For some intro info about the space elevator, try starting at the wikipedia entry on it. In short, if the cable is long enough, with the proper counterweight, the center of gravity of the cable + counterweight will be at geostationary orbit. So it won't be attached to *anything* at *either* end. It'll just hang there, in sync with the earth's rotation. We'll then attach climbers to it & use it like a big pole that we'll climb to orbit, rather than using rockets.
A straight tower couldn't be built. The tensile pressures on the building would be insane. Heck, we can't even make the ribbon yet, and it's an easier task (though still not exactly easy) than trying to build full-on girders.
I have one word for you: extradition. The US and the UK have extradition treaties. If the spamhaus folks are found guilty of contempt, it will be possible for the US to request their extradition from the UK.
The reality is that if Spamhaus gets around the court order by switching domain to maintain the blocking, the judge would very likely then rule us in criminal contempt. We don't want a criminal record for the sake of fighting spam. We normally help fit the spammers with criminal records, not the other way round.
While it's technically true that they could get around it, legally, it's not a great idea.
Crooked elections offices don't need encryption keys to rig an election,
DRM isn't the *only* tool you should use to protect an election...of course. But, it's a useful safeguard for one threat. Dismissing it just because there are other attack vectors is silly.
The elections office does have final say over what *version* of the software is installed, but they do not have personal and private control over what goes in that version. Again, giving them direct control of the software in the voting machine would give them direct control over whether their party wins the election they are overseeing (and therefore whether they keep a job in many cases), which is a conflict of interest.
With DRM, to compromise a given version, you need the elections officials and the vendor to act in tandem, which is still possible, but much harder.
That defeats the point of DRM in a voting system. The whole point of DRM'ing a voting machine is so that a crooked elections office can't put in their own version of the code. If you force the authors to release their signing keys, you make it impossible to address that threat. So GPLv3 voting machines will always be vulnerable to this sort of attack.
Oh, please. Schneier is a well-known expert on cryptography, he wrote the "bible" for introductory cryptography, he founded an MSSP...he doesn't need the speaking gigs to have a comfortable income. Ad hominem attacks do nothing to weaken the strength of his arguments.
I live in Montgomery County (and, so, had to cast a provisional ballot this morning). A few responses:
1) Why are we using computers?
Two reasons: a) Congress passed out lots of money to computerize elections after the 2000 fiasco, and state governments are all for federal handouts. b) Election folks want to be able to make official pronouncements on the night of the election, rather than being "scooped" by the news media with exit polls. Yeah, it's a selfish reason, but noone ever said this was a pretty system.
2) Will we ever learn?
The Diebold boxes have been semi-contentious, but the issue of their accuracy has been caught up in partisan politics at the Maryland state level. The governor (the first Republican governor in a couple decades for Maryland) started casting doubts on the voting machines accuracy & making sympathetic noises about verification trails a few months ago. The chief of the state elections board is a Democrat. So, the governor's comments were seen as a not-very-subtle attempt to have the elections chief ousted & replaced with a Republican, so the Democrats rallied around the elections chief. Unfortunately, that means that the majority party in the state legislature is now supporting the machines, if only to protect one of their own.
Those of us who just want a paper ballot are generally pissed off about this, since any comment we make now is seen as a partisan attack rather than a technological comment.
Ummm...the whole problem here is that a running OS can be moved to a guest OS. You can't "own the topmost hypervisor", because anything can still be moved to a guest OS even if it started at the "top." The whole question here isn't whether you can be moved down (you can), but whether you can detect that it's happened.
Feel free to correct me if I've mis-understood, but your position seems to be that while it may be prohibitively hard to detect the a trojan hypervisor, it's still technically possible. Joanna presented as if BluePill were undetectable, you're contesting that it's detectable, just hard.
From a practical point of view, there's little difference between those two positions. In fact, if it's so hard that no one will do it, there's operationally zero difference between those two positions. To me, this sounds like the beginning of every other arms race between malware writers and detectors, but at a lower level.
Granted, this is all still pretty theoretical, since she's just releasing a PoC, and there aren't enough systems with either VTx or SVM for this to be a practical attack in the real world.
This is hardware virtualization we're talking about, not software. The processor manufacturers have built virtualization calls into their chipsets. The side-effect of this is that the hypervisor can simply tell the bios "I'm the hypervisor...but, only call me when these specific requests are made." So, the hypervisor could simply choose to ignore the sound and video hardware, leaving those as fast as they were before.
The only way to tell the hypervisor is there is to find a CPU call that the hypervisor *does* care about, and compare how long it takes to run that command before & after the rootkit pushes the OS to a guest OS. That's what the Xen guy is talking about.
(I was at Rutkowska's talk...I'm not sure I buy the Xen guy's response.)
Actually, that is precisely what it does (well, value, but again, I'm glossing over the difference). That's the whole point. I can't stress this enough: the economy is not a zero-sum game. Someone else does not have to lose for you to gain.
Forget money & purchases for a moment...let's talk just value and straight barter: what happens when two people trade items which they themselves can't use, but the other can? For example, you trade with your neighbour, giving him a wood lathe for a computer. Since you can't use the wood lathe, its value to you is low. Since your neighbor can't use the computer, its value to him is low. But, you can use the computer, so its value to you is high. Similar for the wood lathe & your neighbor. So, after the trade, you both have things that have value to you. By trading objects, you each gained value, but the total amount of *stuff* in the system remained the same. Value appeared *out* *of* *nowhere* simply due to trading.
I've been glossing over the difference between money and value because money is supposed to serve as a proxy for value...so, for purposes of this debate, they're the same thing.
but you could apply that Microsoft argument to anything - the fact I'm at work happier and programming faster because I have a Led Zeppelin CD playing in the background might also be the case!:-)
Indeed. That's entirely my point.
I think the main source of disagreement here is that it sounds like you're assuming that the economy is a zero-sum game. In other words, one group/country/etc must lose money if your economy is gaining money, and vice versa. I don't think that's true.
If a product I buy pays for itself in a short period of time, then, after that break-even point I'm making more profit than before for the same amount of work. Neither I nor the company I bought the product from lose in this scenario. I take a short-term loss (paying for a product) for a long-term gain (more productivity -> more profits), the company I bought the thing from gets a short-term gain. Where is the loss? In this scenario, both parties benefit, so money (well, value, but effectively the same thing) has been created, effectively out of thin air. Does this process take money out of the UK? I don't think so, even if the company I bought from is overseas.
besides, why would Microsoft care if someone was more productive using their products?
They wouldn't. But the UK government would care. After all, if this product is something that will help the UK economy grow, then it's in the interest of the UK government to minimize the number of roadblocks to its availability.
I see what you're trying to accomplish, but I think your maths are oversimplified. One thing you're ignoring is whether the things a company sells in the UK help the UK citizens be more productive, make more money, etc. Microsoft would argue (whether they're correct or not is a totally separate argument) that the money that UK companies/citizens/etc spend on Microsoft products is recompensed by the increased productivity gained by using their products. Is Microsoft still "taking money out of the UK" in that scenario? Or are they helping UK companies generate more money? Or, most probably, are they doing both? If both, how do you measure the value that using their products adds in your final calculation?
Let's take the system to its extreme: Should a product that's entirely made & managed overseas be heavily taxed just because the company has no UK office? (And would, therefore, have no subtractions in your equation.) What if they're a tiny startup? Would you punish them for being foreign and small?
If the users choose their own question and answer, it makes it much harder for an attacker to know what bit of info will be needed.
Also, users can then choose all sorts of really arcane things for their questions, or just bits of sillyness & mental associations that aren't worth an attackers time to figure out.
Nationally/internationally, there isn't. Locally, there absolutely is: craigslist. I'm sure you've heard of them. Since it's more geographics-centric, craigslist doesn't come across as having as much stuff on offer, but if you live near a metro area, eventually good stuff will pop up.
Not true...that's the whole point. According to ARIN allocation rules, you have to have business plans and evidence for sub-allocations up for 200 customers before they'll give you the/32. That doesn't apply to any enterprises or webhosters, so they're mad.
6.5.1.1. Initial allocation criteria
To qualify for an initial allocation of IPv6 address space, an organization must:
a) be an LIR;
b) not be an end site;
c) plan to provide IPv6 connectivity to organizations to which it will assign/48s, by advertising that connectivity through its single aggregated address allocation; and
d) be an existing, known ISP in the ARIN region or have a plan for making at least 200/48 assignments to other organizations within five years.
Note: not an end site, and be a known ISP. That's the only way to get IPv6 addresses from ARIN right now....and that sucks.
These sites are running BGP already quite successfully. The problem is, big enterprises and content-providers have become quite attached to announcing their *own* space via BGP...you can't (or really shouldn't and shouldn't rely on) advertise one ISP's IP space to another one. That's where the problem comes from: large sites that want to run BGP need Provider-Independant IP space. You can't get that allocated to you in v6 unless you're an ISP, which is making the enterprises and content-providers mad.
The IP allocation scheme is basically freezing everyone but the ISP's from being Provider-Independant and from running BGP themselves.
There is also right now a huge disagreement going on in the background about how to multi-home in IPv6.
The presently-proposed model implies that only big ISPs (plans for at least 200 customers that you'll be allocating space to) can get their own IP space...everyone else has to get space allocated to them from bigger groups. This, predictably, is making the content providers and big enterprises very unhappy, because they're used to (and now require) multiple uplinks to differing ISPs.
The proposed fix for this problem, shim6, has been routinely savaged as a complete non-starter. That's mostly because it's proposing allowing each and every end host to make it's own decisions about what path to take, causing all sorts of uglyness for security devices and traffic engineering.
There presently is no good answer to this, which is why a lot of orgs are holding off on IPv6.
1) Until someone has called you once before, or you've talked to them in some out-of-band way, you have no way of knowing what your friends/relatives/etc keys are. So, unless everyone who might contact you is quite technical, you will likely *always* be accepting unsigned calls. If you're accepting unsigned calls anyway, why bother setting up the keys?
2) Given peoples propensity to re-build systems (sometimes forced by bit-rot), personal keys will rotate rather often. When someone changes computers, they will either have a new key (ick) or they will they have to carry their personal keys with them (not likely). How about when someone changes jobs? (Will you accept a call from someone you know from one job, who has now moved to another one, but wants to keep in touch?) How will you get these new keys out to the folks who are expecting signed calls? The most likely result here is that you will again be forced to accept unsigned calls, making signed calls pointless.
3) Some/most VoIP spam will be addressed by the VoIP providers, as they do not want to lose customers. Why should the end user deal with the mess and overhead of setting up PKI it if the provider is going to?
PKI has its place, but there are very good reasons why we've been trying and failing get PKI into email for over a decade. Many of the same reasons hold true for VoIP.
Because patent examiners are incredibly overworked and understaffed. (sound familiar?) Patent review attorneys can make more in the private sector, and are evaluated by how many patents the approve not the quality of the patents the approve (which is almost impossible to metric, so managers don't bother reviewing by it), etc, etc.
They're not inherently evil or lazy...they're just in a very bad place.
Slashdot Mirror
A straight tower couldn't be built. The tensile pressures on the building would be insane. Heck, we can't even make the ribbon yet, and it's an easier task (though still not exactly easy) than trying to build full-on girders.
I have one word for you: extradition. The US and the UK have extradition treaties. If the spamhaus folks are found guilty of contempt, it will be possible for the US to request their extradition from the UK.
While it's technically true that they could get around it, legally, it's not a great idea.
DRM does not mean that things are hidden, just verified. DRM and paper reciepts are not mutually exclusive. I don't see why you assume they are.
DRM isn't the *only* tool you should use to protect an election...of course. But, it's a useful safeguard for one threat. Dismissing it just because there are other attack vectors is silly.
The elections office does have final say over what *version* of the software is installed, but they do not have personal and private control over what goes in that version. Again, giving them direct control of the software in the voting machine would give them direct control over whether their party wins the election they are overseeing (and therefore whether they keep a job in many cases), which is a conflict of interest.
With DRM, to compromise a given version, you need the elections officials and the vendor to act in tandem, which is still possible, but much harder.
That defeats the point of DRM in a voting system. The whole point of DRM'ing a voting machine is so that a crooked elections office can't put in their own version of the code. If you force the authors to release their signing keys, you make it impossible to address that threat. So GPLv3 voting machines will always be vulnerable to this sort of attack.
Oh, please. Schneier is a well-known expert on cryptography, he wrote the "bible" for introductory cryptography, he founded an MSSP...he doesn't need the speaking gigs to have a comfortable income. Ad hominem attacks do nothing to weaken the strength of his arguments.
Sigh, indeed.
I live in Montgomery County (and, so, had to cast a provisional ballot this morning). A few responses:
1) Why are we using computers?
Two reasons: a) Congress passed out lots of money to computerize elections after the 2000 fiasco, and state governments are all for federal handouts. b) Election folks want to be able to make official pronouncements on the night of the election, rather than being "scooped" by the news media with exit polls. Yeah, it's a selfish reason, but noone ever said this was a pretty system.
2) Will we ever learn?
The Diebold boxes have been semi-contentious, but the issue of their accuracy has been caught up in partisan politics at the Maryland state level. The governor (the first Republican governor in a couple decades for Maryland) started casting doubts on the voting machines accuracy & making sympathetic noises about verification trails a few months ago. The chief of the state elections board is a Democrat. So, the governor's comments were seen as a not-very-subtle attempt to have the elections chief ousted & replaced with a Republican, so the Democrats rallied around the elections chief. Unfortunately, that means that the majority party in the state legislature is now supporting the machines, if only to protect one of their own.
Those of us who just want a paper ballot are generally pissed off about this, since any comment we make now is seen as a partisan attack rather than a technological comment.
Ummm...the whole problem here is that a running OS can be moved to a guest OS. You can't "own the topmost hypervisor", because anything can still be moved to a guest OS even if it started at the "top." The whole question here isn't whether you can be moved down (you can), but whether you can detect that it's happened.
Feel free to correct me if I've mis-understood, but your position seems to be that while it may be prohibitively hard to detect the a trojan hypervisor, it's still technically possible. Joanna presented as if BluePill were undetectable, you're contesting that it's detectable, just hard.
From a practical point of view, there's little difference between those two positions. In fact, if it's so hard that no one will do it, there's operationally zero difference between those two positions. To me, this sounds like the beginning of every other arms race between malware writers and detectors, but at a lower level.
Granted, this is all still pretty theoretical, since she's just releasing a PoC, and there aren't enough systems with either VTx or SVM for this to be a practical attack in the real world.
This is hardware virtualization we're talking about, not software. The processor manufacturers have built virtualization calls into their chipsets. The side-effect of this is that the hypervisor can simply tell the bios "I'm the hypervisor...but, only call me when these specific requests are made." So, the hypervisor could simply choose to ignore the sound and video hardware, leaving those as fast as they were before.
The only way to tell the hypervisor is there is to find a CPU call that the hypervisor *does* care about, and compare how long it takes to run that command before & after the rootkit pushes the OS to a guest OS. That's what the Xen guy is talking about.
(I was at Rutkowska's talk...I'm not sure I buy the Xen guy's response.)
Actually, that is precisely what it does (well, value, but again, I'm glossing over the difference). That's the whole point. I can't stress this enough: the economy is not a zero-sum game. Someone else does not have to lose for you to gain.
Forget money & purchases for a moment...let's talk just value and straight barter: what happens when two people trade items which they themselves can't use, but the other can? For example, you trade with your neighbour, giving him a wood lathe for a computer. Since you can't use the wood lathe, its value to you is low. Since your neighbor can't use the computer, its value to him is low. But, you can use the computer, so its value to you is high. Similar for the wood lathe & your neighbor. So, after the trade, you both have things that have value to you. By trading objects, you each gained value, but the total amount of *stuff* in the system remained the same. Value appeared *out* *of* *nowhere* simply due to trading.
I've been glossing over the difference between money and value because money is supposed to serve as a proxy for value...so, for purposes of this debate, they're the same thing.
So, when are we switching to Esperanto?
Indeed. That's entirely my point.
I think the main source of disagreement here is that it sounds like you're assuming that the economy is a zero-sum game. In other words, one group/country/etc must lose money if your economy is gaining money, and vice versa. I don't think that's true.
If a product I buy pays for itself in a short period of time, then, after that break-even point I'm making more profit than before for the same amount of work. Neither I nor the company I bought the product from lose in this scenario. I take a short-term loss (paying for a product) for a long-term gain (more productivity -> more profits), the company I bought the thing from gets a short-term gain. Where is the loss? In this scenario, both parties benefit, so money (well, value, but effectively the same thing) has been created, effectively out of thin air. Does this process take money out of the UK? I don't think so, even if the company I bought from is overseas.
besides, why would Microsoft care if someone was more productive using their products?
They wouldn't. But the UK government would care. After all, if this product is something that will help the UK economy grow, then it's in the interest of the UK government to minimize the number of roadblocks to its availability.
I see what you're trying to accomplish, but I think your maths are oversimplified. One thing you're ignoring is whether the things a company sells in the UK help the UK citizens be more productive, make more money, etc. Microsoft would argue (whether they're correct or not is a totally separate argument) that the money that UK companies/citizens/etc spend on Microsoft products is recompensed by the increased productivity gained by using their products. Is Microsoft still "taking money out of the UK" in that scenario? Or are they helping UK companies generate more money? Or, most probably, are they doing both? If both, how do you measure the value that using their products adds in your final calculation?
Let's take the system to its extreme: Should a product that's entirely made & managed overseas be heavily taxed just because the company has no UK office? (And would, therefore, have no subtractions in your equation.) What if they're a tiny startup? Would you punish them for being foreign and small?
If the users choose their own question and answer, it makes it much harder for an attacker to know what bit of info will be needed.
Also, users can then choose all sorts of really arcane things for their questions, or just bits of sillyness & mental associations that aren't worth an attackers time to figure out.
Indeed. I have a subscription to Nature, and I can assure you that:
/year. It isn't Time or Newsweek cheap (it's about $100-$200/year, depending), but...
a) it's nowhere near $1,000 US
b) Time/Newsweek aren't going to give you articles that are hardcore reviews of the state of astrophysics (with references).
If you're a science nut, Nature's a reasonable thing to subscribe to.
Gnome Druids. You know you want them. (Forms: Hedgehog, Goldfish, Weasel)
Really?
(from The BBC article on the subject.)
Nationally/internationally, there isn't. Locally, there absolutely is: craigslist. I'm sure you've heard of them. Since it's more geographics-centric, craigslist doesn't come across as having as much stuff on offer, but if you live near a metro area, eventually good stuff will pop up.
Not true...that's the whole point. According to ARIN allocation rules, you have to have business plans and evidence for sub-allocations up for 200 customers before they'll give you the /32. That doesn't apply to any enterprises or webhosters, so they're mad.
Quoting from the ARIN Policy at http://www.arin.net/policy/nrpm.html :
Note: not an end site, and be a known ISP. That's the only way to get IPv6 addresses from ARIN right now....and that sucks.
Huh?
These sites are running BGP already quite successfully. The problem is, big enterprises and content-providers have become quite attached to announcing their *own* space via BGP...you can't (or really shouldn't and shouldn't rely on) advertise one ISP's IP space to another one. That's where the problem comes from: large sites that want to run BGP need Provider-Independant IP space. You can't get that allocated to you in v6 unless you're an ISP, which is making the enterprises and content-providers mad.
The IP allocation scheme is basically freezing everyone but the ISP's from being Provider-Independant and from running BGP themselves.
There is also right now a huge disagreement going on in the background about how to multi-home in IPv6.
The presently-proposed model implies that only big ISPs (plans for at least 200 customers that you'll be allocating space to) can get their own IP space...everyone else has to get space allocated to them from bigger groups. This, predictably, is making the content providers and big enterprises very unhappy, because they're used to (and now require) multiple uplinks to differing ISPs.
The proposed fix for this problem, shim6, has been routinely savaged as a complete non-starter. That's mostly because it's proposing allowing each and every end host to make it's own decisions about what path to take, causing all sorts of uglyness for security devices and traffic engineering.
There presently is no good answer to this, which is why a lot of orgs are holding off on IPv6.A few thoughts to the contrary:
1) Until someone has called you once before, or you've talked to them in some out-of-band way, you have no way of knowing what your friends/relatives/etc keys are. So, unless everyone who might contact you is quite technical, you will likely *always* be accepting unsigned calls. If you're accepting unsigned calls anyway, why bother setting up the keys?
2) Given peoples propensity to re-build systems (sometimes forced by bit-rot), personal keys will rotate rather often. When someone changes computers, they will either have a new key (ick) or they will they have to carry their personal keys with them (not likely). How about when someone changes jobs? (Will you accept a call from someone you know from one job, who has now moved to another one, but wants to keep in touch?) How will you get these new keys out to the folks who are expecting signed calls? The most likely result here is that you will again be forced to accept unsigned calls, making signed calls pointless.
3) Some/most VoIP spam will be addressed by the VoIP providers, as they do not want to lose customers. Why should the end user deal with the mess and overhead of setting up PKI it if the provider is going to?
PKI has its place, but there are very good reasons why we've been trying and failing get PKI into email for over a decade. Many of the same reasons hold true for VoIP.
Because patent examiners are incredibly overworked and understaffed. (sound familiar?) Patent review attorneys can make more in the private sector, and are evaluated by how many patents the approve not the quality of the patents the approve (which is almost impossible to metric, so managers don't bother reviewing by it), etc, etc.
They're not inherently evil or lazy...they're just in a very bad place.