Yes, but the point is, if the system is powered down when it's stolen, or the hard drive is removed from the system, the full disk encryption will still protect the data. This is only a valid attack vector in the highly unlikely occasion that you have access to the powered on system, and even then it's somewhat dubious as to whether you'll get the data you need off of it. As I said though, this is very interesting from an academic standpoint for the simple fact that it is something that hasn't really been thought of. That being the case though, I can already think of one way to prevent this. Simply store your decryption keys at memory offset 0000:7C00, which will ensure that the BIOS copies the boot loader over your keys the next time the system boots (on x86 systems at any rate).
Hmm... it's kind of assumed that there will at least be a screensaver password enabled that would prevent you from accessing the data directly. On the topic of preventing the new OS from reading the data though, why not store the decryption keys at 0000:7C00. Anyone familiar with how boot loaders work knows that that's the address that the boot loader gets copied into by the BIOS, so if you store your sensitive data there simply booting a new OS would wipe it out.
You kind of missed the point. The argument is that even with full disk encryption it's possible to reboot the system to a special OS that reads the encryption keys out of the RAM before it decays allowing the contents of the disk to then be decrypted. Of course, this overlooks the obvious problem that first you need to get your hands on the running system that already has the password entered and the disks decrypted, and then further allows you to reboot it using an alternative boot mechanism. Most often you run whole disk encryption on things like laptops so that in the event it gets stolen the data on it can't be recovered. Lets imagine how you would pull this attack off in this scenario. First, you need to find a laptop thats powered on, and decrypted, so most likely someone is using it. Next, that person needs to somehow leave the laptop sitting someplace (with sensitive information) powered on, and to be gone long enough for you to swipe it. Also, when you do swipe it, you must ensure that it stays powered on until you get it to wherever you have your forensics setup at. Next, you need to have a floppy, cdrom, or USB stick with your specially crafted OS on it and somehow get the system to reboot into that special OS (mind you at this point you probably don't know for sure if the laptop is using full disk encryption, or even what brand). lastly, you have to be lucky enough to get the specific data you want off the memory before it degrades and you lose it forever. Now, is this possible? Yes. Is it likely? Not even in the slightest. This is an interesting academic exorcise, but means exactly jack in real world security.
As the4thdimension already pointed out, it's a common tenant in systems security that anyone with physical access and sufficient time can disable or otherwise bypass any security system. The fact is, if they're in a position to swipe the RAM out of your computer, they can just as easily take the HD to a secure location to try to brute force it, and/or attach some probes to the RAM and just read the bits straight off it, wouldn't even need to power the system down. Hardware security is just that, hardware, so there will never be an adequate software solution to a hardware security problem. Likewise, software security means nothing if the hardware is vulnerable. It's like building a safe with the most complex and impenetrable locking mechanism ever designed, and then using 1/4" aluminum for the body of the safe, sure no one's going to crack the locking mechanism, but all it takes is 5 minutes with a power drill to bypass it.
That being said, some sort of physical security mechanism probably wouldn't be out of the question for scenarios that actually called for it. For instance, on systems that contain highly sensitive data such as nuclear launch codes or some such, I could envision a tripwire type system on the computer case that detonates shaped charges on the HD and RAM when the case is cracked. This does open up a possible DOS attack vector, but the alternative seems to justify it.
Microsoft has always considered time to market to be much more important than money, or stability and innovation for that matter. A quick refresher of the history of DOS should show that buying products rather than creating them has always been Microsoft's specialization. A lot of people think MS is a software company, but I tend to think of them as primarily a marketing company that does some software on the side.
It's turning potential programmers into sheepal. I was in a OS class with a fellow programming student and the teacher was doing an intro to Linux (don't ask what I was doing in there, it's complicated), and the student asks "But how can you program in Linux, I can't find Visual Studio". The teacher tried to explain that there are plenty of programming tools available besides Visual Studio, but the other student didn't believe him. I've worked with the kinds of morons this concept of click and drool programming produces and it's everything I can do not to beat these people senseless (well, more than they already are). I know it's not entirely the fault of Visual Studio, that it can be used for "Good" as well as "Evil", but Microsoft should put an IQ test of the form designer or something.
Of course we also need to get engines that run on hydrogen that are also safe and efficient, but this is a step at any rate.
If you own a four stroke, spark ignited, internal combustion engine, you have one now. The conversion to run on hydrogen gas instead of liquid gasoline is quite trivial. Yes, but are they safe and efficient, emphasis on that last point.
The real interesting point about this though is that it skips the extra electrical load to free the hydrogen from the water. Assuming there are no gotchas with the production of the dyes and such that make up this system, it could be the most ecologically sustainable system yet. The big problem with most of our fuel sources is that they either A) are non-renewable (oil), B) create greenhouse gases (oil, coal, ethanol), C) are non-portable (solar, wind, geothermal, nuclear [for anything but heating]), D) create radioactive (or hazardous in general) waste (nuclear), or E) Have higher energy input than output (hydrogen, and some say ethanol). Assuming this system works using just the dyes, water, and sunlight, that eliminates the high energy need to produce the hydrogen, thereby giving us a ultimately solar based energy system that's also portable. Of course we also need to get engines that run on hydrogen that are also safe and efficient, but this is a step at any rate.
Now, what concerns me about this system is that usually the dyes used in these things are rather short lived and tend to break down after hardly any time at all. Maybe this should be one of the first real uses of biotech, we should engineer some microbes that produce this dye and live off O2 and water (and various proteins naturally), then we just harvest the excess hydrogen.
Even if this did come to pass, that wouldn't stop China. And who says they're worried about China? My money is they're upset that US citizens will know when our spy satellites are overhead. Alternatively they're worried this might tip off some of the less developed parts of the world, but that begs the question of why we would even care to spy on them. Seriously though, you have to know that if your average American with off the shelf equipment can spot one of these things, it's a joke for the Chinese government.
There is no harm in a.xxx domain, and I'm not opposed to it. I just don't think it will prevent anything, and therefor has nothing to do with this article. I already outlined in other posts on here why voluntary and even involuntary filtering of this kind doesn't work so I'm not going to rehash it here. Feel free to make a.xxx domain, and try to encourage porn companies to use it (probably won't be hard, although they won't give up the.com addresses either), but that's not a solution to "protect" children from porn.
Actually I think the real difference between us is that I don't consider porn to be harmful to anybody barring perhaps the people involved in making it. I find most information to be the same, people often seem to belief that information is dangerous. It's only incomplete information and inaccurate information that's dangerous. To that end we should encourage more scientific research and help make the world a safer place.
Kids want to do a lot of things that are potentially harmful to themselves. I think there are plenty more things out there little timmy could be exposed to that are far more dangerous than porn. That being said, the only way to prevent a child from doing something they really want to do, is to provide them enough information that they no longer want to do it. All poor choices stem from lack of information.
Whitehouse.com used to be a porn site. How am I supposed to know that WhiteHouse.com contains porn? How many teachers, with a classroom full of kids accidentally typed in whitehouse.com instead of whitehouse.gov? Asking search engines to filter content won't block you from accidentally typing in a URL to a porn site.
You're right, but that doesn't mean we shouldn't try. Besides, this isn't about censorship, but about organization by categorization. I'd even be happy if it were 100% voluntary. At least then adult sites can show that they are trying to be responsible. I've got no problem with a voluntary system, but I doubt anyone will really go for it, and it wouldn't be effective no matter what. As it is, most of the reputable porn sites require you to agree to enter (and that you're over 18) before actually showing anything explicit. Those that don't do age verification currently won't take part in any voluntary system, and will probably attempt to circumvent any mandatory one.
Again, you are correct. But I want to have some say as to WHEN my kids are exposed to sex and how it is presented to them. I don't want my 5-yr old daughter learning about sex from a porn site no more than I want my wife learning about relationships from Oprah!
As parents, IT Admins, librarians, school teachers and other people that responsible for filtering content, these tools can only help us do our jobs so we can concentrate on other things. If you don't want your 5 year old learning about sex on the internet you only have two choices. Carefully supervise all her time spent online (probably a good idea anyway), or explain sex to her before the internet does. I find your example of Oprah rather interesting though, because obviously your wife is over 18, and Oprah is hardly considered to be controversial material, and yet you object to it. I think this only goes to prove no one will be 100% happy no matter what people do, and it's not societies responsibility to filter itself to make others happy.
If it's not obvious from the title and the small blurb included in the search results then it's probably not going to be blocked by whatever filter is being used anyway. Of course as someone in a different thread commented, what's the harm anyway?
On a related note I remember back in middle school a number of sites I found while researching had been hijacked and had popup launching scripts installed that open new windows filled with porn banner ads (which of course also had popup scripts, repeat infinitely). These sort of things wouldn't block malware, and they wouldn't filter hijacked websites. Honestly there's no way to prevent children from being exposed to sexual material at some point before they turn 18, short of locking them away till they turn 18, or possibly raising them in an Amish village (and that's not even guaranteed). People just need to live with the fact that children will in fact learn what sex is at some point, and if they didn't make such a huge fuss over it it wouldn't be any big deal.
Why does everyone think kids shouldn't see porn anyways? Its a natural, healthy and normal thing to do. Everyone does it. The only problem i see with sex comes from fear and mis education. Look at the rates of STD's and teen pregnancy in countries where sex education starts early and young people are allowed to see porn and sex. It's our origin as a puritan colony showing through. If our society didn't put such a taboo on sex in general it wouldn't be a big deal, children would know and be exposed to (not take part in mind you) sex as a natural part of their lives and no one would pay it any particular attention.
No, all we need to do is use common sense and not visit sites we don't want to see. Holly crap, what a unique idea. It's no ones responsibility but your own to prevent yourself from seeing things you don't want to. In the case of children the only way to prevent them from seeing things you don't want them to, is to make them not want to see them in the first place. There is NO OTHER WAY.
Yeah, and then what do they do when all the "Think of the Children!!!one!!" crowd are protesting because little Timmy can just check the "Yes I'm 18 or older" box before doing his search for "Hot hardcore cheerleaders"? These people are never going to be happy because what they want is a physical impossibility. They want their kids to be completely 100% safe, docile, fit, happy, and innocent, and not have to lift a finger to do anything about it themselves. Oh, and they don't want to have to pay anyone or have increased taxes either. Also, they want everyone else to be just like them.
Really? Do an image search for some porn. See all those thumbnails? Generated by Google's own software and hosted on Googles own servers. And in doing this research did you happen to notice the "Safe Search" feature that blocks those images unless you agree to view them?
Google already has a "Safe Search" feature on google images that's enabled by default and blocks (or attempts at any rate) pornographic images. I see no reason to implement something similar in the regular search results, as you won't see anything unless you click through to the site anyway. I'm going to be supremely pissed if I have to start clicking a "Yes I'm 18 or older" link every time I want to do a damn search on google because of this stupid whining. Google is not a "content provider", they are a content aggregator, the fact that they attempt to categorize and sort the content is incidental and they can't be held responsible for it because they didn't actually create it and therefor cannot guarantee it's been identified properly.
Slashdot Mirror
Yes, but the point is, if the system is powered down when it's stolen, or the hard drive is removed from the system, the full disk encryption will still protect the data. This is only a valid attack vector in the highly unlikely occasion that you have access to the powered on system, and even then it's somewhat dubious as to whether you'll get the data you need off of it. As I said though, this is very interesting from an academic standpoint for the simple fact that it is something that hasn't really been thought of. That being the case though, I can already think of one way to prevent this. Simply store your decryption keys at memory offset 0000:7C00, which will ensure that the BIOS copies the boot loader over your keys the next time the system boots (on x86 systems at any rate).
Hmm... it's kind of assumed that there will at least be a screensaver password enabled that would prevent you from accessing the data directly. On the topic of preventing the new OS from reading the data though, why not store the decryption keys at 0000:7C00. Anyone familiar with how boot loaders work knows that that's the address that the boot loader gets copied into by the BIOS, so if you store your sensitive data there simply booting a new OS would wipe it out.
You kind of missed the point. The argument is that even with full disk encryption it's possible to reboot the system to a special OS that reads the encryption keys out of the RAM before it decays allowing the contents of the disk to then be decrypted. Of course, this overlooks the obvious problem that first you need to get your hands on the running system that already has the password entered and the disks decrypted, and then further allows you to reboot it using an alternative boot mechanism. Most often you run whole disk encryption on things like laptops so that in the event it gets stolen the data on it can't be recovered. Lets imagine how you would pull this attack off in this scenario. First, you need to find a laptop thats powered on, and decrypted, so most likely someone is using it. Next, that person needs to somehow leave the laptop sitting someplace (with sensitive information) powered on, and to be gone long enough for you to swipe it. Also, when you do swipe it, you must ensure that it stays powered on until you get it to wherever you have your forensics setup at. Next, you need to have a floppy, cdrom, or USB stick with your specially crafted OS on it and somehow get the system to reboot into that special OS (mind you at this point you probably don't know for sure if the laptop is using full disk encryption, or even what brand). lastly, you have to be lucky enough to get the specific data you want off the memory before it degrades and you lose it forever. Now, is this possible? Yes. Is it likely? Not even in the slightest. This is an interesting academic exorcise, but means exactly jack in real world security.
As the4thdimension already pointed out, it's a common tenant in systems security that anyone with physical access and sufficient time can disable or otherwise bypass any security system. The fact is, if they're in a position to swipe the RAM out of your computer, they can just as easily take the HD to a secure location to try to brute force it, and/or attach some probes to the RAM and just read the bits straight off it, wouldn't even need to power the system down. Hardware security is just that, hardware, so there will never be an adequate software solution to a hardware security problem. Likewise, software security means nothing if the hardware is vulnerable. It's like building a safe with the most complex and impenetrable locking mechanism ever designed, and then using 1/4" aluminum for the body of the safe, sure no one's going to crack the locking mechanism, but all it takes is 5 minutes with a power drill to bypass it.
That being said, some sort of physical security mechanism probably wouldn't be out of the question for scenarios that actually called for it. For instance, on systems that contain highly sensitive data such as nuclear launch codes or some such, I could envision a tripwire type system on the computer case that detonates shaped charges on the HD and RAM when the case is cracked. This does open up a possible DOS attack vector, but the alternative seems to justify it.
Microsoft has always considered time to market to be much more important than money, or stability and innovation for that matter. A quick refresher of the history of DOS should show that buying products rather than creating them has always been Microsoft's specialization. A lot of people think MS is a software company, but I tend to think of them as primarily a marketing company that does some software on the side.
public asbtract class StringTheory implements Universe;
Dammit Emacs!
Having been forced to work with SQLServer and IIS, I assure you, they did not get them right.
It's turning potential programmers into sheepal. I was in a OS class with a fellow programming student and the teacher was doing an intro to Linux (don't ask what I was doing in there, it's complicated), and the student asks "But how can you program in Linux, I can't find Visual Studio". The teacher tried to explain that there are plenty of programming tools available besides Visual Studio, but the other student didn't believe him. I've worked with the kinds of morons this concept of click and drool programming produces and it's everything I can do not to beat these people senseless (well, more than they already are). I know it's not entirely the fault of Visual Studio, that it can be used for "Good" as well as "Evil", but Microsoft should put an IQ test of the form designer or something.
If you own a four stroke, spark ignited, internal combustion engine, you have one now. The conversion to run on hydrogen gas instead of liquid gasoline is quite trivial. Yes, but are they safe and efficient, emphasis on that last point.
The real interesting point about this though is that it skips the extra electrical load to free the hydrogen from the water. Assuming there are no gotchas with the production of the dyes and such that make up this system, it could be the most ecologically sustainable system yet. The big problem with most of our fuel sources is that they either A) are non-renewable (oil), B) create greenhouse gases (oil, coal, ethanol), C) are non-portable (solar, wind, geothermal, nuclear [for anything but heating]), D) create radioactive (or hazardous in general) waste (nuclear), or E) Have higher energy input than output (hydrogen, and some say ethanol). Assuming this system works using just the dyes, water, and sunlight, that eliminates the high energy need to produce the hydrogen, thereby giving us a ultimately solar based energy system that's also portable. Of course we also need to get engines that run on hydrogen that are also safe and efficient, but this is a step at any rate.
Now, what concerns me about this system is that usually the dyes used in these things are rather short lived and tend to break down after hardly any time at all. Maybe this should be one of the first real uses of biotech, we should engineer some microbes that produce this dye and live off O2 and water (and various proteins naturally), then we just harvest the excess hydrogen.
There is no harm in a .xxx domain, and I'm not opposed to it. I just don't think it will prevent anything, and therefor has nothing to do with this article. I already outlined in other posts on here why voluntary and even involuntary filtering of this kind doesn't work so I'm not going to rehash it here. Feel free to make a .xxx domain, and try to encourage porn companies to use it (probably won't be hard, although they won't give up the .com addresses either), but that's not a solution to "protect" children from porn.
Actually I think the real difference between us is that I don't consider porn to be harmful to anybody barring perhaps the people involved in making it. I find most information to be the same, people often seem to belief that information is dangerous. It's only incomplete information and inaccurate information that's dangerous. To that end we should encourage more scientific research and help make the world a safer place.
As parents, IT Admins, librarians, school teachers and other people that responsible for filtering content, these tools can only help us do our jobs so we can concentrate on other things. If you don't want your 5 year old learning about sex on the internet you only have two choices. Carefully supervise all her time spent online (probably a good idea anyway), or explain sex to her before the internet does. I find your example of Oprah rather interesting though, because obviously your wife is over 18, and Oprah is hardly considered to be controversial material, and yet you object to it. I think this only goes to prove no one will be 100% happy no matter what people do, and it's not societies responsibility to filter itself to make others happy.
If it's not obvious from the title and the small blurb included in the search results then it's probably not going to be blocked by whatever filter is being used anyway. Of course as someone in a different thread commented, what's the harm anyway?
On a related note I remember back in middle school a number of sites I found while researching had been hijacked and had popup launching scripts installed that open new windows filled with porn banner ads (which of course also had popup scripts, repeat infinitely). These sort of things wouldn't block malware, and they wouldn't filter hijacked websites. Honestly there's no way to prevent children from being exposed to sexual material at some point before they turn 18, short of locking them away till they turn 18, or possibly raising them in an Amish village (and that's not even guaranteed). People just need to live with the fact that children will in fact learn what sex is at some point, and if they didn't make such a huge fuss over it it wouldn't be any big deal.
No, all we need to do is use common sense and not visit sites we don't want to see. Holly crap, what a unique idea. It's no ones responsibility but your own to prevent yourself from seeing things you don't want to. In the case of children the only way to prevent them from seeing things you don't want them to, is to make them not want to see them in the first place. There is NO OTHER WAY.
No actually, and you're trolling. I expect to see you moderated into oblivion shortly.
Yeah, and then what do they do when all the "Think of the Children!!!one!!" crowd are protesting because little Timmy can just check the "Yes I'm 18 or older" box before doing his search for "Hot hardcore cheerleaders"? These people are never going to be happy because what they want is a physical impossibility. They want their kids to be completely 100% safe, docile, fit, happy, and innocent, and not have to lift a finger to do anything about it themselves. Oh, and they don't want to have to pay anyone or have increased taxes either. Also, they want everyone else to be just like them.
Google already has a "Safe Search" feature on google images that's enabled by default and blocks (or attempts at any rate) pornographic images. I see no reason to implement something similar in the regular search results, as you won't see anything unless you click through to the site anyway. I'm going to be supremely pissed if I have to start clicking a "Yes I'm 18 or older" link every time I want to do a damn search on google because of this stupid whining. Google is not a "content provider", they are a content aggregator, the fact that they attempt to categorize and sort the content is incidental and they can't be held responsible for it because they didn't actually create it and therefor cannot guarantee it's been identified properly.