I am working at a "state school" right now, which receives a whopping 5% of its budget from the state. Do not be so quick to assume that "state school" means "paid for by the state government."
In all seriousness, here is another method of solving the problem, which would be just as effective at preventing rootkits from hiding in the bootloader: make the boot medium a flash device on the motherboard, and have a jumper that enables writes to that device. This would not rob users of control over their system (although it may force people to get over their fear of opening their computer's case and changing a jumper), and would be just as effective at stopping the overwhelming majority of rootkits.
The real motive here is the same as it ever was with the TPM: they want to market Windows as a "media platform" and their "media partners" do not like the idea of users being able to control their own computers -- they want to enforce restriction technologies. GNU/Linux is an operating system that its users control, and so these "media partners" do not want to see it installed on anyone's computer. Likewise, they do not want to see people modifying Windows in a way that circumvents DRM. They want computers to be like cell phones and cable TV boxes, herding the users in ways that are convenient for various copyright-based corporations.
That this will block certain classes of rootkits is entirely incidental, despite the heavy marketing.
"Consumers should run Windows, and they should not have any ability to boot up anything else. 'Enterprise' users who can afford to pay more should have more choice."
That is the only way I can see this playing out. What OEM would not jump at the opportunity to control its users and force people to pay more to do something they have been able to do at no cost all these years?
It is a simple matter of money. Take a look at how much money there is in online gaming, and how much money is being spent on trying to stop people from cheating or running unauthorized copies of the game. Now imagine if users did not actually control their computers -- suddenly, you could enforce the rules of the game for far less.
You could substitute just about any class of software for "games" at this point -- a lot of money is being spent on license enforcement, and vendors would prefer if they could trust that the OS has not been hacked by its user. The "security" that they are referring to is not security for the end users, it is security for the various parties who are trying to stop those users from doing certain unapproved things.
How many of your contacts have published a public key? The vast majority of people have no interest in email encryption, and if they did they would want the encryption to be performed by their mail server, Hushmail-style, which would do little to help in this situation.
That's the treaty that a very tiny handful of people (including myself) were decrying fifteen years ago while everyone else was completely fucking ignoring it and its implications
Everyone still ignores it and its implications. Most people are exactly what the mass media conditions them to be: passive consumers. The majority of people simply do not care about whether or not it is illegal to produce software that can be used to circumvent copy-restriction technologies.
For example the US government could supposedly read CRT monitors from a fair distance away.
That is not very impressive, since the glow from a CRT is enough to reconstruct the image on the screen, and Ross Andersen's book describes how less than $1000 of equipment is enough to pick up stray emissions from a VGA cable and reconstruct the image from a neighboring building.
Manual verification -- perhaps banks and retail outlets could hand out fliers with QR Code or Data Matrix encoded copied of their pubilc key fingerprints. This does not solve the problem for small businesses that need to deal with people online (potentially people who cannot receive fliers or business cards), but for local businesses or large corporations it is potentially workable. Key replacement is the biggest problem here (anyone who has tried to manage sshd should be familiar with this issue).
Web of trust -- this requires some minimum number of people who care enough to participate, and probably works better for personal certificates than for businesses.
Newer ideas like convergence, which is something like a cross between the CA model and the web-of-trust model in that you configure multiple notaries and require a certain number of them to sign a key before it is trusted.
So there you have it, other ideas. The real question is, which of these is most likely to succeed when billions of technically illiterate people try to use it?
I thought we discussed this two weeks ago, when the New York Times published an article about how all the computers we have dumped into the school system have had negligible results in terms of improving education. Now we are trying the same strategy, but with a different form factor? Are these decision makers even bothering to give thought to how iPads are going to help kindergarden students?
This might have something to do with the fact that I have not used any "office suite" software in so long that I no longer associate "Office" with "Microsoft's collection of word processing, spreadsheet, and presentation software." Or the fact that I did not know that Windows Phone 7's UI was called "Metro," and thought that Ballmer was seeking to "metro-ize" his office (which I believe is in Redmond).
Is queer eye for the straight guy still on? I honestly thought this was going to be an article about Ballmer bringing the queer eye team to Redmond and having them do some work on Microsoft's headquarters...
It's not like we have reason to think that other CAs have not had unreported blunders. In fact, we have every reason to think that the whole CA system is broken, and is just hanging on because nobody is willing to put in the effort needed to replace it.
You could hide an image somewhere on the page, and then make it load extremely slowly -- and then just measure how long it takes to load the image. You will not know how long they are spending looking at the particular window or tab, but you will know how long they keep in open in their browser.
Actually, I kind of like that solution (especially paired with a kernel modification to translate between nonbreaking spaces being presented to the outside world and normal spaces on disk -- to promote interoperability), but it's only "easy" in a pretty strange sense of that word considering that it isn't backwards compatible and there's not a good way to type a NBSP.
I think the idea was that system calls like stat() or open() would automatically convert all spaces to nonbreaking spaces, and thus nobody would have to be aware of the difference (unless for some reason there was a program that actually broke because it expected 0x20 in filenames -- which I would say is a bug and an edge case).
if you write shell scripts and don't understand these issues, you've likely been writing buggy, incorrect, insecure and exploitable code.
I generally assume that shell scripts are insecure / exploitable anyway, and I would not expose a shell script to every random thing that might be thrown at me from a malicious person (i.e. one that was obtained from the net). Also, most of what I use my shell for are files that were created either by me or by people in my group (who I can generally assume would not try to attack me in this fashion, since we all have sudo privileges on each others' systems anyway).
No, when I said "column 50" I was referring to character column numbers, which you'd pass to cut -c##. I haven't had much luck with -f specifiers for typical output. Maybe I'm just stupid or something, but I can't figure out how to make it treat several spaces in a row (there so columns line up visually) as a single separator.
I usually just use awk here; I never did like cut much myself, and the amount of awk that one would need to use is pretty simple:
awk '{print $5}'
Which for example will print the 5th field of every input line. I am sure, however, that there will be cases where this will not do what you want e.g. if you need to change the delimiter or something to that effect (awk has a field separator variable and a record separator variable that can be used to control this, which by default match the common case: fields separated by spaces and tabs, records by newlines). I suppose one could argue that if you are using a programming language like awk, you are "cheating," but I would say that awk is really designed to be used in these sorts of situations. It may be the case that this is non-portable -- I only use GNU awk -- but one could potentially use perl if portability is an issue:
perl -ane 'print @F[5]'
a lot of present solutions even break if you have spaces in file names -- and prohibiting that is, in my strong opinion, neither desirable nor realistic.
Agreed, though the article points out an easy solution to that also: a nonbreaking space should be the default for filenames that have spaces (users should not see any difference, although I cannot say with confidence that there are no UIs out there that would display nonbreaking spaces as something other than whitespace).
My point was not that I never saw a table, it is that you are exaggerating when you claim that it is a matter of remember which of nearly 50 columns has the data one is looking for. I have never seen the number of columns exceed 10, and I doubt that you would ever see a well designed class with more than 10 or so fields, or perhaps "groups of fields" (e.g. for ACLs you might have numerous fields, but they are all part of the same logical group; of course, a good object oriented programmer would say that such a logical group would belong in a separate class entirely).
If you want a full discussion of the problems you can face, see here. (My executive summary is that "if you've used xargs, you've probably used something that is broken -- or at least not general.")
Point taken -- I do actually remember an occasion where I accidentally created a file with a very strange name, and had to spend a few minutes coming up with a way to remove the file. The problem, though, is more relevant to allowable filenames than to shells -- as the article points out, simply forbidding files with malformed names would go a long way toward solving the problem, and there is no good reason for a filename to contain things like control characters or to have a hyphen as its first character.
I can grant this, though: having command instructions in a separate channel from input is a good idea. Although this filenames issue is not quite as bad as SQL injection, it is the same type of problem.
"Does it start at column 40? No? 45? No? How' bout 43?"
What exactly have you been doing with your shell? I have never had anything that approaches this sort of problem; on a few occasions I wind up forgetting which of a handful of columns from the output of "ps" or "ls -l" is the one I want to sort by. Even if you wind up having dozens of columns, I fail to see how object oriented programming is going to help you, since you are still stuck having to remember dozens of fields for whatever class you are dealing with.
Parsing file names in particular is... "interesting". It's basically never worth it to get it actually correct,
Do you have an actual example that you could share? Again, this is a problem that I have never encountered, and I have been using GNU for a long time.
Slashdot Mirror
I am working at a "state school" right now, which receives a whopping 5% of its budget from the state. Do not be so quick to assume that "state school" means "paid for by the state government."
As if I have never heard of a rootkit?
In all seriousness, here is another method of solving the problem, which would be just as effective at preventing rootkits from hiding in the bootloader: make the boot medium a flash device on the motherboard, and have a jumper that enables writes to that device. This would not rob users of control over their system (although it may force people to get over their fear of opening their computer's case and changing a jumper), and would be just as effective at stopping the overwhelming majority of rootkits.
The real motive here is the same as it ever was with the TPM: they want to market Windows as a "media platform" and their "media partners" do not like the idea of users being able to control their own computers -- they want to enforce restriction technologies. GNU/Linux is an operating system that its users control, and so these "media partners" do not want to see it installed on anyone's computer. Likewise, they do not want to see people modifying Windows in a way that circumvents DRM. They want computers to be like cell phones and cable TV boxes, herding the users in ways that are convenient for various copyright-based corporations.
That this will block certain classes of rootkits is entirely incidental, despite the heavy marketing.
"Consumers should run Windows, and they should not have any ability to boot up anything else. 'Enterprise' users who can afford to pay more should have more choice."
That is the only way I can see this playing out. What OEM would not jump at the opportunity to control its users and force people to pay more to do something they have been able to do at no cost all these years?
It is a simple matter of money. Take a look at how much money there is in online gaming, and how much money is being spent on trying to stop people from cheating or running unauthorized copies of the game. Now imagine if users did not actually control their computers -- suddenly, you could enforce the rules of the game for far less.
You could substitute just about any class of software for "games" at this point -- a lot of money is being spent on license enforcement, and vendors would prefer if they could trust that the OS has not been hacked by its user. The "security" that they are referring to is not security for the end users, it is security for the various parties who are trying to stop those users from doing certain unapproved things.
What is wrong with the BIOS anyway?
It allows you to boot Linux.
By 7:25am it would be unclogged. Do you really thing the NYPD is going to let protesters get in the way of business?
Encryption people - encrypt your emails.
How many of your contacts have published a public key? The vast majority of people have no interest in email encryption, and if they did they would want the encryption to be performed by their mail server, Hushmail-style, which would do little to help in this situation.
That's the treaty that a very tiny handful of people (including myself) were decrying fifteen years ago while everyone else was completely fucking ignoring it and its implications
Everyone still ignores it and its implications. Most people are exactly what the mass media conditions them to be: passive consumers. The majority of people simply do not care about whether or not it is illegal to produce software that can be used to circumvent copy-restriction technologies.
Then why bother with CAs? Why not just use the law to handle these sorts of things?
For example the US government could supposedly read CRT monitors from a fair distance away.
That is not very impressive, since the glow from a CRT is enough to reconstruct the image on the screen, and Ross Andersen's book describes how less than $1000 of equipment is enough to pick up stray emissions from a VGA cable and reconstruct the image from a neighboring building.
So there you have it, other ideas. The real question is, which of these is most likely to succeed when billions of technically illiterate people try to use it?
I thought we discussed this two weeks ago, when the New York Times published an article about how all the computers we have dumped into the school system have had negligible results in terms of improving education. Now we are trying the same strategy, but with a different form factor? Are these decision makers even bothering to give thought to how iPads are going to help kindergarden students?
http://en.wikipedia.org/wiki/Metrosexual
This might have something to do with the fact that I have not used any "office suite" software in so long that I no longer associate "Office" with "Microsoft's collection of word processing, spreadsheet, and presentation software." Or the fact that I did not know that Windows Phone 7's UI was called "Metro," and thought that Ballmer was seeking to "metro-ize" his office (which I believe is in Redmond).
Is queer eye for the straight guy still on? I honestly thought this was going to be an article about Ballmer bringing the queer eye team to Redmond and having them do some work on Microsoft's headquarters...
Government saves on law enforcement costs trying to police drugs...
Not necessarily:
http://www.fear.org/chicago.html
http://www.dpeg.org/legal_issues/assetforfeiture.htm
Or we could stop militarizing law enforcement, and try a new, less violent approach to drug policy (like, say, legalization).
Cocaine and heroine were outlawed before the prohibition on alcohol...
It's not like we have reason to think that other CAs have not had unreported blunders. In fact, we have every reason to think that the whole CA system is broken, and is just hanging on because nobody is willing to put in the effort needed to replace it.
"show how long they spent on each site"?
How on earth could any software determine that?
You could hide an image somewhere on the page, and then make it load extremely slowly -- and then just measure how long it takes to load the image. You will not know how long they are spending looking at the particular window or tab, but you will know how long they keep in open in their browser.
What's Windows?
Actually, I kind of like that solution (especially paired with a kernel modification to translate between nonbreaking spaces being presented to the outside world and normal spaces on disk -- to promote interoperability), but it's only "easy" in a pretty strange sense of that word considering that it isn't backwards compatible and there's not a good way to type a NBSP.
I think the idea was that system calls like stat() or open() would automatically convert all spaces to nonbreaking spaces, and thus nobody would have to be aware of the difference (unless for some reason there was a program that actually broke because it expected 0x20 in filenames -- which I would say is a bug and an edge case).
if you write shell scripts and don't understand these issues, you've likely been writing buggy, incorrect, insecure and exploitable code.
I generally assume that shell scripts are insecure / exploitable anyway, and I would not expose a shell script to every random thing that might be thrown at me from a malicious person (i.e. one that was obtained from the net). Also, most of what I use my shell for are files that were created either by me or by people in my group (who I can generally assume would not try to attack me in this fashion, since we all have sudo privileges on each others' systems anyway).
No, when I said "column 50" I was referring to character column numbers, which you'd pass to cut -c##. I haven't had much luck with -f specifiers for typical output. Maybe I'm just stupid or something, but I can't figure out how to make it treat several spaces in a row (there so columns line up visually) as a single separator.
I usually just use awk here; I never did like cut much myself, and the amount of awk that one would need to use is pretty simple:
Which for example will print the 5th field of every input line. I am sure, however, that there will be cases where this will not do what you want e.g. if you need to change the delimiter or something to that effect (awk has a field separator variable and a record separator variable that can be used to control this, which by default match the common case: fields separated by spaces and tabs, records by newlines). I suppose one could argue that if you are using a programming language like awk, you are "cheating," but I would say that awk is really designed to be used in these sorts of situations. It may be the case that this is non-portable -- I only use GNU awk -- but one could potentially use perl if portability is an issue:
a lot of present solutions even break if you have spaces in file names -- and prohibiting that is, in my strong opinion, neither desirable nor realistic.
Agreed, though the article points out an easy solution to that also: a nonbreaking space should be the default for filenames that have spaces (users should not see any difference, although I cannot say with confidence that there are no UIs out there that would display nonbreaking spaces as something other than whitespace).
If you want a full discussion of the problems you can face, see here. (My executive summary is that "if you've used xargs, you've probably used something that is broken -- or at least not general.")
Point taken -- I do actually remember an occasion where I accidentally created a file with a very strange name, and had to spend a few minutes coming up with a way to remove the file. The problem, though, is more relevant to allowable filenames than to shells -- as the article points out, simply forbidding files with malformed names would go a long way toward solving the problem, and there is no good reason for a filename to contain things like control characters or to have a hyphen as its first character.
I can grant this, though: having command instructions in a separate channel from input is a good idea. Although this filenames issue is not quite as bad as SQL injection, it is the same type of problem.
"Does it start at column 40? No? 45? No? How' bout 43?"
What exactly have you been doing with your shell? I have never had anything that approaches this sort of problem; on a few occasions I wind up forgetting which of a handful of columns from the output of "ps" or "ls -l" is the one I want to sort by. Even if you wind up having dozens of columns, I fail to see how object oriented programming is going to help you, since you are still stuck having to remember dozens of fields for whatever class you are dealing with.
Parsing file names in particular is... "interesting". It's basically never worth it to get it actually correct,
Do you have an actual example that you could share? Again, this is a problem that I have never encountered, and I have been using GNU for a long time.