From one of the mails of the guy who made this proposal:
What's the downside to my patch ? I guess we are now holding an authoritative server to the promise not to change the NS record for the duration of the TTL, which is kinda what the TTL is for in the first place:)
I wonder if this is an issue. Otherwise it seems Kaminsky may really have missed the point.
I don't know whether it is that,or they are just sticking the Linux boxes in the corner. They tell the CIO "Linux? Sure it is good for email servers,since email is full of spam and malware nowadays,or for a file server that you want access to on the DMZ without authentication,but do you really want to give up the ease of use that is your AD domain? We would be happy to set up Linux servers to do email and file serving FOR you,and we'll do it all at a lower initial cost and with a lower TCO. What do you say?"
I agree that it is simply good business to offer a full solution like that. And let us not forget that while there are plenty of Windows admins,Linux admins are harder to find and more expensive to boot. Frankly I wouldn't be surprised if in a year or two they don't just take the plunge and buy one of the smaller distros that works well with Windows Server(My money would be on Xandros. They could get it cheap and with the API deal their server product works wonderfully in an AD domain. It also rips off the Win MMC for the interface,so no retraining required.) and offer it as "An integrated end to end solution that minimizes risks thanks to a non homogeneous environment and maximizes both customer satisfaction and server uptime." But as always this is my 02c,YMMV
Why do they need to compete by selling a linux-based windows-clone, when any sale of windows for more than 0$ makes profit?
One thing that really disappoints me about C++ is the direction that it's been heading for the past 5 or 6 years - "template programming". In fact it's about as bad as perl in terms of readability and maintainability, but much worse for debuggability. I can't think of any programming "language" worse than C++ template programming. I stay away from Boost and really hate what it's doing to C++.
I respectfully disagree. The direction C++ is heading, with C++0x, is awesome. With the next standard, error messages from compilation of templated code will become comprehensible, thanks to concepts. This will mean using complex stl classes will be as easy as using java generics. Of course, designing the STL will still be hard, but I for one do not have to do that.
Also C++ will become viable for functional programming (which is possible but horrible nowadays) thanks to lambdas and closures.
I can't believe I just read "comprehensible" error messages and a mention of Java generics in the same paragraph.
Don't get me wrong, I love Java, but Generics were a tacked on hack and if you get into doing anything sufficiently complex with them, i.e. polymorphism and wildcard behaviors your image of them being "easy" and "comprehensible" will be tarnished.
Admittedly, I didn't do any serious Java programming since generics were introduced, so the comparison was mostly pulled out of my a**.
One thing that really disappoints me about C++ is the direction that it's been heading for the past 5 or 6 years - "template programming". In fact it's about as bad as perl in terms of readability and maintainability, but much worse for debuggability. I can't think of any programming "language" worse than C++ template programming. I stay away from Boost and really hate what it's doing to C++.
I respectfully disagree. The direction C++ is heading, with C++0x, is awesome. With the next standard, error messages from compilation of templated code will become comprehensible, thanks to concepts. This will mean using complex stl classes will be as easy as using java generics. Of course, designing the STL will still be hard, but I for one do not have to do that.
Also C++ will become viable for functional programming (which is possible but horrible nowadays) thanks to lambdas and closures.
I love python, but I see my own python projects (developed at astonishing speed) quickly become pretty ugly, as opposed to say, my C++ code which mostly has a reasonably thought out design. That's mostly ok, as most of them are prototypes anyway... but you never know when a prototype will turn into something else!
I think a robust python codebase requires strong committment to quality coding standards, and an automatic checker to enforce at least some of them. I'm not sure if pychecker cuts it. Otherwise it's just too easy to do potentially evil things (like adding members to a class from outside the class, which is convenient but very confusing too, or getting into the whole import mess with too many from import *). Oh and unit tests, unit tests...
You can't disregard software licenses on the one hand and expect the GPL to be upheld on the other. If what you're saying is true then I can simply redistribute my own modified version of Linux without providing source.
Why not? GPL is a distribution license, it does not restricts normal usage, nor does it restricts any kind of distribution that is already legal under the existing copyright laws. Apple's software license in question is an EULA, and it restricts usage and redistribution far above and beyond plain copyright.
Thank you, I was sure there was a difference between the two but in my legal cluelessness I couldn't quite find what it was.
Apple had to struggle to find a single carrier willing to allow the iPhone. Google showed up with six. You don't get six times as many carriers by promising them less control.
Apple had to struggle because they were asking some 200+$ per handset sold from the carrier, into their pockets. Sorry don't remember the exact figure, but it was here on slashdot a few months ago, so it must be true:-)
So a carrier had to estimate the iphone would mostly attract new customers (rather than customers who would use their services anyways) or it would not be profitable (relative to having the same costumer with another phone).
The law should not care about apple's (or anyone else's) buiseness model. It should just care about providing a framework for a competitive market.
In my opinion, any license provision which enforces vertical integration should be unenforcable. I have not read TFA (hey, this is slashdot!), so I'll make a generic example. Let's say apple sells an operating system. It also sells computers with the os preinstalled. Let's say somebody else starts buying the operating system from apple, buying hardware from somewhere else, and selling the hardware with the operating system preinstalled. First sale doctrine should allow this. The assertion that the software is licensed rather than sold shouldn't in my non-lawyer opinion hold in court, since there are no recurring payments.
This is good for competition because it would force apple to have their hardware be competitively priced. Of course, if their hardware has a high cool factor (like the macbook air, or the iphone) and people are willing to pay extra for that, that doesn't mean it has to be cheap.
The problem is that although robot cars could be proven 10 times safer than the average driver, nearly all drivers think they drive much more safely than the average driver.
There's just so much time wasted on the road. Link all the cars and let a computer control them and the moment the light goes green all the cars could accelerate at once rather than the first car moving off, then the second, then the third etc. On top of that throw in smarter traffic lights, better public transport systems(since there would be no need for drivers the money could be spent on more busses/trains) and being able to sleep on your way into work and you have a big winner
The solution to traffic congestion is not to be found in any amount of technology. It's called public transport. It's not a coincidence that the cities which are ranked highest by studies of quality of life: http://www.finfacts.ie/qualityoflife.htm have great public transport systems. Like Vienna, which is ranked 2nd, where most people just don't bother owning a car.
In case you are curious, the first US city ranks 28th (honolulu). If you want to read the newspaper on your way to work, underground/tram/bus is the way to go. Of course in many places it is not an option because there is no decent public transport, but this can be fixed. Quickly, if you tax motorists coming into town and spend the money on improving public transport.
PLEASE NOTE THAT WHAT WAS CONSIDERED HUMOR EARLY IN THE 20TH CENTURY MIGHT TODAY BE DEEMED OFFENSIVE AND POLITICALLY INCORRECT. SOME OF THESE OLD SONGS REFLECT THAT.
I have to add some random text here so slashdot won't complain I have too many caps... There! slashdot cap protection hacked!
Since stuff like P2P and spam takes alot of bandwith without any of the service and content providers making money
Excuse me, but how do the ISPs make money? from users subscription. And why do users care that their internet access have decent bandwidth (beyond the cheap basic service they need to read their mail on google or yahoo?) because of large, multimedia downloads, which are effectively distributed (legally or illegally) over P2P. The ISPs have no natural economic incentive to block whatever the users want to do, unless either:
a) they have a flawed billing model, where they provide extremely high bandwidth at a flat rate and expect users not to use it
OR b) anticompetitive, vertical integration: the ISPs are also content providers, and want to hook you into whatever shit they are selling you
Of course, anti-P2P regulation can provide such incentive (by giving ISPs big fines if they don't block P2P, for instance).
True, yet the odds are enormously larger that the number of objects smaller than 300m is considerably greater than the number that can be detected. This, logically, makes it relatively pointless to search for 'the biggies' when the risk of a cataclysmic sterilizing event secondary to a smaller, less than 300m , object has to be considerably higher.
A 300m object will make a big BOOM, but it won't kill many people unless it lands on Manhattan (which is unlikely). If we do a little game theory and use the number of human lifes lost as cost, we have to multiply the probability of an event by the number of people it will kill.
If the big asteroids (of the kind that made dinosaurs go extinct) happen once every 70 million years on average, and we assume they kill all of us 7 billions people when they hit, then the big asteroids kill 100 people a year on average.
"Blow" is the powdered form of cocaine. Most of the drug addicted hookers smoke crack cocaine, not powdered coke. Although some of the ones I know are heroin junkies, some are alcoholics, and some aren't addicted to anything except money (those are my favorites).
I pay 'em in cash, let 'em buy their own damned dope!
Since this was not posted as AC... this is either not true or surprisingly frank!
So, it will be able to track those objects of such size or greater that would , unavoidably, sterilize our planet... yet be unable to track those ( dia 300m ) whose paths we actually might be able to deflect...
but it is a start and is to be applauded....
Who says we can't deflect a 1km object? The point is, you can't do it Armageddon-style at the last minute. But you can give it a small push in some direction 10 orbits (or 30 years) before it hits us. That's why orbit predictions need to be 50 years ahead.
So what is worth tracking that is 1.1Pb of data? Are there really that many NEO that are to be concerned about? 1.1Pb is a LOT of data to manage, even with a cluster of "50 PC's". Will this data be used for modeling or just for tracking or a combination of both? I'm interested in the technical explanation for needing that large of storage.
My dad is currently in Hawaii, working on the data analysis software for Pan-STARRS, so I have a vague idea of what it is about.
It's not the NEO that use 1.1Pb of data, it's storage of the raw (high resolution) data from the telescope. In fact, I'm not even sure they CAN archive all the images.
The point of having it is finding NEO, computing their orbits, so we can be able to predict our doom (and maybe do something about it before it happens).
Actually I think the system also has civilian space-flight applications (finding space debris) as well as military ones.
IMHO TFA is very much correct this is a problem. The solution is not obvious, because users are used to the lock icon and may not understand the concept that confidentiality and authentication are 2 separate protperties, so how do we design a GUI which does not mislead him.
The people who don't understand this are not IT people who are going to be futzing with self-signed certs, or are IT people who need to clue up and understand the implications of using self-signed certs.
I'm talking about browser users, who have to decide whether to trust their email account or banking account password to a website based on feedback from the browser GUI. Cannot expect them to have a PhD in computer security.
As this blog post explains, while the current software patent situation exists, Mono is an unacceptable risk.
What makes Mono an 'unacceptable risk' but allows Wine to become one of the most often praised open source projects on Slashdot?
Wine can be used to run those few windows apps for which you do not have no linux replacement, under linux. Mono is a development environment which could be used for just about anything... what if gnome, or some important gnome apps, got ported to Mono, and the day after Microsoft comes up with the bill?.. or with usage restrictions of some kind... Please read the link in the parent post, before replying... Here it is again:
The whole point of SSL is to have some assurance that you are connecting to whom you think you're are connecting to.
No. As TFA says, there are 2 points to SSL. 1 is to provide confidentiality (encryption) the other is to authenticate the server to the user. A server with a self-signed certificate provides protection against passing (but not active) snooping. This is worse than what a real, trusted-third-party signed certificate provides, but it is better than no encryption at all!
So why does the firefox GUI make a site with a self-signed certificate appear (to the non-technical user) less secure than a plain HTTP site?
IMHO TFA is very much correct this is a problem. The solution is not obvious, because users are used to the lock icon and may not understand the concept that confidentiality and authentication are 2 separate protperties, so how do we design a GUI which does not mislead him.
No, it's not. It shouldn't prevent me from doing anything on my machine.
Correct. It shouldn't prevent you from doing anything on your machine. But it should take steps to ensure that you actually are doing things.
It should prevent other people from doing it behind my back.
And how is the OS supposed to know the difference? How does it know that you installed grub, and that it wasn't installed behind your back? How does it know that the grub installed hasn't been modified or tampered with? How does it know grub isn't a rootkit?
Taking the control of the computer's private key away from the user is not the only solution to this technical problem. Another one would be to have an option in the bios (which requires physical access and a password) to have the TPM sign a bootloader if I want to. I'm not saying this is the optimal solution, I'm sure there are better ones that could have been designed if the goal were really the user's security.
Vista's digital signatures requirements and checks -does- protect you from that sort of tampering. Its a good thing.
The only flaw, as I said in my post, is that vista doesn't give us a well defined method of trusting code that it doesn't trust by default.
I agree 100%. Except in my opinion this flaw is fundamental enough to make the entire feature harmful rather than useful.
The problem with Vista is that the process of 'signing' a copy of grub and getting Vista to trust it is not an established and well documented procedure, if it is even possible.
However, given that you can develop windows device drivers and test driver signing etc, and you can create 'developer signatures' that will apply to just your machine(s), there apparently **IS** a process for doing it.
So rather than disable Vista's driver signing and so forth, we should be signing GRUB so Vista knows that we trust it.
That would be nice, but Vista does not allow it. From some quick googling, this site came up:
For development and testing purposes only, kernel-mode code signing enforcement can be temporarily disabled. For more information, see Installing an Unsigned Driver During Development and Test (Windows Server 2008 and Windows Vista).
For general information about how to sign a Windows Server 2008 or Windows Vista driver for public release, see Signing Drivers For Public Release (Windows Server 2008 and Windows Vista).
Which means you can disable signing for development purposes. You cannot sign something for your local machine only. So we can either disable the signing feature, or let microsoft decide for us what we trust. The better option is to disable it, which adds exactly 0 to our security... and this option doesn't even seem to be available for bootloaders, which is what this thread is about.
Vista's security chain works as designed and intended, preventing from you to inject an untrusted bootloader into the bootstrap. Isn't that what we -want- from our security systems?
No, it's not. It shouldn't prevent me from doing anything on my machine. It should prevent other people from doing it behind my back. Personally, I trust grub more than I trust microsoft (not a fair comparison, I admit, Windows is a fair bit more complicated, and therefore buggy, than grub)
I'm failing to see why this is a big deal. Software is in place to check for a piece of third party code intercepting your encryption key... It successfully detects GRUB as such software, and stops. So what?
This is a flaw of the trusted computing architecture. If the partition of the trusted OS (Vista) is encrypted, Multiboot does not break trust, because the other OS cannot decrypt the partition. But in trusted computing, if an untrusted bootloader loads a trusted OS the chain of trust is broken.
If trusted computing were designed with the user's interest in mind, the user would be able to decide that the bootloader he is using (grub) is trusted, sign it with a key which enables that bootloader only on his computer, and get on with his life. But now we have to wait for Microsoft to implement and sign a real bootloader... good luck with that.
I am not interested in any virtual 3d world that isn't decentralized, meaning that anyone can set up their own server with their own rules, with the ability to easily and seemlessly travel between servers. Something like a 3d version of the www.
I second that 100%. A 3D-equivalent of the WWW would perhaps have many advantages (as usual, it is hard to imagine how we would really use it), but it needs to be as open as the WWW to be of any real use. So there needs to be an interoperable standard for avatars, and a standard protocol for your "browser" to interact with any 3d server. Why would I, as a company, invest in an online store inside second life, which is an environment over which I have 0 control, where some other company has the power to print money?
Slashdot Mirror
From one of the mails of the guy who made this proposal:
What's the downside to my patch ? I guess we are now holding an :)
authoritative server to the promise not to change the NS record for
the duration of the TTL, which is kinda what the TTL is for in the
first place
I wonder if this is an issue. Otherwise it seems Kaminsky may really have missed the point.
I don't know whether it is that,or they are just sticking the Linux boxes in the corner. They tell the CIO "Linux? Sure it is good for email servers,since email is full of spam and malware nowadays,or for a file server that you want access to on the DMZ without authentication,but do you really want to give up the ease of use that is your AD domain? We would be happy to set up Linux servers to do email and file serving FOR you,and we'll do it all at a lower initial cost and with a lower TCO. What do you say?"
I agree that it is simply good business to offer a full solution like that. And let us not forget that while there are plenty of Windows admins,Linux admins are harder to find and more expensive to boot. Frankly I wouldn't be surprised if in a year or two they don't just take the plunge and buy one of the smaller distros that works well with Windows Server(My money would be on Xandros. They could get it cheap and with the API deal their server product works wonderfully in an AD domain. It also rips off the Win MMC for the interface,so no retraining required.) and offer it as "An integrated end to end solution that minimizes risks thanks to a non homogeneous environment and maximizes both customer satisfaction and server uptime." But as always this is my 02c,YMMV
Why do they need to compete by selling a linux-based windows-clone, when any sale of windows for more than 0$ makes profit?
One thing that really disappoints me about C++ is the direction that it's been heading for the past 5 or 6 years - "template programming". In fact it's about as bad as perl in terms of readability and maintainability, but much worse for debuggability. I can't think of any programming "language" worse than C++ template programming. I stay away from Boost and really hate what it's doing to C++.
I respectfully disagree. The direction C++ is heading, with C++0x, is awesome. With the next standard, error messages from compilation of templated code will become comprehensible, thanks to concepts. This will mean using complex stl classes will be as easy as using java generics. Of course, designing the STL will still be hard, but I for one do not have to do that.
Also C++ will become viable for functional programming (which is possible but horrible nowadays) thanks to lambdas and closures.
I can't believe I just read "comprehensible" error messages and a mention of Java generics in the same paragraph.
Don't get me wrong, I love Java, but Generics were a tacked on hack and if you get into doing anything sufficiently complex with them, i.e. polymorphism and wildcard behaviors your image of them being "easy" and "comprehensible" will be tarnished.
Admittedly, I didn't do any serious Java programming since generics were introduced, so the comparison was mostly pulled out of my a**.
One thing that really disappoints me about C++ is the direction that it's been heading for the past 5 or 6 years - "template programming". In fact it's about as bad as perl in terms of readability and maintainability, but much worse for debuggability. I can't think of any programming "language" worse than C++ template programming. I stay away from Boost and really hate what it's doing to C++.
I respectfully disagree. The direction C++ is heading, with C++0x, is awesome. With the next standard, error messages from compilation of templated code will become comprehensible, thanks to concepts. This will mean using complex stl classes will be as easy as using java generics. Of course, designing the STL will still be hard, but I for one do not have to do that.
Also C++ will become viable for functional programming (which is possible but horrible nowadays) thanks to lambdas and closures.
I love python, but I see my own python projects (developed at astonishing speed) quickly become pretty ugly, as opposed to say, my C++ code which mostly has a reasonably thought out design. That's mostly ok, as most of them are prototypes anyway... but you never know when a prototype will turn into something else!
I think a robust python codebase requires strong committment to quality coding standards, and an automatic checker to enforce at least some of them. I'm not sure if pychecker cuts it. Otherwise it's just too easy to do potentially evil things (like adding members to a class from outside the class, which is convenient but very confusing too, or getting into the whole import mess with too many from import *). Oh and unit tests, unit tests...
Why not? GPL is a distribution license, it does not restricts normal usage, nor does it restricts any kind of distribution that is already legal under the existing copyright laws. Apple's software license in question is an EULA, and it restricts usage and redistribution far above and beyond plain copyright.
Thank you, I was sure there was a difference between the two but in my legal cluelessness I couldn't quite find what it was.
Apple had to struggle to find a single carrier willing to allow the iPhone. Google showed up with six. You don't get six times as many carriers by promising them less control.
Apple had to struggle because they were asking some 200+$ per handset sold from the carrier, into their pockets. Sorry don't remember the exact figure, but it was here on slashdot a few months ago, so it must be true :-)
So a carrier had to estimate the iphone would mostly attract new customers (rather than customers who would use their services anyways) or it would not be profitable (relative to having the same costumer with another phone).
Not giving one company too much information about me is the reason i don't use gmail (since I am constantly using google for searches).
The law should not care about apple's (or anyone else's) buiseness model. It should just care about providing a framework for a competitive market.
In my opinion, any license provision which enforces vertical integration should be unenforcable. I have not read TFA (hey, this is slashdot!), so I'll make a generic example. Let's say apple sells an operating system. It also sells computers with the os preinstalled. Let's say somebody else starts buying the operating system from apple, buying hardware from somewhere else, and selling the hardware with the operating system preinstalled. First sale doctrine should allow this. The assertion that the software is licensed rather than sold shouldn't in my non-lawyer opinion hold in court, since there are no recurring payments.
This is good for competition because it would force apple to have their hardware be competitively priced. Of course, if their hardware has a high cool factor (like the macbook air, or the iphone) and people are willing to pay extra for that, that doesn't mean it has to be cheap.
ones which are 10 times safer
The problem is that although robot cars could be proven 10 times safer than the average driver, nearly all drivers think they drive much more safely than the average driver.
I certainly do.
There's just so much time wasted on the road.
Link all the cars and let a computer control them and the moment the light goes green all the cars could accelerate at once rather than the first car moving off, then the second, then the third etc. On top of that throw in smarter traffic lights, better public transport systems(since there would be no need for drivers the money could be spent on more busses/trains) and being able to sleep on your way into work and you have a big winner
The solution to traffic congestion is not to be found in any amount of technology. It's called public transport. It's not a coincidence that the cities which are ranked highest by studies of quality of life:
http://www.finfacts.ie/qualityoflife.htm
have great public transport systems. Like Vienna, which is ranked 2nd, where most people just don't bother owning a car.
In case you are curious, the first US city ranks 28th (honolulu). If you want to read the newspaper on your way to work, underground/tram/bus is the way to go. Of course in many places it is not an option because there is no decent public transport, but this can be fixed. Quickly, if you tax motorists coming into town and spend the money on improving public transport.
From the website:
PLEASE NOTE THAT WHAT WAS CONSIDERED HUMOR EARLY IN THE 20TH CENTURY MIGHT TODAY BE DEEMED OFFENSIVE AND POLITICALLY INCORRECT. SOME OF THESE OLD SONGS REFLECT THAT.
I have to add some random text here so slashdot won't complain I have too many caps... There! slashdot cap protection hacked!
Since stuff like P2P and spam takes alot of bandwith without any of the service and content providers making money
Excuse me, but how do the ISPs make money? from users subscription. And why do users care that their internet access have decent bandwidth (beyond the cheap basic service they need to read their mail on google or yahoo?) because of large, multimedia downloads, which are effectively distributed (legally or illegally) over P2P.
The ISPs have no natural economic incentive to block whatever the users want to do, unless either:
a) they have a flawed billing model, where they provide extremely high bandwidth at a flat rate and expect users not to use it
OR b) anticompetitive, vertical integration: the ISPs are also content providers, and want to hook you into whatever shit they are selling you
Of course, anti-P2P regulation can provide such incentive (by giving ISPs big fines if they don't block P2P, for instance).
True, yet the odds are enormously larger that the number of objects smaller than 300m is considerably greater than the number that can be detected. This, logically, makes it relatively pointless to search for 'the biggies' when the risk of a cataclysmic sterilizing event secondary to a smaller, less than 300m , object has to be considerably higher.
A 300m object will make a big BOOM, but it won't kill many people unless it lands on Manhattan (which is unlikely). If we do a little game theory and use the number of human lifes lost as cost, we have to multiply the probability of an event by the number of people it will kill.
If the big asteroids (of the kind that made dinosaurs go extinct) happen once every 70 million years on average, and we assume they kill all of us 7 billions people when they hit, then the big asteroids kill 100 people a year on average.
"Blow" is the powdered form of cocaine. Most of the drug addicted hookers smoke crack cocaine, not powdered coke. Although some of the ones I know are heroin junkies, some are alcoholics, and some aren't addicted to anything except money (those are my favorites).
I pay 'em in cash, let 'em buy their own damned dope!
Since this was not posted as AC... this is either not true or surprisingly frank!
So, it will be able to track those objects of such size or greater that would , unavoidably, sterilize our planet ... yet be unable to track those ( dia 300m ) whose paths we actually might be able to deflect ...
but it is a start and is to be applauded....
Who says we can't deflect a 1km object? The point is, you can't do it Armageddon-style at the last minute. But you can give it a small push in some direction 10 orbits (or 30 years) before it hits us. That's why orbit predictions need to be 50 years ahead.
So what is worth tracking that is 1.1Pb of data? Are there really that many NEO that are to be concerned about? 1.1Pb is a LOT of data to manage, even with a cluster of "50 PC's". Will this data be used for modeling or just for tracking or a combination of both? I'm interested in the technical explanation for needing that large of storage.
My dad is currently in Hawaii, working on the data analysis software for Pan-STARRS, so I have a vague idea of what it is about.
It's not the NEO that use 1.1Pb of data, it's storage of the raw (high resolution) data from the telescope. In fact, I'm not even sure they CAN archive all the images.
The point of having it is finding NEO, computing their orbits, so we can be able to predict our doom (and maybe do something about it before it happens).
Actually I think the system also has civilian space-flight applications (finding space debris)
as well as military ones.
The people who don't understand this are not IT people who are going to be futzing with self-signed certs, or are IT people who need to clue up and understand the implications of using self-signed certs.
I'm talking about browser users, who have to decide whether to trust their email account or banking account password to a website based on feedback from the browser GUI. Cannot expect them to have a PhD in computer security.
http://www.gnome.org/~seth/blog/mono
As this blog post explains, while the current software patent situation exists, Mono is an unacceptable risk.
What makes Mono an 'unacceptable risk' but allows Wine to become one of the most often praised open source projects on Slashdot?
Wine can be used to run those few windows apps for which you do not have no linux replacement, under linux. Mono is a development environment which could be used for just about anything... what if gnome, or some important gnome apps, got ported to Mono, and the day after Microsoft comes up with the bill?.. or with usage restrictions of some kind... Please read the link in the parent post, before replying... Here it is again:
http://www.gnome.org/~seth/blog/mono
The whole point of SSL is to have some assurance that you are connecting to whom you think you're are connecting to.
No. As TFA says, there are 2 points to SSL. 1 is to provide confidentiality (encryption) the other is to authenticate the server to the user. A server with a self-signed certificate provides protection against passing (but not active) snooping. This is worse than what a real, trusted-third-party signed certificate provides, but it is better than no encryption at all!
So why does the firefox GUI make a site with a self-signed certificate appear (to the non-technical user) less secure than a plain HTTP site?
IMHO TFA is very much correct this is a problem. The solution is not obvious, because users are used to the lock icon and may not understand the concept that confidentiality and authentication are 2 separate protperties, so how do we design a GUI which does not mislead him.
No, it's not. It shouldn't prevent me from doing anything on my machine.
Correct. It shouldn't prevent you from doing anything on your machine. But it should take steps to ensure that you actually are doing things.
It should prevent other people from doing it behind my back.
And how is the OS supposed to know the difference? How does it know that you installed grub, and that it wasn't installed behind your back? How does it know that the grub installed hasn't been modified or tampered with? How does it know grub isn't a rootkit?
Taking the control of the computer's private key away from the user is not the only solution to this technical problem. Another one would be to have an option in the bios (which requires physical access and a password) to have the TPM sign a bootloader if I want to. I'm not saying this is the optimal solution, I'm sure there are better ones that could have been designed if the goal were really the user's security.
Vista's digital signatures requirements and checks -does- protect you from that sort of tampering. Its a good thing.
The only flaw, as I said in my post, is that vista doesn't give us a well defined method of trusting code that it doesn't trust by default.
I agree 100%. Except in my opinion this flaw is fundamental enough to make the entire feature harmful rather than useful.
The problem with Vista is that the process of 'signing' a copy of grub and getting Vista to trust it is not an established and well documented procedure, if it is even possible.
However, given that you can develop windows device drivers and test driver signing etc, and you can create 'developer signatures' that will apply to just your machine(s), there apparently **IS** a process for doing it.
So rather than disable Vista's driver signing and so forth, we should be signing GRUB so Vista knows that we trust it.
That would be nice, but Vista does not allow it. From some quick googling, this site came up:
http://msdn.microsoft.com/en-us/library/aa906239.aspx
Where it says:
For development and testing purposes only, kernel-mode code signing enforcement can be temporarily disabled. For more information, see Installing an Unsigned Driver During Development and Test (Windows Server 2008 and Windows Vista).
For general information about how to sign a Windows Server 2008 or Windows Vista driver for public release, see Signing Drivers For Public Release (Windows Server 2008 and Windows Vista).
Which means you can disable signing for development purposes. You cannot sign something for your local machine only. So we can either disable the signing feature, or let microsoft decide for us what we trust. The better option is to disable it, which adds exactly 0 to our security... and this option doesn't even seem to be available for bootloaders, which is what this thread is about.
Vista's security chain works as designed and intended, preventing from you to inject an untrusted bootloader into the bootstrap. Isn't that what we -want- from our security systems?
No, it's not. It shouldn't prevent me from doing anything on my machine. It should prevent other people from doing it behind my back. Personally, I trust grub more than I trust microsoft (not a fair comparison, I admit, Windows is a fair bit more complicated, and therefore buggy, than grub)
I'm failing to see why this is a big deal. Software is in place to check for a piece of third party code intercepting your encryption key... It successfully detects GRUB as such software, and stops. So what?
This is a flaw of the trusted computing architecture. If the partition of the trusted OS (Vista) is encrypted, Multiboot does not break trust, because the other OS cannot decrypt the partition. But in trusted computing, if an untrusted bootloader loads a trusted OS the chain of trust is broken.
If trusted computing were designed with the user's interest in mind, the user would be able to decide that the bootloader he is using (grub) is trusted, sign it with a key which enables that bootloader only on his computer, and get on with his life. But now we have to wait for Microsoft to implement and sign a real bootloader... good luck with that.
I am not interested in any virtual 3d world that isn't decentralized, meaning that anyone can set up their own server with their own rules, with the ability to easily and seemlessly travel between servers. Something like a 3d version of the www.
I second that 100%. A 3D-equivalent of the WWW would perhaps have many advantages (as usual, it is hard to imagine how we would really use it), but it needs to be as open as the WWW to be of any real use. So there needs to be an interoperable standard for avatars, and a standard protocol for your "browser" to interact with any 3d server. Why would I, as a company, invest in an online store inside second life, which is an environment over which I have 0 control, where some other company has the power to print money?
We are having a civilized conversation here... but this is slashdot! Please someone start a flame war!