Colbert, Stewart, and a lot of other charismatic, fun, but still strangely accurate, are taking over media. Sure, it's "Fake News" but the vast majority of their stuff is based on fact, much of it is taken out of context, and anyone with half a brain can take the inaccuracies out, and keep the truthiness.
The big names in news MSNBC, CNN, FoxNews, they all know it's true, in fact some of them have a sort of obsession with Colbert and Stewart. They are fun. They are reporting many of the same stories, just not doing it like they're having a root canal done at the same time. And they're not afraid to poke fun at everyone, including themselves. It's very refreshing. THAT is why they have this kind of clout. They are respected.
Everything internet related means lots of dollar signs. What's intruiging here is how it could also play out amongst large corporations. We all know about the difference between a White Hatter, and a Black Hatter. Now consider a network of say, 20 people, top to bottom. At the top, is some poor twit either finishing up college, or already working for a fairly large business (as this article indicates some targets are). At the bottom (in this case, origin), is Company A, that really wants to see company B go down. High profile, but they're paying a pretty penny. Think about it.
Wal-Mart. Big huge massive retail company. How much do you think it would be worth to K-Mart, or Target, or various other retailers, for Wal-Mart to just be down for a few days? Easily into tens of millions, if not hundreds of millions of dollars.
Sad part is, the person at the top doesn't even have to know what's going on. They just say "Hey write a program that will do this, and propogate. We'll give you a cool 100Gs." Kid says hells yea, takes a few hours, whatever, writes it, and gives it to them, collects.
Two weeks later, Wal-Mart plant sticks the little nasty into the Wal-Mart mainframe, and it gets disseminated to every single store in the company. The plant is nice and safe (removed by organization, or perhaps just left to fend for themselves, whatever), many of the people involved will never be caught, and the person that wrote it may not even know they were responsible!
Perhaps I should take off my tin-foil hat, but still, it's a helluva "What-If".
I tell you what, let's work together here. You create something that will take advantage of this bug (which I maintain is being overdramatized). I will create a test machine that uses IE6 and WMP 10 (or 9 if you prefer). We will then perform a test. Attempt to exploit this bug, and we'll see if it's something dangerous to be concerned about.
As for whether or not I'm an MS fan-girl. *shrug* Windows works quite well for me, always has. I have nothing in particular against Linux, Unix, or Mac, just that they aren't right for me. I still use Linux from time to time (I get quite bored with Windows), and for a brief time (and this is totally absurd, and a scary thought) I was a Unix SysAdmin. When someone can provide me a valid list of reasons to switch, I will. But until I can get all the same features, compatability, etc. I'm going to stay right where I am as far as home use goes. I can build a Linux machine without much trouble, and troubleshoot most things, and in general know my way around well enough to get by. I'm no power user of Linux by any sense of the word. Though I do have to say, I'm starting to like some of the multimedia applications that I've used a bit, and mplayer has been my preferred media player for well over a year now.
Hell I generally don't even use WMP for the most part. MS Fan-Girl? Maybe. But I know good software when I see it. Or perhaps, I know software which suits the needs of the majority of users, and for what it is, and what it does, it works well. Would I recommend mplayer to sally joe public? Probably not. It's too bulky. Do I use it? Absolutely, and I love it. Would I recommend Linux to sally joe public? In a word, No.
And by sally joe public, I mean the person that sits on the phone screaming at me how they can't get into their system, they just installed Linux. It's taking them to their email ~user@machine# and they have a blinking cursor. This happens EVERY TIME the user boots their computer, it asks them for their user name and password, they put it in, then it doesn't do anything for a minute, then their screen just goes black and it drops them to that. It says something about an error, and now they're at their email.
No, I'm not going to recommend Linux to someone like that (they had actually had a friend tell them they should use Linux, so they did). Could I take care of that? Easily. Can the USER? Nope. Not a chance. And I don't know about anyone else, but I don't particularly want to be 'on-call' 24/7/365 and constantly busy helping a friend with their Linux installation. I don't like doin git for Windows either, but thankfully Windows doesn't require it much.
As for my software setup. It perfectly performs what I need it to perform. Linux would not. Mac OSX would not. I run no virus or spyware protection, I use the Windows firewall, and I browse using Internet Explorer (nearly) exclusively. I have 0 issues. And have had 0 issues since I began running this way a loooooooong time ago. I'm not a USER. *shrug*
Oh I freely admit that Fox killed the show, and is responsible for it's death (as i said in my post, for them to kill it in it's infancy was criminal).
That's my point though. Star Wars has a MASSIVELY HUGE fan-base that literally spans the globe. And it just "Did OK". There wasn't much in it initially to really REALLY grab people, and keep them. Consider it's main competitor of the time was Everquest, which I had the misfortune of playing an absurd amount of.
Seemed like it wasn't just me that played it, and thought "Huh, this is kinda lame. Think I'll stick with EQ."
Though some of my friends that kept playing it off and on when they got bored have informed me that it's gotten significantly better, though still doesn't enjoy near the following of successful MMOs.
First off, I love Firefly, I thought it was fantastic, and near criminal in being killed in it's infancy. That said, it died for a reason. it didn't generate enough interest.
It has an almost cult following these days, and those will be the ones playing it. Depending on the marketing for this (and I doubt there will be much), it may survive for a year or so before being scrapped.
Earth & Beyond was a great MMO, unfortunately, little to no marketing, and just a sort of "Die Hard" fan-base to live on. It just wasn't enough. I suspect this will play out similarly. Historically though, Sci-Fi ish MMOs don't tend to do very well.
Well, not compared to their Medieval-esque counterparts anyway.
Doesn't affect my Vista machine. Nor my XP Pro machine running IE7 + WMP 11.
Seeing things like this, I can't help but wonder what it might look like if every time a flaw was discovered in *Nix, and a security advisory (even if barely remotely applicable, as in this case) were released,and slashdotted. Maybe this post is flamebait too (seems to be my trend as of late), maybe not. But the title of this particular post, is pretty misleading.
0 day flaw! Congratulations. It's software. I still play games that if they run for more than 2 hours I'm lucky. The real problem is the testing, and the coding that goes into these. You fix one thing, and something else inevitably breaks.
How often does a kernel update in Linux break something that you now have to update, or sometimes roll back alltogether because they won't work.
This post is as Overdramatic as going nuts every single time something in Linux broke or didn't work right. Sometimes MS deserves to be thumped on the head. This time though, seriously, come on. Tell you what, run your 4 byte program that is gonna hax0r my computer. I invite it, might give me something to do.
Kazaa's EULA had everything pretty well spelled out. It told you it was isntalling certain software items to "keep it's software free" and that it was supported by ads and such. So the spyware thing won't amount to a hill of beans.
Depending on the judge she gets, she may have luck over the whole thing about them being free downloads. With all the frivilous lawsuits that have gone around in the last few years. As sad as it is, that one may have merit insofar as just the suit goes (absurdity aside).
As for there being a class action suit against Kazaa, I would like to join a class action suing them for the headaches, expenses in bottles of Excedrin, expenses for Caffeine, and nicotine, as well as pain and suffering for being yelled at by Sally Joe Public and Billy Bob Public because their computers are flax0rd, and they just bought them! That's what I want. Those people had to pay to get their computers fixed, and I had to deal with it. I want MY fair compensation from these companies!
Hey give me a break, I said math wasn't my strong suit. I just wasn't understanding something. So in short, yes, I AM that clueless, hence why the question was asked, presented, and answered by several people.
And it seems my feelings regarding the whole divide by zero thing seem to be amongst the mainstream.
As for creativity being a positive trait, absolutely. But being creative, and innovative, is entirely different from creating a completely new set of abstracts, supposedly within another set of abstracts, even when abstract A breaks all of abstract B's rules, and calling it a revolutionary solution for one spicific point in Abstract B. Wait a second, I think Quantum Physics did that already. Nevermind!
I appreciate your insight as to the importance of Imaginary Numbers. I wasn't trying to imply that imaginary numbers weren't important in real world applications (as that was crudely explained to me a long time ago, roughly a few months after arguing with my algebra teacher, whose comments were limited to "Because I said so!"), merely that someone 're-inventing the wheel' so to speak where it concerns allowing a division of zero seemed odd, and I was questioning what real world value that had.
Again though, thank you for that quick n dirty explanation of Imaginary Numbers, I'm always eager to learn new stuffs. ^_^
This reminds me of arguing with my Algebra teacher in high school over "Imaginary Numbers". When asked where my homework was, my reply was a terse "It's Imaginary Homework, it's at home playing drinking games with the Imaginary Numbers it was on."
I am the first to admit math has NEVER been my strong suit, but are mathemeticians seriously just making up random rules as they go along so that soemthing which occurs to them suddenly works? Imaginary Numbers, changing the rules so that things work the way you want them to. Why is this (AFAIK) the only field to do this? How often do you hear a Physicist say "So, that whole gravity thing, yea we think it's really the opposite of that. What really happens is that mass PUSHES objects away from it, but they just suck so bad everything sticks anyway. What we've done with this (insert spiffy but questionable invention/theorem/etc here), is design something that would work well in this environment."
Nevermind, I think that does happen actually. But am I just missing the point entirely on this? I mean, even if I am, what does being able to divide by zero really get us? Can dividing by zero usher in some ultra new era for science as a whole? How will this affect computer systems in the next 1,5,10, and 20 years? What are the long term implications of this? If there aren't any, then really this is just a kid standing out in the yard swinging from a branch by their legs saying "Look Ma! No Hands!"
While I can see plenty of good, legitimate, wholesome uses for this, personally I think it opens the foor for too much. Though the same could be said of the current Bar Codes and Magnetic Stripes, they're not actually just sitting there broadcasting.
Personally I don't like the idea of RFID tags in much of anything. Too many things being tracked. When you see just how much information Corporate America has on it's customers, it makes you shudder thinking about how much the Government must have on you. It is odd, however, to note that occasionally the Industrial Espionage works better than the US Government's does.
That Congress has REPEATEDLY attempted to suspend Habeas Corpus.
Feel free to check here and run a search for Habeas Corpus. Look around. Congress has tried repeatedly to suspend it, to get rid of it, to void it, etc. The Supreme Court has ruled SEVERAL times that they can't do this.
It KEEPS happening. Criticism? Maybe. But it's WARRANTED criticism. What's absurd is that there isn't MORE outrage concerning all of this. Because of that, I am forced to ask the question "How Long?".
Would I want to live anywhere else? Well, lately Canada and Australia are looking more attractive, but for the moment, I shall keep my faith in the system (however broken and abused it may be at current) and in the American people to one day wake up, and realize we've lost something very dear.
Every day I watch rights that I stood up to defend, that I sacrificed my blood, sweat, and tears for, that I now draw a VA Disability check because of, disappear, by greedy and abusive politicians.
Wait, there's someone knocking on my door. Hmm that's funny, you look an awful lot like someone from that movie Men In Black. What's that? Yes I post on slashdot. Yes I'm PixieDust. Hmm? Talk you say? Alright.
In other news, neighbors of a disabled Veteran were shocked today to learn that the cute girl down the hall had mysteriously disappeared last night...
With the way things are going many other places (especially given recent court battles here in the US about children online and privacy and protection), How long until we see tactics like this on THIS side of the Pacific?
Additionally, tactics like this in China, I can't help but wonder, will this in some way allow US Intelligence to decide exactly who is responsible for attacks against US Cyber Targets? If people are required to use their REAL names when registering (let's say on Yahoo just for an example), and there is a Yahoo group comprised of mostly Chinese users, which post all kinds of anti-American things, or organizing these attacks, what's to stop US Intelligence from forcing Yahoo to turn over the names of those registered?
Furthermore, what if the US decides to expand the "Patrio" Act, to include requirements like this (Hell they've already forced ISPs and phone companies into turning over ludicrous amounts of information).
Maybe I'm wearing a tin-foil hat and not realizing it, but is anyone else troubled by the recent trend in online privacy intrusions? That is one thing that is nice about the internet, it affords you a certain amount of anonymity. Could we be witnessing the end of that?
Also, just how much REAL difference is there in the US's privacy invasion crimes, and China's? Could it be that China is just more blatant about it?
That was the only line anyone had to read in your post. Yes they offered it free, do the other vendors give it to you for free.
Well, betas for their products I often get, and use for a while until I form an opinion, and I've had adequate time to test them, then I submit my feedback and promptly remove them from my stsem. It was much the same with OneCare. Once I was finished evaluating it, it was promptly removed from my system. The FINAL product is NOT free.
I would rather run nothing, than have something slowing down my system unnecessarily. USERS need it, not me.
WHY does the AV program NEED to hook into the OS kernel?
When you think about it, this ITSELF introduces another vulnerability. Another point of failure. Why bother exploiting the OS, when you can use the nice convenient path provided to you by the AV software? Everyone seems to forget this.
Microsoft gets bashed for their 'insecurity' and the moment they try and IMPROVE that, they get flamed, and people cry foul and start throwing around such words as 'monopoly', 'abuse', 'lock-out', and the tin-foil hatters come out of the woodwork and start bashing MS security, while somehow totally missing the absurdity in what they're saying!
Other AV companies have managed to adapt to the kernel lockouts, why can't Symantec and McAfee do the same? Instead, they'd rather keep their grubby paws hooked into the OS as deep as they can be, so that they can effectively hose a user's installation, then charge them $80 for phone support to resolve the issue.
People can't have it both ways. You have to give credit where credit is due. Windows One Care is not installed by default, it's a FOR PAY product (which totally differentiates it from IE vs All) that you have to buy IN ADDITION to the OS. Windows Defender is free, and protects against spyware, and comes pre-installed. While I don't particularly like that, it doesn't really bother me either. People install Yahoo Messenger, and it wants to install a Toolbar with Yahoo Anti-Spy. The same goes for Google, AIM, MSN(yes I know that's redundant), and a plethora of other IM options, and even just generic toolbars. Most ISPs now days 'give' you AV/AS to use. So Windows Defender doesn't bother me, there's already another 50 billion people trying to give me spyware protection (none of which I use, the standard Windows Firewall is quite sufficient for me thank you), so why not MS too?
I had the opportunity to participate in the beta for OneCare (wasn't hard, they offered it free, and I liked that idea, since people were inevitably going to ask me about it). I found it to have a rather large footprint, and be fairly slow. Given it's competition in the form of Symantec NIS, and McAfee's Internet Security Suite, and Trend Micro's Internet Security Suite, it's performance was roughly average. It wasn't as fast as TM, but was quicker than NIS and MIS in most cases. What struck me was only TM had a better detection scheme, and even then it was marginal (though I know a single thing getting through can mean the difference between being completely hosed, and being OK, never knowing how close you came to Virtual Armaggedon). MS One Care did a MUCH better job of catching/stopping spyware then all of them (Windows Defender gets lumped into One Care installs generally).
Think of these things from the USER'S perspective. NOT from YOUR perspective. For people who are WAAAAY non-tech savvy, One Care offers a one-stop-shop for performance tuning (uncomplicated), AV, and AS and Firewall protection. It's easier to use than NIS, WAAAY easier than MIS, and TM rounds out the list of being the least user friendly. Bottom line is this is just one more cool way to bash Microsoft for trying to improve things. Do you think they're using kernel hacks for One Care? Probably not right now, as people would LOVE to find a way to exploit One Care to compromise a machine. Will it remain that way? Probably not, because I see things getting into the kernel eventually, and requiring that the kernel be accessible, at least to be scanned and locked so that it can be replaced. But still, NO AV/AS program should EVER be hacked into the kernel. Period.
It opens up the doors for too many things. OneCare also doesn't bombard the user with useless popups and notifications like the others often do, which aids in hosing the system as they USER tells it to do something bad.
One Care is a LEGITIMATE software release by Microsoft, and not at all a surprise. What is surprising to me, is that it took THIS long for it to resurface.
That is all. Please return to your normal dailty activity.
That's my point though. you don't have to know their kids' names, or they birthdays, or whatever. if that's ALL the password is, then any brute forcing type software will pwn the face of that password quickly.
Combining them, however, as you said is very effective, and takes much longer.
The real problem is the user is LAZY. The help-desk, is agitated. And the higher up big-wigs get upset because productivity suffers.
Besides, how many laptops would then have the password for FDE engraved into them, or with a nice post-it note on them? And what would this password be? Their mother's name? Their birthday? Their dog's name? The street they live on? Users are notorious for using horrendously uncomplicated passwords.
on the other hand, if someone were to use say MdLg25GvNtUp35
Then yea, it would be effective. Brute forcing that would take what, 50 years?
Of course if the password must rotate every so often, then users will be CONSTANTLY requesting resets (as someone mentioned a moment ago I believe), which will drive up help-desk costs and also drive productivity down.
The BEST solution is to EDUCATE the user, and have strict IA policies in place. Period.
Could this application be used for repairing internals of machinery? Perhaps in Zero G environments?
Consider a system that constantly monitors internal systems (that's already in place). A problem is identified, and a swarm of robotic workers immediately moves out to fix the problem. Could this be ther first step to a sort of nanite repair system?
Pshaw. The only REAL Linux environments I've run in have almost all been Gentoo. I'm most definitely a Windows girl, but Gentoo does have it's appeal. Really the only thing needed to get Gentoo up and going, is a bit of patience (understanding that it's going to be a while, and your hardware may not necessarily immediately work), a good overall understanding of computer hardware (the software interaction is a nice help too), a little luck, and lots and lots of caffeine.
Well, that's what I had anyway. A dozen kernel builds later my system actually booted! Hooray! That was my desktop though (Which, I can now do a full build from stage 1 Gentoo, total touch time is roughly an hour, hour and a half maybe). Laptop is...well, painful, hehe. Very new laptop, and I would be fine, but for some reason the fans don't work with the installer, and compiles don't tend to like it when the computer shuts off in the middle, hehe.
Slashdot Mirror
They're different, but hardly anything that's a new sensational breakthrough.
The big names in news MSNBC, CNN, FoxNews, they all know it's true, in fact some of them have a sort of obsession with Colbert and Stewart. They are fun. They are reporting many of the same stories, just not doing it like they're having a root canal done at the same time. And they're not afraid to poke fun at everyone, including themselves. It's very refreshing. THAT is why they have this kind of clout. They are respected.
Wal-Mart. Big huge massive retail company. How much do you think it would be worth to K-Mart, or Target, or various other retailers, for Wal-Mart to just be down for a few days? Easily into tens of millions, if not hundreds of millions of dollars.
Sad part is, the person at the top doesn't even have to know what's going on. They just say "Hey write a program that will do this, and propogate. We'll give you a cool 100Gs." Kid says hells yea, takes a few hours, whatever, writes it, and gives it to them, collects.
Two weeks later, Wal-Mart plant sticks the little nasty into the Wal-Mart mainframe, and it gets disseminated to every single store in the company. The plant is nice and safe (removed by organization, or perhaps just left to fend for themselves, whatever), many of the people involved will never be caught, and the person that wrote it may not even know they were responsible!
Perhaps I should take off my tin-foil hat, but still, it's a helluva "What-If".
I tell you what, let's work together here. You create something that will take advantage of this bug (which I maintain is being overdramatized). I will create a test machine that uses IE6 and WMP 10 (or 9 if you prefer). We will then perform a test. Attempt to exploit this bug, and we'll see if it's something dangerous to be concerned about.
As for whether or not I'm an MS fan-girl. *shrug* Windows works quite well for me, always has. I have nothing in particular against Linux, Unix, or Mac, just that they aren't right for me. I still use Linux from time to time (I get quite bored with Windows), and for a brief time (and this is totally absurd, and a scary thought) I was a Unix SysAdmin. When someone can provide me a valid list of reasons to switch, I will. But until I can get all the same features, compatability, etc. I'm going to stay right where I am as far as home use goes. I can build a Linux machine without much trouble, and troubleshoot most things, and in general know my way around well enough to get by. I'm no power user of Linux by any sense of the word. Though I do have to say, I'm starting to like some of the multimedia applications that I've used a bit, and mplayer has been my preferred media player for well over a year now.
Hell I generally don't even use WMP for the most part. MS Fan-Girl? Maybe. But I know good software when I see it. Or perhaps, I know software which suits the needs of the majority of users, and for what it is, and what it does, it works well. Would I recommend mplayer to sally joe public? Probably not. It's too bulky. Do I use it? Absolutely, and I love it. Would I recommend Linux to sally joe public? In a word, No.
And by sally joe public, I mean the person that sits on the phone screaming at me how they can't get into their system, they just installed Linux. It's taking them to their email ~user@machine# and they have a blinking cursor. This happens EVERY TIME the user boots their computer, it asks them for their user name and password, they put it in, then it doesn't do anything for a minute, then their screen just goes black and it drops them to that. It says something about an error, and now they're at their email.
No, I'm not going to recommend Linux to someone like that (they had actually had a friend tell them they should use Linux, so they did). Could I take care of that? Easily. Can the USER? Nope. Not a chance. And I don't know about anyone else, but I don't particularly want to be 'on-call' 24/7/365 and constantly busy helping a friend with their Linux installation. I don't like doin git for Windows either, but thankfully Windows doesn't require it much.
As for my software setup. It perfectly performs what I need it to perform. Linux would not. Mac OSX would not. I run no virus or spyware protection, I use the Windows firewall, and I browse using Internet Explorer (nearly) exclusively. I have 0 issues. And have had 0 issues since I began running this way a loooooooong time ago. I'm not a USER. *shrug*
Oh I freely admit that Fox killed the show, and is responsible for it's death (as i said in my post, for them to kill it in it's infancy was criminal).
Seemed like it wasn't just me that played it, and thought "Huh, this is kinda lame. Think I'll stick with EQ."
Though some of my friends that kept playing it off and on when they got bored have informed me that it's gotten significantly better, though still doesn't enjoy near the following of successful MMOs.
It has an almost cult following these days, and those will be the ones playing it. Depending on the marketing for this (and I doubt there will be much), it may survive for a year or so before being scrapped.
Earth & Beyond was a great MMO, unfortunately, little to no marketing, and just a sort of "Die Hard" fan-base to live on. It just wasn't enough. I suspect this will play out similarly. Historically though, Sci-Fi ish MMOs don't tend to do very well.
Well, not compared to their Medieval-esque counterparts anyway.
Doesn't affect my Vista machine. Nor my XP Pro machine running IE7 + WMP 11.
Seeing things like this, I can't help but wonder what it might look like if every time a flaw was discovered in *Nix, and a security advisory (even if barely remotely applicable, as in this case) were released,and slashdotted. Maybe this post is flamebait too (seems to be my trend as of late), maybe not. But the title of this particular post, is pretty misleading.
0 day flaw! Congratulations. It's software. I still play games that if they run for more than 2 hours I'm lucky. The real problem is the testing, and the coding that goes into these. You fix one thing, and something else inevitably breaks.
How often does a kernel update in Linux break something that you now have to update, or sometimes roll back alltogether because they won't work.
This post is as Overdramatic as going nuts every single time something in Linux broke or didn't work right. Sometimes MS deserves to be thumped on the head. This time though, seriously, come on. Tell you what, run your 4 byte program that is gonna hax0r my computer. I invite it, might give me something to do.
Depending on the judge she gets, she may have luck over the whole thing about them being free downloads. With all the frivilous lawsuits that have gone around in the last few years. As sad as it is, that one may have merit insofar as just the suit goes (absurdity aside).
As for there being a class action suit against Kazaa, I would like to join a class action suing them for the headaches, expenses in bottles of Excedrin, expenses for Caffeine, and nicotine, as well as pain and suffering for being yelled at by Sally Joe Public and Billy Bob Public because their computers are flax0rd, and they just bought them! That's what I want. Those people had to pay to get their computers fixed, and I had to deal with it. I want MY fair compensation from these companies!
Who is with me?!
And it seems my feelings regarding the whole divide by zero thing seem to be amongst the mainstream.
As for creativity being a positive trait, absolutely. But being creative, and innovative, is entirely different from creating a completely new set of abstracts, supposedly within another set of abstracts, even when abstract A breaks all of abstract B's rules, and calling it a revolutionary solution for one spicific point in Abstract B. Wait a second, I think Quantum Physics did that already. Nevermind!
Again though, thank you for that quick n dirty explanation of Imaginary Numbers, I'm always eager to learn new stuffs. ^_^
I am the first to admit math has NEVER been my strong suit, but are mathemeticians seriously just making up random rules as they go along so that soemthing which occurs to them suddenly works? Imaginary Numbers, changing the rules so that things work the way you want them to. Why is this (AFAIK) the only field to do this? How often do you hear a Physicist say "So, that whole gravity thing, yea we think it's really the opposite of that. What really happens is that mass PUSHES objects away from it, but they just suck so bad everything sticks anyway. What we've done with this (insert spiffy but questionable invention/theorem/etc here), is design something that would work well in this environment."
Nevermind, I think that does happen actually. But am I just missing the point entirely on this? I mean, even if I am, what does being able to divide by zero really get us? Can dividing by zero usher in some ultra new era for science as a whole? How will this affect computer systems in the next 1,5,10, and 20 years? What are the long term implications of this? If there aren't any, then really this is just a kid standing out in the yard swinging from a branch by their legs saying "Look Ma! No Hands!"
See here we are seen as still being within an ice age.
Personally I don't like the idea of RFID tags in much of anything. Too many things being tracked. When you see just how much information Corporate America has on it's customers, it makes you shudder thinking about how much the Government must have on you. It is odd, however, to note that occasionally the Industrial Espionage works better than the US Government's does.
Feel free to check here and run a search for Habeas Corpus. Look around. Congress has tried repeatedly to suspend it, to get rid of it, to void it, etc. The Supreme Court has ruled SEVERAL times that they can't do this.
It KEEPS happening. Criticism? Maybe. But it's WARRANTED criticism. What's absurd is that there isn't MORE outrage concerning all of this. Because of that, I am forced to ask the question "How Long?".
Would I want to live anywhere else? Well, lately Canada and Australia are looking more attractive, but for the moment, I shall keep my faith in the system (however broken and abused it may be at current) and in the American people to one day wake up, and realize we've lost something very dear.
Every day I watch rights that I stood up to defend, that I sacrificed my blood, sweat, and tears for, that I now draw a VA Disability check because of, disappear, by greedy and abusive politicians.
Wait, there's someone knocking on my door. Hmm that's funny, you look an awful lot like someone from that movie Men In Black. What's that? Yes I post on slashdot. Yes I'm PixieDust. Hmm? Talk you say? Alright.
In other news, neighbors of a disabled Veteran were shocked today to learn that the cute girl down the hall had mysteriously disappeared last night...
Oh, before I forget...
/tinfoilhat off
Additionally, tactics like this in China, I can't help but wonder, will this in some way allow US Intelligence to decide exactly who is responsible for attacks against US Cyber Targets? If people are required to use their REAL names when registering (let's say on Yahoo just for an example), and there is a Yahoo group comprised of mostly Chinese users, which post all kinds of anti-American things, or organizing these attacks, what's to stop US Intelligence from forcing Yahoo to turn over the names of those registered?
Furthermore, what if the US decides to expand the "Patrio" Act, to include requirements like this (Hell they've already forced ISPs and phone companies into turning over ludicrous amounts of information).
Maybe I'm wearing a tin-foil hat and not realizing it, but is anyone else troubled by the recent trend in online privacy intrusions? That is one thing that is nice about the internet, it affords you a certain amount of anonymity. Could we be witnessing the end of that?
Also, just how much REAL difference is there in the US's privacy invasion crimes, and China's? Could it be that China is just more blatant about it?
I would rather run nothing, than have something slowing down my system unnecessarily. USERS need it, not me.
When you think about it, this ITSELF introduces another vulnerability. Another point of failure. Why bother exploiting the OS, when you can use the nice convenient path provided to you by the AV software? Everyone seems to forget this.
Microsoft gets bashed for their 'insecurity' and the moment they try and IMPROVE that, they get flamed, and people cry foul and start throwing around such words as 'monopoly', 'abuse', 'lock-out', and the tin-foil hatters come out of the woodwork and start bashing MS security, while somehow totally missing the absurdity in what they're saying!
Other AV companies have managed to adapt to the kernel lockouts, why can't Symantec and McAfee do the same? Instead, they'd rather keep their grubby paws hooked into the OS as deep as they can be, so that they can effectively hose a user's installation, then charge them $80 for phone support to resolve the issue.
People can't have it both ways. You have to give credit where credit is due. Windows One Care is not installed by default, it's a FOR PAY product (which totally differentiates it from IE vs All) that you have to buy IN ADDITION to the OS. Windows Defender is free, and protects against spyware, and comes pre-installed. While I don't particularly like that, it doesn't really bother me either. People install Yahoo Messenger, and it wants to install a Toolbar with Yahoo Anti-Spy. The same goes for Google, AIM, MSN(yes I know that's redundant), and a plethora of other IM options, and even just generic toolbars. Most ISPs now days 'give' you AV/AS to use. So Windows Defender doesn't bother me, there's already another 50 billion people trying to give me spyware protection (none of which I use, the standard Windows Firewall is quite sufficient for me thank you), so why not MS too?
I had the opportunity to participate in the beta for OneCare (wasn't hard, they offered it free, and I liked that idea, since people were inevitably going to ask me about it). I found it to have a rather large footprint, and be fairly slow. Given it's competition in the form of Symantec NIS, and McAfee's Internet Security Suite, and Trend Micro's Internet Security Suite, it's performance was roughly average. It wasn't as fast as TM, but was quicker than NIS and MIS in most cases. What struck me was only TM had a better detection scheme, and even then it was marginal (though I know a single thing getting through can mean the difference between being completely hosed, and being OK, never knowing how close you came to Virtual Armaggedon). MS One Care did a MUCH better job of catching/stopping spyware then all of them (Windows Defender gets lumped into One Care installs generally).
Think of these things from the USER'S perspective. NOT from YOUR perspective. For people who are WAAAAY non-tech savvy, One Care offers a one-stop-shop for performance tuning (uncomplicated), AV, and AS and Firewall protection. It's easier to use than NIS, WAAAY easier than MIS, and TM rounds out the list of being the least user friendly. Bottom line is this is just one more cool way to bash Microsoft for trying to improve things. Do you think they're using kernel hacks for One Care? Probably not right now, as people would LOVE to find a way to exploit One Care to compromise a machine. Will it remain that way? Probably not, because I see things getting into the kernel eventually, and requiring that the kernel be accessible, at least to be scanned and locked so that it can be replaced. But still, NO AV/AS program should EVER be hacked into the kernel. Period.
It opens up the doors for too many things. OneCare also doesn't bombard the user with useless popups and notifications like the others often do, which aids in hosing the system as they USER tells it to do something bad.
One Care is a LEGITIMATE software release by Microsoft, and not at all a surprise. What is surprising to me, is that it took THIS long for it to resurface.
That is all. Please return to your normal dailty activity.
Combining them, however, as you said is very effective, and takes much longer.
Besides, how many laptops would then have the password for FDE engraved into them, or with a nice post-it note on them? And what would this password be? Their mother's name? Their birthday? Their dog's name? The street they live on? Users are notorious for using horrendously uncomplicated passwords.
on the other hand, if someone were to use say MdLg25GvNtUp35
Then yea, it would be effective. Brute forcing that would take what, 50 years?
Of course if the password must rotate every so often, then users will be CONSTANTLY requesting resets (as someone mentioned a moment ago I believe), which will drive up help-desk costs and also drive productivity down.
The BEST solution is to EDUCATE the user, and have strict IA policies in place. Period.
Additionally...
Should say EARN merit badges.Cue the "omfg MS sux0rz" comments and bashings. To be immediately followed by "Monopoly Abuse!" screams.
There is a reason I said "First Step"
Consider a system that constantly monitors internal systems (that's already in place). A problem is identified, and a swarm of robotic workers immediately moves out to fix the problem. Could this be ther first step to a sort of nanite repair system?
Well, that's what I had anyway. A dozen kernel builds later my system actually booted! Hooray! That was my desktop though (Which, I can now do a full build from stage 1 Gentoo, total touch time is roughly an hour, hour and a half maybe). Laptop is...well, painful, hehe. Very new laptop, and I would be fine, but for some reason the fans don't work with the installer, and compiles don't tend to like it when the computer shuts off in the middle, hehe.