Then everyone gets banned, and when they complain, you say, "We told you to install the latest service packs and antivirus software." It will not take a long time before people start taking responsibility for themselves. For incoming freshman, that can be a part of orientation: instruction on how to get their system set up to meet university standards. This is exactly how things worked when I was an undergrad, until the computer center started with the CSA nonsense -- and once they started imposing a CSA, all it accomplished was annoying everyone.
What about BSD or Solaris users? A minority, yes, but why should they be discriminated against? What about someone running Linux on a PS3 (PowerPC arch)?
Yeah but what happens to undergrads who live in dorms on campus, and want to be able to do their work from "home?" Or graduate students who install Linux on their laptop, and want to do some work in a library on campus (which is presumably not part of the CS network)? It would certainly irritate people if they were forced to be physically in the CS department in order to get their work done.
Actually, there is a very easy answer: just ban any node that is disrupting service for another user. If your network is so vulnerable to attack that you need to worry about an individual user's laptop having a virus, then what will you do when a rogue user is actively attacking some system on campus (say, the systems that process grades)?
Really, hassling users with this crappy software is not a solution to the problem of security. It just annoys everyone, even people who are computer illiterate.
The acceptable usage policy posted above states that the university has the right to search your machine if you are accused of an academic honesty violation. Nobody is saying that you IT people will search everyone's machines; rather, the concern is that you will reserve the right to search anyone's machine at any time. If users are required to install a mystery program in order to access the network, then it is trivial to force a specific user to install a backdoor.
Actually, it is an excellent analogy. In New York City, if you have a large bag and you want to ride the subways, the police department will demand to search the bag (they cannot do this for everyone, so usually they start with people who "look like" terrorists). You are within your rights to refuse the search, but then, you cannot ride the subway.
Why should anyone have to consent to allow their computer to be searched by strangers? Just ban any node that is misbehaving, and there is nothing more than needs to be done. We do not need IT staff holding our hands, and more importantly, we specifically want IT to not hold our hands.
Hey, here's an idea you might not have thought of: ban machines that are causing problems. If that is a problem for the person whose machine gets banned, let them bring their machine to help desk, so you can give them a slap on the wrists. Why should anyone else have to deal with your nonsense?
A problem we had at my school was that the Linux CSA was distributed as a binary executable, and it had been compiled on RHEL5. Fedora 8+ did not work because of newer libraries, new versions of Ubuntu did not work, and other distros failed really hard.
We also had a small group of BSD users who were left completely out in the cold, and an even smaller group of OpenSolaris users who were also unable to register. That is the problem with these CSA programs -- they cannot work for everyone. The previous policy was a lot better: if you did something that actually harmed others' use of the network, then you were kicked off. No registration, no muss, no fuss -- just a simple policy that left everyone happy. I have no idea why that policy was dropped.
No, because then users with slightly less technical ability will still end up screwed. The computer center should be forced to face the reality that not everyone is a complete moron, and that they are capable of managing their own computers. If they are worried that one user might cause service problems for another user, they should rethink the way they built their network.
Policies like this just discourage people from ever trying anything different. New Linux users are quickly discouraged when they cannot access the Internet because of some arbitrary network access tool that was designed for Windows. Even if they won't listen, you should complain that you cannot run their CSA on your computer because you are a Linux user, and you are not willing to switch to Windows. Force them to at least acknowledge the existence of such people.
Maybe at a very small school without a CS or engineering program. Where I went to school, if the computer center had tried to prevent people from running Linux, they would have had to deal with hundreds of professors' complaints.
NDAs on security related software scream of "security by obscurity." NDAs on software used for law enforcement or government work means that the citizens do not have the right to inspect their own government (national security issues aside, we should expect such a right).
Yes, your competitors have the right to see how your software works. You have the right to see how their software works. You might choose to not grant them the right to redistribute your software, which is something that copyrights are strong enough to enforce.
I will not trust this move for a few years, until it is clear that Microsoft is not entering the usual embrace/extend/extinguish cycle. There is a lot of room for that in ODF...
What I want to know is, what are the limits? If I find a way to improve service (say, lifting a bandwidth cap), would they still be supportive and boastful? Or would I go from volunteer tech support status to dangerous hacker criminal?
Except that, FTA, Greenlight is not using tax dollars to subsidize the service. The service is paying for itself. It is not as profitable as TWC, but it is still profitable. Simply put, TWC does not want to actually compete with anyone -- they want to maintain the monopoly they have on high speed Internet services.
The problem is that a lot of botnet malware behaves like a normal, run of the mill program. You cannot make the claim that a program should be unable to execute code, connect to a server over the Internet, and modify its execution path based on what the server does. Nor can you prevent programs from sending emails. Nor can you prevent a program from installing software if it has appropriate root/administrator privileges.
The only solution, really, is for your users to not download malware. Good luck with that one....
Something very similar is already done by many Linux distributions. For example, Fedora/Red Hat Enterprise Linux/clones all use GPG to check digital signatures on packages against a public signing key that is unique for each repository. The problem is that users can still be convinced to import signing keys from "rogue" repositories or convinced to just allow bad/nonexistent signatures.
Of course, this is not a true fix anyway. There is no reason that someone cannot just write a program that does the same thing as the installer, but without any checks. Users can be convinced to enter root/administrator passwords as needed by such programs.
Really, this is not something that can be solved by OS programmers or by user education.
Well keep in mind that, the way most economic models work, if you fail to capitalize on something, you have lost money. Actually, as I learned it, if you have two profit making options, and fail to choose the one with the greater potential for profit, you have turned a loss in the model, even though you technically turned a profit. Something like that, anyway -- it sounds no more logical now than when I first learned it.
The RIAA has the potential to make millions of dollars by restricting the redistribution of its music; thus, granting legal permission for unrestricted redistribution amounts to a multimillion dollar cost for any given song, even though the real cost of doing so is very small (thousands of dollars for electricity and an Internet connection).
I recall an experiment involving a human-cow hybrid; specifically, human nuclear DNA and cow mitochondrial DNA. The embryo was allowed to grow to 16 cells before being destroyed, and there were a lot of cries about the ethics of such experiments.
Microsoft has not been quiet for ages. For the past decade, they have been making one false claim after another about using Linux -- always centered around the idea that there is some sort of hidden cost that will bite you later on if you use Linux. What makes this newsworthy is that Microsoft has changed their focus -- they are now more afraid of Apple than the Linux crowd (again).
Most people I know do not buy a Mac, because they just want a web browser and a computer that can download photos from their camera -- both Windows and Mac OS X have been more than capable of doing this for years now. If that is all someone wants, why would (not "should") they pay more for Mac OS X?
Better from a technical perspective, but irrelevant from the user's perspective. If the superiority of Mac OS X was relevant to the majority of home computer users, Apple would have a bigger market share. It is unfortunate, but most people really do not care, as long as their computer is capable of running a web browser -- so they go for the product that costs less, and that comes preinstalled on their computer. Mac OS X, with its high price tag, will remain in the minority, and Linux will lose because it does not come preinstalled, despite being gratis (from the end user perspective, if something came preinstalled, then it is free -- the cost was rolled into the price tag, so they never really see what they paid for their software).
Arguments for quality and freedom fall on deaf ears.
"Why the hell is the EFF on this case?"
Because of the precedent. The police in this case painted a picture of a scary hacker who has multiple operating systems, multiple usernames, and is an expert in computer science, all of which is used to support the probable cause accusation. If that is allowed to fly, then many Slashdot users would be in danger whenever any connection could be drawn between them and any computer crime. We do not want to live in a world where computer science is treated like black magic and hackers become the subject of a witch hunt; well, at the very least I do not want to live in such a world.
Visual J++ would, at best, have made the Java language (that is, the grammar) popular; it was missing key libraries like RMI and JNI, both of which would have been critical for cross-platform desktop development (yes, JNI is included in that; for example, to call OpenGL, or to write a library for interacting with Python). The entire point of Java was to be cross platform, so why should we accept Microsoft doing to Java what they did to ECMAscript? The last thing we would want is to try to maintain two separate codebases, one for Sun and one for Microsoft.
The thing is, software does not really get old. Windows XP SP2 works as well today as it did when SP2 was first released, and there if it is working for businesses, then those businesses would be well advised to just stick with what works. A lot of Windows installations are on systems that are only used to run a few specific software applications, and not for composing documents or interacting with files on the hard drive.
I guess the real problem is that Microsoft keeps trying to make one-size-fits-all operating systems, when the market seems to be diverging a bit. A lot of businesses really do not need most of the features in Vista or Win7, or in OS X or KDE4, and would rather be able to just hang on to a more bare-metal OS that runs the applications they need and nothing else. This is perhaps a growing window of opportunity for Linux, since it is trivial to strip out "advanced" features of a Linux distro and get a plain vanilla desktop; if Wine becomes capable enough to run these business critical applications, we might start to see migration away from Windows, unless Microsoft extends XP support or creates a special "Windows 7 Bare Metal edition" (Windows BM?).
Of course, that is assuming that those businesses are even planning a migration. There are still places where DOS is being used for critical applications...
Then everyone gets banned, and when they complain, you say, "We told you to install the latest service packs and antivirus software." It will not take a long time before people start taking responsibility for themselves. For incoming freshman, that can be a part of orientation: instruction on how to get their system set up to meet university standards. This is exactly how things worked when I was an undergrad, until the computer center started with the CSA nonsense -- and once they started imposing a CSA, all it accomplished was annoying everyone.
What about BSD or Solaris users? A minority, yes, but why should they be discriminated against? What about someone running Linux on a PS3 (PowerPC arch)?
Yeah but what happens to undergrads who live in dorms on campus, and want to be able to do their work from "home?" Or graduate students who install Linux on their laptop, and want to do some work in a library on campus (which is presumably not part of the CS network)? It would certainly irritate people if they were forced to be physically in the CS department in order to get their work done.
Actually, there is a very easy answer: just ban any node that is disrupting service for another user. If your network is so vulnerable to attack that you need to worry about an individual user's laptop having a virus, then what will you do when a rogue user is actively attacking some system on campus (say, the systems that process grades)?
Really, hassling users with this crappy software is not a solution to the problem of security. It just annoys everyone, even people who are computer illiterate.
The acceptable usage policy posted above states that the university has the right to search your machine if you are accused of an academic honesty violation. Nobody is saying that you IT people will search everyone's machines; rather, the concern is that you will reserve the right to search anyone's machine at any time. If users are required to install a mystery program in order to access the network, then it is trivial to force a specific user to install a backdoor.
Actually, it is an excellent analogy. In New York City, if you have a large bag and you want to ride the subways, the police department will demand to search the bag (they cannot do this for everyone, so usually they start with people who "look like" terrorists). You are within your rights to refuse the search, but then, you cannot ride the subway.
Why should anyone have to consent to allow their computer to be searched by strangers? Just ban any node that is misbehaving, and there is nothing more than needs to be done. We do not need IT staff holding our hands, and more importantly, we specifically want IT to not hold our hands.
Hey, here's an idea you might not have thought of: ban machines that are causing problems. If that is a problem for the person whose machine gets banned, let them bring their machine to help desk, so you can give them a slap on the wrists. Why should anyone else have to deal with your nonsense?
A problem we had at my school was that the Linux CSA was distributed as a binary executable, and it had been compiled on RHEL5. Fedora 8+ did not work because of newer libraries, new versions of Ubuntu did not work, and other distros failed really hard.
We also had a small group of BSD users who were left completely out in the cold, and an even smaller group of OpenSolaris users who were also unable to register. That is the problem with these CSA programs -- they cannot work for everyone. The previous policy was a lot better: if you did something that actually harmed others' use of the network, then you were kicked off. No registration, no muss, no fuss -- just a simple policy that left everyone happy. I have no idea why that policy was dropped.
No, because then users with slightly less technical ability will still end up screwed. The computer center should be forced to face the reality that not everyone is a complete moron, and that they are capable of managing their own computers. If they are worried that one user might cause service problems for another user, they should rethink the way they built their network.
Policies like this just discourage people from ever trying anything different. New Linux users are quickly discouraged when they cannot access the Internet because of some arbitrary network access tool that was designed for Windows. Even if they won't listen, you should complain that you cannot run their CSA on your computer because you are a Linux user, and you are not willing to switch to Windows. Force them to at least acknowledge the existence of such people.
Maybe at a very small school without a CS or engineering program. Where I went to school, if the computer center had tried to prevent people from running Linux, they would have had to deal with hundreds of professors' complaints.
NDAs on security related software scream of "security by obscurity." NDAs on software used for law enforcement or government work means that the citizens do not have the right to inspect their own government (national security issues aside, we should expect such a right).
Yes, your competitors have the right to see how your software works. You have the right to see how their software works. You might choose to not grant them the right to redistribute your software, which is something that copyrights are strong enough to enforce.
I will not trust this move for a few years, until it is clear that Microsoft is not entering the usual embrace/extend/extinguish cycle. There is a lot of room for that in ODF...
What I want to know is, what are the limits? If I find a way to improve service (say, lifting a bandwidth cap), would they still be supportive and boastful? Or would I go from volunteer tech support status to dangerous hacker criminal?
Except that, FTA, Greenlight is not using tax dollars to subsidize the service. The service is paying for itself. It is not as profitable as TWC, but it is still profitable. Simply put, TWC does not want to actually compete with anyone -- they want to maintain the monopoly they have on high speed Internet services.
For 10M up?! On a good day, I get roughly 256k up with TWCNYC, and I pay well over $100 for it.
The problem is that a lot of botnet malware behaves like a normal, run of the mill program. You cannot make the claim that a program should be unable to execute code, connect to a server over the Internet, and modify its execution path based on what the server does. Nor can you prevent programs from sending emails. Nor can you prevent a program from installing software if it has appropriate root/administrator privileges.
The only solution, really, is for your users to not download malware. Good luck with that one....
Something very similar is already done by many Linux distributions. For example, Fedora/Red Hat Enterprise Linux/clones all use GPG to check digital signatures on packages against a public signing key that is unique for each repository. The problem is that users can still be convinced to import signing keys from "rogue" repositories or convinced to just allow bad/nonexistent signatures.
Of course, this is not a true fix anyway. There is no reason that someone cannot just write a program that does the same thing as the installer, but without any checks. Users can be convinced to enter root/administrator passwords as needed by such programs.
Really, this is not something that can be solved by OS programmers or by user education.
Well keep in mind that, the way most economic models work, if you fail to capitalize on something, you have lost money. Actually, as I learned it, if you have two profit making options, and fail to choose the one with the greater potential for profit, you have turned a loss in the model, even though you technically turned a profit. Something like that, anyway -- it sounds no more logical now than when I first learned it.
The RIAA has the potential to make millions of dollars by restricting the redistribution of its music; thus, granting legal permission for unrestricted redistribution amounts to a multimillion dollar cost for any given song, even though the real cost of doing so is very small (thousands of dollars for electricity and an Internet connection).
I recall an experiment involving a human-cow hybrid; specifically, human nuclear DNA and cow mitochondrial DNA. The embryo was allowed to grow to 16 cells before being destroyed, and there were a lot of cries about the ethics of such experiments.
Microsoft has not been quiet for ages. For the past decade, they have been making one false claim after another about using Linux -- always centered around the idea that there is some sort of hidden cost that will bite you later on if you use Linux. What makes this newsworthy is that Microsoft has changed their focus -- they are now more afraid of Apple than the Linux crowd (again).
Most people I know do not buy a Mac, because they just want a web browser and a computer that can download photos from their camera -- both Windows and Mac OS X have been more than capable of doing this for years now. If that is all someone wants, why would (not "should") they pay more for Mac OS X?
Better from a technical perspective, but irrelevant from the user's perspective. If the superiority of Mac OS X was relevant to the majority of home computer users, Apple would have a bigger market share. It is unfortunate, but most people really do not care, as long as their computer is capable of running a web browser -- so they go for the product that costs less, and that comes preinstalled on their computer. Mac OS X, with its high price tag, will remain in the minority, and Linux will lose because it does not come preinstalled, despite being gratis (from the end user perspective, if something came preinstalled, then it is free -- the cost was rolled into the price tag, so they never really see what they paid for their software).
Arguments for quality and freedom fall on deaf ears.
"Why the hell is the EFF on this case?" Because of the precedent. The police in this case painted a picture of a scary hacker who has multiple operating systems, multiple usernames, and is an expert in computer science, all of which is used to support the probable cause accusation. If that is allowed to fly, then many Slashdot users would be in danger whenever any connection could be drawn between them and any computer crime. We do not want to live in a world where computer science is treated like black magic and hackers become the subject of a witch hunt; well, at the very least I do not want to live in such a world.
Visual J++ would, at best, have made the Java language (that is, the grammar) popular; it was missing key libraries like RMI and JNI, both of which would have been critical for cross-platform desktop development (yes, JNI is included in that; for example, to call OpenGL, or to write a library for interacting with Python). The entire point of Java was to be cross platform, so why should we accept Microsoft doing to Java what they did to ECMAscript? The last thing we would want is to try to maintain two separate codebases, one for Sun and one for Microsoft.
The thing is, software does not really get old. Windows XP SP2 works as well today as it did when SP2 was first released, and there if it is working for businesses, then those businesses would be well advised to just stick with what works. A lot of Windows installations are on systems that are only used to run a few specific software applications, and not for composing documents or interacting with files on the hard drive.
I guess the real problem is that Microsoft keeps trying to make one-size-fits-all operating systems, when the market seems to be diverging a bit. A lot of businesses really do not need most of the features in Vista or Win7, or in OS X or KDE4, and would rather be able to just hang on to a more bare-metal OS that runs the applications they need and nothing else. This is perhaps a growing window of opportunity for Linux, since it is trivial to strip out "advanced" features of a Linux distro and get a plain vanilla desktop; if Wine becomes capable enough to run these business critical applications, we might start to see migration away from Windows, unless Microsoft extends XP support or creates a special "Windows 7 Bare Metal edition" (Windows BM?). Of course, that is assuming that those businesses are even planning a migration. There are still places where DOS is being used for critical applications...