all over the place.
2. Not replaceable. If you find out someone can spoof your iris, what do you do? Grow new ones?
Just because the technology isn't available yet, don't assume it never will be.
There is only one thing that biometrics add to security: noone has to tell the Big Boss he can't juse his initials as password anymore. Apparently it's worth it.
If that's the standard, all security features should be removed. Everything is somewhat vulnerable, and a determined intruder with infinite resource will almost always find a way in. The object is to make this unreasonably hard for most applications.
Not quite. Biometrics are horrible for security, because 1. they're not secret, 2. they're not easily replaceable. Once they have a picture of you, facial recognition is broken. Once they have your fingerprint, that's broken as well.
Once they have your password, you choose another one and that's it. I'd like to see you do that with your face.
Ever notice the "Internet Explorer provided by Dell" title bar?
I have a Dell laptop, but there's no such thing on it. Of course the first thing I did with it was fdisk.
I send out a newsletter with about 250 subscribers per zombie.
If we went back to the halcyon having everyone assemble their own circuit boards, write their own BIOS and multitasking OS, there would be little chance of having the programs we do today. How would something like Photoshop run on a computer where each one had a different OS and different function calls?
Duh. This is what Unix history was all about. The answer is simple: standardized API. This is how Linus was able to build a kernel existing code would run on.
You can do what you want under the hood, as long as you keep the interface in tact.
Nice delusion, but totally false-to-fact. Maybe back in the day of the Altar or Apple II you could control the entire machine, but today you didn't write the OS, the BIOS, the device firmware, the drivers, the utilities, or the programs. You have no say in the matter.
Except you do, especially on Gentoo and LFS, where you can even make sure the code you're running is the code they say it is. You're not forced to blindly accept your OS, and that makes it credible. On LFS, you're encouraged to apply your own patches as you see fit.
DIY distros are fun, try it sometime.
A rouge machine in the Czech Republic was making bad AS advertisements that caused systems world wide to fail.
Wasn't the internet designed to withstand WW3? And now a single machine takes it down?
Please enlighten me, how is that possible?
All we have to do to compete in the global economy is imprison the entire country.
DMCA. RIAA. MPAA. HAND.
I don't think so. x86-64 is fully backwards-compatible with x86. Itanium is not.
Wanna guess why they're not that popular?
Stupid users aren't as bad as stupid network administrators.
Stupid users admin their own machines at home. Don't forget that.
Why do you people always think in corporate networks? They're not the main target for botnets.
Of course, they could use the Linux kernel. And they could call it 'Maginot Linux'!
To be fair, the Maginot Line had only one flaw: it only defended against an attack from Germany. Not Belgium. I think they deserve a collective Darwin Award for that.
More secure since your average botnet can't infect the machines?
Yep. until it gains enough popularity to be a target.
The only way against that is compile-time randomizations, so that for the same source code, no two binaries and running code can be hacked with the same method.
IANASE, can that actually be done somehow?
Like what? What could be MORE vulnerable than a Microsoft operating system without a firewall?
As much as it sounds like a troll, you're correct. Most of the malware out there is for Windows.
But that's not the only factor. Stupid users are cross-platform. (Well, not so much on, say, OpenBSD or Haiku, but still.)
Also, just stick to a few trusted web sites, don't browse promiscuously, and you'll be fine. But life will be boring.
And how is that not too self-limiting? I say, get a real OS and noscript.
P.S. Anyone ever heard of uclibc-based malware?
Of course botnets wouldn't exist without malware authors, but neither would they without that many Windows and IE vulnerabilities.
They would. Except they would have a much, much harder time building up a botnet that has any value.
As I recall, the first worm appeared before Windows.
The internet is the cess pool^W^W happy village square where we all meet together. Your own network is not the "internet" and you can run it any way you want; it won't influence the rest of the world.
That's exactly why it's indestructable. And make no mistake, the real security problem is not anonymity, it's Windows. Or rather, all those programmers who don't give a boop about security.
Let's face it: the world is interconnected, and it will stay that way for a long, long time. We need to grow up to the challenge.
It's almost like saying "Yeah, he might have handed the guy a hammer and then watched and laughed, but he didn't beat that woman to death. Let him off!"
Keyword: almost. Except one is a crime, and against basically every moral code ever conceived by man.
Copying, on the other hand is absolutely natural. There was no concept of copyright until printing became semi-widely available, and it was originally meant to protect a select few who could afford a printing machine from each other.
You make "willingly aiding copyright infringement" sound like they're a bunch of pedophiles. Now go ahead and tell me that all the music to listen to came from a store.
This is far from over.
I don't think so. Unless this case is radically different from all the others.
Oh, and
Just some stats... ... here are some reasons why TPB is down sometimes - and how long it usually takes to fix: Tiamo gets *very* drunk and then something crashes: 4 days .. yawn.
Anakata gets a really bad cold and noone is around: 7 days
The US and Swedish gov. forces the police to steal our servers: 3 days
Posted 06-05 2006 by tpb