|
|
AAARGH! Correlation is not causation!
Especially when statistics are used like this. You pick several statistics, search for correlation and then "prove" that whatever was done was bad (or good). It does not work that way!
You migh answer some questions first, like how many women did carry a gun and how many rapes did it prevent, before and after. Same with assaults and robberies.
"I'm all for investigation into these technologies... but none of them are mature enough yet to be used in criminal investigations responsibly."
Are you claiming that police cannot use those responsibly? Why not? If they know the technolgy is 99% effective they can question most if not all, but detain only those whose questioning and/or other evidence gives reason for that.
Even with 99.9% detaining and humiliating them would be a horrible thing to do, kids in prison for no reason
"But it is not a behavioral norm to attack our peers."
That is trivial to circumvent. Zimbardo, Millgram, The Third Wave,
This reminds me of the two unknowns: how can a black hole be created if the matter falling to it can never get there? The another one is of course: how can gravitons escape event horizon and attract anything?
I think good theorists can answer both - I cannot either.
007 destroyed his sanity.
Last I checked, the time will slow down so much that you'd never hit the black hole (event horizon), that is, before the universe will end.
But that was "sometime bronze age" so I might be wrong.
XFCE would be enhanced a lot if Compiz would work with it. Ubuntu 10.04 is much nicer looking than Xubuntu 12.04.
You seem to forget how secure boot works: it checks the signature of the boot image (OS loaders & drivers). I propose protecting the boot image and how it is found, by listing the important LBAs or partitions (i.e. the places where the OS loaders and drivers reside and how they are read during boot).
Besides, the EFI is overly complicated.
The firmware does not access a "file" as it does not undestand the file system you use. So you do not need to protect "a file", you can protect whatever the firmware loads, no matter if it is MBC, MBR, GPT, secondary GPT also, or even a list of (thousands of) LBAs - if you really want.
Are you still claiming this cannot be done? Why not?
Er
The problem is that there is no advantage to anyone to have "secure boot".
The "secure boot" does not prevent viruses from writing to the (pre)bootloader, it just notices if it has happened. Then the "notification" or "failure mode" is DoS, your computer won't boot. I'd rather boot with a virus than not boot.
How about a better solution, something that *prevents* viruses from writing over the prebootloader? Something which will not brick your computer at an important meeting?
Solution: There is an unclearable security bit in the disk controller which prevents writing to sector 0. The (pre)bootloader would set the bit in the boot, unless the boot is from USB (or a key was pressed), thus allowing OS installers to write the sector 0. All the advantages of "secure boot" and none of the disadvantages.
There is NO security in "secure boot"
1. What does it secure against? Viruses in (pre)bootloader, nothing else.
2. How does it secure? By DoS (disabling the boot).
1. Hugely better way would be the disk controller to disable writing to the first sector of any drive.
2. That would prevent viruses from writing into the disk in the first place.
This would work as follows: the (pre)bootloader would set an uncleareble security bit in the disk controller which prevents writing to the sector 0. If the boot is from USB (or a key was pressed, etc.) then it would not set the bit, thus allowing OS installers to write the sector 0.
I disagree with you whemently.
Two or three, or seven, computers do not help if there is a SW bug. And don't give me "separate teams making different SW" bullshit, it has been proven that they all make the same mistakes.
Formal proving? It is neither necessary and the assumptions the proof takes are usually far too lenient.
The web browser, while complex, should not be designed so that every line of code is potential security breach - so big a hole that just looking at a textual input will give attacker whole access to your computer. Are you really claiming that using proper runtimes (managed, "jail", unprivileged,
You will never secure a computer as long as you use C/C++ - that I agree.
What they did wrong with Java, I don't know, have not been following. It must have been huge architectural and desing and programming culture flaw.
From the other side: houses are still being build lousily because the builders don't give a damn. Sam applies for software. I have never seen a single piece of code that has been well written. Well, perhaps one or two exceptions in the millions of software packages there are.
A decent architecture, whether SW or a building, can make a huge difference. Now code is written so that in practice every line in the whole browser or Java or any other runtime is potential security hole. It shouldn't be that way. There should be insulation+moisture barrier / firewall-kinda-IF to the Internet.
There is something fundamentally flawed with Java - it has all the required systems in it to make it safe - but it apparently is completely opposite. I have no clue where they (designers and programmers of the crap) went wrong.
Same with the Mozilla - it once claimed to be safer than IE because it uses C++ Strings. That was a revelation to me, I realised it isn't a bit safer - as can be seen right now.
Check Olkiluoto 3. The delays are not due to "abuse of legal system" nor due to "leadership vacuum" - unless you consider Areva as not having enough leadership.
"Facts are stupid things." -- President Ronald Reagan (a blooper from his speeach at the '88 GOP convention)