Goodness, my question was a technological one of whether there is a lack of physical data available in blood, and whether or not we have the technology available to analyse it if it's there.
Asked another way, would it HELP or HURT you as a doctor if you could know the contents of a patient's blood down to molecular counts compared to population baselines.
Your rant makes it sounds like you would rather no improvements ever be made in blood testing technology. Why exactly I'm still not sure, but it sounds like it'd mean having to talk to and explain things to more patients than currently.
I would rather have doctors analyzing patients themselves, along with the readouts from impartial machines. What's the annual number of deaths in the US from misdiagnosis and mistreatment? 70,000? 100,000? Will having more accurate testing methods increase or decrease that number?
Just look at the infrared example - from blobs to definition in only 8 frames. Resolution enhancement is a very busy field, the examples there are not the best possible but citeseer seems to have died on me.
I've always wondered what was complicating just getting a blood test, analyzing it and telling you every imaginable thing about your physical condition. Viruses, markers indicating bone damage, infection, stressed liver/kidneys, metastacizing cancers, there should be chemical indications of all these things in a few mls of blood, shouldn't there?
Is the complication that these markers don't exist in blood, or that we don't have the technology to pour some blood into a machine, thin it out onto a scanning surface, and have a computer automatically analyze every single piece of matter in the sample and tablulate the results (stupid question, I know)? Heck, proteins and the body's checmical signals might not even be visually identifiable.
It just seems like visually analyzing blood like that would be a medical-computing holy grail.
But then again, we can't even get optical character recognition working, let alone optical 10^9-different-chemicals recognition.
Well there are two things you can do here with motion estimation - interpolating temporally or aligning spatio-temporally. It sounds like you're referencing motion compensated temporal interpolation, creating new frames in-between others.
In order to increase spatial resolution you need multiple samples of the same target - photography often makes this impossible, which is where motion estimation and compensation come in. You move pixels around from multiple sequential shots so they're in the right place to allow the spatial upsampling (spatially align motion-related differences of multiple frames).
I thought we were pushing the theoretical limit for that - there are only so many photons impacting the sensor surface, and it's not possible to catch many more with much more accuracy than we already are. Sure we can make each sensor smaller, but that doesn't create more light. Short of making the sensors themselves larger and larger (say 5" x 4"), all I can see for improving quality is (drum roll...)
Yes the technology is real, but even worse for camera designers they'll have to include motion compensation as well - tracking the motion of every object between shots and interpolating between them to decide where they should be. This technology already exists for televisions that deinterlace signals into progressive streams (or do it properly, anyway) - there are systems that, should a clock's pendulum swing left and right in subsequent half-height frames, will output a single higher-resolution frame with the pendulum in the middle. After all, that's where it decided its motion would take it.
So the future of digital cameras won't be hardware, but software wizardry. There's still plenty of room to improve too - if you've ever seen before/after pictures from satellites that NASA has worked their wizardry on, you'll see the kind of improvement we can still get from our cameras.
Good call. I'm not sure why C++ is being mandated for something that has stability as a top priority. Though there are some language-independent things that should be taken into account:
Executive summary of this post: Keep it simple. As simple as it can be while getting the job done. The more buzzwords you think about implementing, the more you need to reconsider whether you really need that whiz-bang feature.
You need to abstract your design into really independent layers, such that the backend processing can be done across linux, windows and even beos slaves simultaneously, and the frontend is viewable via a web interface, fed into excel or whatever. You can't look at this as one big project, but many independent (and more easily verifiable!!) applications cooperating with each other.
My impression from the description is that you want a system like folding@home for corporate customers - they have a whole heap of data they want analyzed (parallel workload across many clients) and a small subset of results they're interested in. Don't make things any more complicated than they have to be - the data sets could simply be files that are partitioned by a master, sent out when requested to client workhorse computers, getting there by http, nfs or whatever, processed, and the results returned into an incoming directory for a simple frontend to tabulate.
The biggest mistake you could make is having one gargantuan application in charge of everything. The race conditions will drive you mad, be they in data access, allocation, retrieval, dispatch or anything else you're trying to manage that the OS could do for you.
Just look at Froogle. Their millions upon millions of store/price listings are fed by people ftp'ing a feed of tab-separated text values.
I can't help but feel disappointed that for every new discovery surrounding Tut, his accomplishments and wealth were insignificant compared to the majority of Egyptian rulers. We'll barely know a fraction of what we could if their tombs were similarly intact.
Just think of all the history that is gone forever - the Alexandrian library containing most of the world's knowledge up to that point, the slaughter of the Druids, who thanks to not having a system of writing took their people's knowledge rites and history with them to the grave, the Indus civilization which 5,300 years ago developed cities that were more sophisticated than many that Pakistan's and India's people currently live in, where the hell the Basque people came from and why their culture is so distinct from the rest of Europe, the origins of the Sphynx, and heck a lot more. All gone forever.
Although it doesn't have specific goals in mind, there is at least one infectious agent that alters a person's mind - rabies. The symptom that most surprises me is the fear of water that rabies infectees have - even the sight of it can invoke spasms.
I wonder what other viruses/bateria there are that can alter behaviour.
Oh I don't know, I think it's more likely they're planning on becoming a new Tier-1 provider. Why sign up with some dinosaur like UU or MCI when you could go with Google, with their brand-new equipment, great reputation and probably amazing automated network filtering, all for probably less? Heck they'd probably throw in some special search bonus, or start doing distributed hosting and completely annihilate Akamai.
Imagine a free service where you upload your site to Google's network (assume some Google site API - markup and database handlers creating a "Ruby on Google" or some such) and they take care of it thereafter? No more worrying about capacity or bandwidth ever again, just for Google being able to put ads on the page. There could be templates for common site types like merchants, so any merchant's site added would automatically have every item indexed by Froogle, since adding an item for sale has mandated metadata along with it. Think Yahoo Stores, only useful.
Being a true backbone of the real internet would let them continue being an information hub of the information that counts (instead of some splinter internet that no one will be on), and give them a lot of sway in rolling out new protocols - those inside Google's network get the benefits of multicasting, etc., but those outside who only peer with Google will get the feeds put out by the border routers downgrading stuff for those backbones who aren't latest-and-greatest yet.
I was sure there was a semi-recent interview by Slashdot with someone that worked at the USPTO, but I can't seem to find it.
But really, can anyone fathom what actually goes on inside the USPTO? One assumes there must be people there who are fighting the incompetence and denying patents, only to be disciplined or fired, but I can't think of any examples of that. I just don't see how the USPTO could a) keep qualified people out or b) keep the qualified people inside from denying patents without using some kind of retribution.
If I worked there, you can be damn sure that I'd deny 90% of the tech-related patents that came across my desk, fully justifying each decision, and wholly expecting to be disciplined or fired for not being a rubber-stamp. Then I'd sure as hell make a big stink about it. Why isn't this happening?
This chip would be a dream for me - uses 20 watts, dual-core, high-performance, very overclockable - this is what I would die to build a silent-running desktop PC around. The problem with AMD's dual-cores is that they start at 60+ watts - hardly anything compared to Intel, but when you're trying to build a system with 1, maybe 2 fans total it's not easy to exhaust that heat.
Unfortunately it looks like the Banias/Dothan fiasco again, where desktop boards either don't exist, cost $350, or are so crippled they're not worth buying. Hopefully that'll change, or Conroe (the desktop edition of these Yonah chips) won't add too much by way of heat.
You can hack it in by making a user for every program, but I don't think that should be necessary. Besides, who'd want to do that? And also, there's still a lot of privileges that existing security models don't support - i.e. what if I don't want program P to be able to access the network apart from port 80? Then I need an additional tool to the existing OS security subsystem, whereas there's no reason that the networking stack shouldn't be considered an object with an ACL, like a registry key or a directory.
I believe the OS should automatically treat every process as a privilege-less user (that is, can access and do nothing). a standard for delimiting access rights should be stored as a manifest for the program for easy setup from trusted distributors, such that you'd get say iexplore.exe, right-click iexplore.acl, "Assign Rights", and you'd have a browser configured that can only do those actions set out in iexplore.acl. Such as, read only access to itself and its own directory, write access to an incoming files directory, read/write to its own registry key and the temp folder, outgoing network access to tcp port 80, and that's it. It shouldn't be allowed to spawn child processes, read system information like hostname, username, usergroup, OS version, and it can't because all those permissions were absent from iexplore.acl (but can of course be assigned).
I just can't stand the idea of a process having all the abilities of its running user with no way to limit them. The only workaround is creating more users and groups, numbering in the hundreds for any usable installation.
To be fair, what they're being asked to accomplish isn't exactly computationally cheap.
Think about it - you have to intercept any possibly-dangerous API call that any program makes (i.e. any file or registry access, and a whole host of basic win32 calls), sanity-check the arguments of all those API calls, analyze programs at runtime for polymorphic virus behaviour, and all on top of the OS's own checking it does anyway. Hooking isn't free, and double-checking everything the kernel and shell are being requested to do is going to kick performance in the pants.
That's why I'd rather the OS had the ability to perform these checks as part of its own security subsystem. The most important thing that most 3rd party tools do is set up jails around processes - say Internet Explorer can't write to %SYSTEMDIR% or execute child processes. I've always thought that belonged in any sane security system - I don't want my web browser having read OR write access to my Excel files, even though the user executing it DOES have that access. Short of creating new restricted users for every program and runas'ing them all, I think it's the OS's job to facilitate easy control of what processes can do, regardless of who's running them.
Even when notepad.exe's being ran by Administrator, it shouldn't have the right to listen on TCP ports. Programs should have their rights limited, just as users do.
Indeed - from the sounds of things, all the API hooks and extra levels they've had to add for such security systems sound like a proto-operating system in itself.
I think there's a real need for extending the Windows ACL system even further than it already is to encompass programs as well as users - that way the built-in security subsystem could be utilized instead of ever-more hacks. I want to be able to bring up a property sheet and say:
- process x can't write to directory tree y, even if the running user z has write access there (so only, say, MS Word can write to/My Documents/Word Stuff/) - process x can't be controlled via automated means (so that if only Explorer.exe has the ability to delete your files, it can't be scripted to do so by a shell script, SendInput() API calls, etc.) - default setting of processes being unable to access the networking subsystem, or processes having access to TCP ports on a per-port basis (ACL subsystem becomes a firewall) - only process x can alter ACL information - etc.
The issue I have with assigning rights on a per-user granularity is that once you're running under a user's credentials, you can do *anything* they can surreptitiously. Running as an unprivileged user, an exploit in Firefox will still let it hose your profile, start up trojans under the user's login and anything else. If the Firefox process itself is prevented from spawning read/write/delete/execute actions anywhere but a set of temporary and incoming directories, it's almost bullet-proof.
Are there any operating systems out there with per-user AND per-process ACLs? If not why not? Are there glaring issues I'm missing? I don't want to have to make a "firefoxuser" login that has everything disabled apart from read-only access to Firefox.exe and write-only to a temp directory somewhere, then do something similar for EVERY other program, I want to be able to constrain a program itself regardless of the user running it.
I'm actually not sure what I'd do if I was feeding pigeons in the park, and one flapped down next to me with a Borg-like attachment on its back and a camera pointed at me.
I think that the future of software security measures is network-connectivity. Think battle.net, windowsupdate, product activation.. deliberately leaving functionality out of a product and fulfilling it remotely with authorization. People can pirate the software, but they won't get the full (or perhaps any) functionality unless they have a valid key to communicate with the maker. I could imagine a version of MS Word that doesn't have any file export functionality - attempts to save make the program send raw data to Microsoft, who then sends a DOC file back.
Sure it'll be a pain, but most people won't care. I've never had a conversation with a Joe Sixpack friend that mentioned any kind of discontent regarding software security measures - they just assume it's the way it has to be.
Just as I exposed earlier, it seems obvious to me that people interested in cryonics and/or gene therapy to stymie God's garbage-collection algorithm (cancer) and reach immortality, are without a doubt either liberal abortion supporters, or liberal abortion doctors themselves. Whoever this Christoph Plass person is, not doubt his doctorate is in abortionology.
This zeal for controlling the forces of life is what drives liberal doctors to abort any gestating beings they can get their hands on, and no doubt their jobs will be easier now that they can extend their lives to an unheard-of 70 years or more.
I'll keep fighting from the trenches, but there's a finite limit on how much I can pray for GLAD members. Some day I'll start a distributed prayer network, I guess with some kind of prayer encapsulation format, QoS guaranteed! Until then, I can use your help.
By "They" I assume you mean GLAD, because I don't know of anyone but the cabal of geriatric liberal abortion doctors who would experiment on a fetus, though it's not their usual game. But then I suppose they can't spend all their time aborting things, experimentation is another depravity of the liberal mind.
I assume that "Georie" is some liberal codename for the anti-abortion freedom fighters over at the NRLC, but I can assure you they have no lack of brain tissue!
I can only pray that more and more people, preferably photogenic children, develop debilitating heart problems immediately. More doctors will then enter the cardiology field instead of being seduced by the cabal of geriatric liberal abortion doctors (GLAD). If just one extra life is born, those thousands of bed-ridden heart patients will be heroes in my book, and I'll know my prayers will have been answered.
I prefer extrasane, or perhaps sane 2.0 hi-speed. I have what non-liberal doctors will no doubt recognise some day as a heightened state of awareness, a state that all people would naturally be in had their minds not been poisoned by liberalism since birth, if they were even permitted being born at all!
I'll put "Anonymous Coward" on my prayer cron job list, so that my xeon will plead with God for your soul overnight. My personal prayer time is all booked up unfortunately.
Testify! It's good to see others that have wised up to wine's pro-abortion nature.
Yes, wine was invented by Jesus Christ some 1,980 years ago in the Middle East, to sate a crowd of his followers. Several of Satan's most liberal servants realised that people would associated wine with miracles (no doubt they'd be in marketing today!), and went about tainting man's attempts at recreating the divine drink. Now it's just a pungent chemical broth that does little but weaken women's resistance to the sweet song of the liberal abortion doctor, no doubt Satan's most dangerous still-living servant.
It's no surprise to me that to this day, wine connoisseurs are exclusively liberal to the point that wine tastings are kicked off with a ceremonial abortion. No doubt a perversion of a ribbon-cutting, but who can fathom the mind of an abortionist?
When I'm downloading gigabytes of presidential address footage, the last thing I want to do is encourage abortion!
Out of all the BitTorrent implementations, uTorrent is the only one using UPX to compress its executable. Data compression, particularly the unholy NRV (No Redeeming Virtues) algorithm that UPX uses, is focused on throwing away that which it finds redundant, replaceable and poorly formed. Sound familiar? These compression authors even compete as to who can throw the most away. I've heard abortion doctors keep such perverse scorecards as well.
Would I be surprised if Ludvig Strigeus, Markus F.X.J. Oberhumer and László Molnár were not only all liberals, but liberal abortion doctors no less?
I know the first thing that occurs to most people upon hearing about cryogenics is that these people are cheating death, the beautiful natural order of the world! It's this same desire to control life that drives liberal doctors to abort any gestating being they can get their hands on. Would I be surprised if this Pizer character was leading some cabal of geriatric abortion doctors, hell-bent on living forever while preventing any new human life from appearing?
Slashdot Mirror
Goodness, my question was a technological one of whether there is a lack of physical data available in blood, and whether or not we have the technology available to analyse it if it's there.
Asked another way, would it HELP or HURT you as a doctor if you could know the contents of a patient's blood down to molecular counts compared to population baselines.
Your rant makes it sounds like you would rather no improvements ever be made in blood testing technology. Why exactly I'm still not sure, but it sounds like it'd mean having to talk to and explain things to more patients than currently.
I would rather have doctors analyzing patients themselves, along with the readouts from impartial machines. What's the annual number of deaths in the US from misdiagnosis and mistreatment? 70,000? 100,000? Will having more accurate testing methods increase or decrease that number?
Yep that's what you can do - zoom in (spatial interpolation) via multiple samples of the same point.
h tm
http://www.cse.ucsc.edu/~milanfar/SR/sr-examples.
Just look at the infrared example - from blobs to definition in only 8 frames. Resolution enhancement is a very busy field, the examples there are not the best possible but citeseer seems to have died on me.
I've always wondered what was complicating just getting a blood test, analyzing it and telling you every imaginable thing about your physical condition. Viruses, markers indicating bone damage, infection, stressed liver/kidneys, metastacizing cancers, there should be chemical indications of all these things in a few mls of blood, shouldn't there?
Is the complication that these markers don't exist in blood, or that we don't have the technology to pour some blood into a machine, thin it out onto a scanning surface, and have a computer automatically analyze every single piece of matter in the sample and tablulate the results (stupid question, I know)? Heck, proteins and the body's checmical signals might not even be visually identifiable.
It just seems like visually analyzing blood like that would be a medical-computing holy grail.
But then again, we can't even get optical character recognition working, let alone optical 10^9-different-chemicals recognition.
Well there are two things you can do here with motion estimation - interpolating temporally or aligning spatio-temporally. It sounds like you're referencing motion compensated temporal interpolation, creating new frames in-between others.
In order to increase spatial resolution you need multiple samples of the same target - photography often makes this impossible, which is where motion estimation and compensation come in. You move pixels around from multiple sequential shots so they're in the right place to allow the spatial upsampling (spatially align motion-related differences of multiple frames).
Interpolation through motion compensation! Yes that brain-ruining technology that takes multiple low-resolution shots of a scene and merges them into a single high-resolution shot!
Yes the technology is real, but even worse for camera designers they'll have to include motion compensation as well - tracking the motion of every object between shots and interpolating between them to decide where they should be. This technology already exists for televisions that deinterlace signals into progressive streams (or do it properly, anyway) - there are systems that, should a clock's pendulum swing left and right in subsequent half-height frames, will output a single higher-resolution frame with the pendulum in the middle. After all, that's where it decided its motion would take it.
So the future of digital cameras won't be hardware, but software wizardry. There's still plenty of room to improve too - if you've ever seen before/after pictures from satellites that NASA has worked their wizardry on, you'll see the kind of improvement we can still get from our cameras.
Executive summary of this post: Keep it simple. As simple as it can be while getting the job done. The more buzzwords you think about implementing, the more you need to reconsider whether you really need that whiz-bang feature.
You need to abstract your design into really independent layers, such that the backend processing can be done across linux, windows and even beos slaves simultaneously, and the frontend is viewable via a web interface, fed into excel or whatever. You can't look at this as one big project, but many independent (and more easily verifiable!!) applications cooperating with each other.
My impression from the description is that you want a system like folding@home for corporate customers - they have a whole heap of data they want analyzed (parallel workload across many clients) and a small subset of results they're interested in. Don't make things any more complicated than they have to be - the data sets could simply be files that are partitioned by a master, sent out when requested to client workhorse computers, getting there by http, nfs or whatever, processed, and the results returned into an incoming directory for a simple frontend to tabulate.
The biggest mistake you could make is having one gargantuan application in charge of everything. The race conditions will drive you mad, be they in data access, allocation, retrieval, dispatch or anything else you're trying to manage that the OS could do for you.
Just look at Froogle. Their millions upon millions of store/price listings are fed by people ftp'ing a feed of tab-separated text values.
I can't help but feel disappointed that for every new discovery surrounding Tut, his accomplishments and wealth were insignificant compared to the majority of Egyptian rulers. We'll barely know a fraction of what we could if their tombs were similarly intact.
Just think of all the history that is gone forever - the Alexandrian library containing most of the world's knowledge up to that point, the slaughter of the Druids, who thanks to not having a system of writing took their people's knowledge rites and history with them to the grave, the Indus civilization which 5,300 years ago developed cities that were more sophisticated than many that Pakistan's and India's people currently live in, where the hell the Basque people came from and why their culture is so distinct from the rest of Europe, the origins of the Sphynx, and heck a lot more. All gone forever.
Although it doesn't have specific goals in mind, there is at least one infectious agent that alters a person's mind - rabies. The symptom that most surprises me is the fear of water that rabies infectees have - even the sight of it can invoke spasms.
I wonder what other viruses/bateria there are that can alter behaviour.
Oh I don't know, I think it's more likely they're planning on becoming a new Tier-1 provider. Why sign up with some dinosaur like UU or MCI when you could go with Google, with their brand-new equipment, great reputation and probably amazing automated network filtering, all for probably less? Heck they'd probably throw in some special search bonus, or start doing distributed hosting and completely annihilate Akamai.
Imagine a free service where you upload your site to Google's network (assume some Google site API - markup and database handlers creating a "Ruby on Google" or some such) and they take care of it thereafter? No more worrying about capacity or bandwidth ever again, just for Google being able to put ads on the page. There could be templates for common site types like merchants, so any merchant's site added would automatically have every item indexed by Froogle, since adding an item for sale has mandated metadata along with it. Think Yahoo Stores, only useful.
Being a true backbone of the real internet would let them continue being an information hub of the information that counts (instead of some splinter internet that no one will be on), and give them a lot of sway in rolling out new protocols - those inside Google's network get the benefits of multicasting, etc., but those outside who only peer with Google will get the feeds put out by the border routers downgrading stuff for those backbones who aren't latest-and-greatest yet.
I was sure there was a semi-recent interview by Slashdot with someone that worked at the USPTO, but I can't seem to find it.
But really, can anyone fathom what actually goes on inside the USPTO? One assumes there must be people there who are fighting the incompetence and denying patents, only to be disciplined or fired, but I can't think of any examples of that. I just don't see how the USPTO could a) keep qualified people out or b) keep the qualified people inside from denying patents without using some kind of retribution.
If I worked there, you can be damn sure that I'd deny 90% of the tech-related patents that came across my desk, fully justifying each decision, and wholly expecting to be disciplined or fired for not being a rubber-stamp. Then I'd sure as hell make a big stink about it. Why isn't this happening?
This chip would be a dream for me - uses 20 watts, dual-core, high-performance, very overclockable - this is what I would die to build a silent-running desktop PC around. The problem with AMD's dual-cores is that they start at 60+ watts - hardly anything compared to Intel, but when you're trying to build a system with 1, maybe 2 fans total it's not easy to exhaust that heat.
Unfortunately it looks like the Banias/Dothan fiasco again, where desktop boards either don't exist, cost $350, or are so crippled they're not worth buying. Hopefully that'll change, or Conroe (the desktop edition of these Yonah chips) won't add too much by way of heat.
Is this the first time anyone else has heard of the "Integrity Committee of the President's Council on Integrity and Efficiency"?
You'd think they'd have popped up earlier during, oh, the 12 or so major scandals that have hit congress and the white house in recent months.
You can hack it in by making a user for every program, but I don't think that should be necessary. Besides, who'd want to do that? And also, there's still a lot of privileges that existing security models don't support - i.e. what if I don't want program P to be able to access the network apart from port 80? Then I need an additional tool to the existing OS security subsystem, whereas there's no reason that the networking stack shouldn't be considered an object with an ACL, like a registry key or a directory.
I believe the OS should automatically treat every process as a privilege-less user (that is, can access and do nothing). a standard for delimiting access rights should be stored as a manifest for the program for easy setup from trusted distributors, such that you'd get say iexplore.exe, right-click iexplore.acl, "Assign Rights", and you'd have a browser configured that can only do those actions set out in iexplore.acl. Such as, read only access to itself and its own directory, write access to an incoming files directory, read/write to its own registry key and the temp folder, outgoing network access to tcp port 80, and that's it. It shouldn't be allowed to spawn child processes, read system information like hostname, username, usergroup, OS version, and it can't because all those permissions were absent from iexplore.acl (but can of course be assigned).
I just can't stand the idea of a process having all the abilities of its running user with no way to limit them. The only workaround is creating more users and groups, numbering in the hundreds for any usable installation.
To be fair, what they're being asked to accomplish isn't exactly computationally cheap.
Think about it - you have to intercept any possibly-dangerous API call that any program makes (i.e. any file or registry access, and a whole host of basic win32 calls), sanity-check the arguments of all those API calls, analyze programs at runtime for polymorphic virus behaviour, and all on top of the OS's own checking it does anyway. Hooking isn't free, and double-checking everything the kernel and shell are being requested to do is going to kick performance in the pants.
That's why I'd rather the OS had the ability to perform these checks as part of its own security subsystem. The most important thing that most 3rd party tools do is set up jails around processes - say Internet Explorer can't write to %SYSTEMDIR% or execute child processes. I've always thought that belonged in any sane security system - I don't want my web browser having read OR write access to my Excel files, even though the user executing it DOES have that access. Short of creating new restricted users for every program and runas'ing them all, I think it's the OS's job to facilitate easy control of what processes can do, regardless of who's running them.
Even when notepad.exe's being ran by Administrator, it shouldn't have the right to listen on TCP ports. Programs should have their rights limited, just as users do.
Indeed - from the sounds of things, all the API hooks and extra levels they've had to add for such security systems sound like a proto-operating system in itself.
/My Documents/Word Stuff/)
I think there's a real need for extending the Windows ACL system even further than it already is to encompass programs as well as users - that way the built-in security subsystem could be utilized instead of ever-more hacks. I want to be able to bring up a property sheet and say:
- process x can't write to directory tree y, even if the running user z has write access there (so only, say, MS Word can write to
- process x can't be controlled via automated means (so that if only Explorer.exe has the ability to delete your files, it can't be scripted to do so by a shell script, SendInput() API calls, etc.)
- default setting of processes being unable to access the networking subsystem, or processes having access to TCP ports on a per-port basis (ACL subsystem becomes a firewall)
- only process x can alter ACL information
- etc.
The issue I have with assigning rights on a per-user granularity is that once you're running under a user's credentials, you can do *anything* they can surreptitiously. Running as an unprivileged user, an exploit in Firefox will still let it hose your profile, start up trojans under the user's login and anything else. If the Firefox process itself is prevented from spawning read/write/delete/execute actions anywhere but a set of temporary and incoming directories, it's almost bullet-proof.
Are there any operating systems out there with per-user AND per-process ACLs? If not why not? Are there glaring issues I'm missing? I don't want to have to make a "firefoxuser" login that has everything disabled apart from read-only access to Firefox.exe and write-only to a temp directory somewhere, then do something similar for EVERY other program, I want to be able to constrain a program itself regardless of the user running it.
I'm actually not sure what I'd do if I was feeding pigeons in the park, and one flapped down next to me with a Borg-like attachment on its back and a camera pointed at me.
Smile? Give it my lunch?
I think that the future of software security measures is network-connectivity. Think battle.net, windowsupdate, product activation.. deliberately leaving functionality out of a product and fulfilling it remotely with authorization. People can pirate the software, but they won't get the full (or perhaps any) functionality unless they have a valid key to communicate with the maker. I could imagine a version of MS Word that doesn't have any file export functionality - attempts to save make the program send raw data to Microsoft, who then sends a DOC file back.
Sure it'll be a pain, but most people won't care. I've never had a conversation with a Joe Sixpack friend that mentioned any kind of discontent regarding software security measures - they just assume it's the way it has to be.
This zeal for controlling the forces of life is what drives liberal doctors to abort any gestating beings they can get their hands on, and no doubt their jobs will be easier now that they can extend their lives to an unheard-of 70 years or more.
I'll keep fighting from the trenches, but there's a finite limit on how much I can pray for GLAD members. Some day I'll start a distributed prayer network, I guess with some kind of prayer encapsulation format, QoS guaranteed! Until then, I can use your help.
By "They" I assume you mean GLAD, because I don't know of anyone but the cabal of geriatric liberal abortion doctors who would experiment on a fetus, though it's not their usual game. But then I suppose they can't spend all their time aborting things, experimentation is another depravity of the liberal mind.
Thanks for bringing this to my attention.
I assume that "Georie" is some liberal codename for the anti-abortion freedom fighters over at the NRLC, but I can assure you they have no lack of brain tissue!
I can only pray that more and more people, preferably photogenic children, develop debilitating heart problems immediately. More doctors will then enter the cardiology field instead of being seduced by the cabal of geriatric liberal abortion doctors (GLAD). If just one extra life is born, those thousands of bed-ridden heart patients will be heroes in my book, and I'll know my prayers will have been answered.
Here's hoping!
I'll put "Anonymous Coward" on my prayer cron job list, so that my xeon will plead with God for your soul overnight. My personal prayer time is all booked up unfortunately.
Testify! It's good to see others that have wised up to wine's pro-abortion nature.
Yes, wine was invented by Jesus Christ some 1,980 years ago in the Middle East, to sate a crowd of his followers. Several of Satan's most liberal servants realised that people would associated wine with miracles (no doubt they'd be in marketing today!), and went about tainting man's attempts at recreating the divine drink. Now it's just a pungent chemical broth that does little but weaken women's resistance to the sweet song of the liberal abortion doctor, no doubt Satan's most dangerous still-living servant.
It's no surprise to me that to this day, wine connoisseurs are exclusively liberal to the point that wine tastings are kicked off with a ceremonial abortion. No doubt a perversion of a ribbon-cutting, but who can fathom the mind of an abortionist?
Stay strong.
When I'm downloading gigabytes of presidential address footage, the last thing I want to do is encourage abortion!
Out of all the BitTorrent implementations, uTorrent is the only one using UPX to compress its executable. Data compression, particularly the unholy NRV (No Redeeming Virtues) algorithm that UPX uses, is focused on throwing away that which it finds redundant, replaceable and poorly formed. Sound familiar? These compression authors even compete as to who can throw the most away. I've heard abortion doctors keep such perverse scorecards as well.
Would I be surprised if Ludvig Strigeus, Markus F.X.J. Oberhumer and László Molnár were not only all liberals, but liberal abortion doctors no less?
I'm not that blind.
You know why I don't support cryonics?
Its pro-abortion message.
I know the first thing that occurs to most people upon hearing about cryogenics is that these people are cheating death, the beautiful natural order of the world! It's this same desire to control life that drives liberal doctors to abort any gestating being they can get their hands on. Would I be surprised if this Pizer character was leading some cabal of geriatric abortion doctors, hell-bent on living forever while preventing any new human life from appearing?
I'm not that blind.