Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:Master key (Score 4, Insightful) 69 69

Cryptography and physical security are often similar, but in other areas, they differ. Encryption algorithms are either extremely secure, or not worth the time in using them because every few years, CPU power doubles to attack them.

Plus, with physical security, there is "good enough". I use an el cheapo Master warded lock on a chicken coop door... because it is nuisance protection. Same reason I use a six pin American lock on the gate. If it resists bumping or quick attack, good enough. Even with high security locks, their main function is mainly to work as a "seal", to show that if there is a break-in, there is physical evidence to show it is the case. A kicked in door, insurance will pay a claim. A picked lock? The claim almost certainly will be denied.

Encryption isn't like that. Either it keeps everyone out, or it keeps nobody out.

Comment: Re:Just in time (Score 1) 174 174

The server side has been interesting as well. Windows Server 2000 was a major jump in features from NT 4 SP 340, Windows Server 2003 was fairly minor. Windows Server 2008 had a big step, mainly BitLocker, and wbadmin.msc.

Windows Server 2016 has some interesting features. Storage Spaces is evolving to be a serious ZFS competitor, BitLocker is probably one of the most usable drive encryption mechanisms out there, and the shift to no GUI available on the OS install (it can easily be added later) is a nudge to going to PowerShell. Finally, Windows finally supporting SSH is a good thing.

Even though it isn't as visible as Windows 10, Windows Server 2016 brings a lot of interesting features, and Storage Spaces Direct is an interesting alternative to the SAN, although real world tests have yet to be seen.

Comment: Re:Why nobody cares about Zune (Score 1) 292 292

I have a Zune as well, with a docking station. Price? $0, since it was a prize. I will say this: It is surprisingly well made, and its UI wasn't bad, although the ring is just a four position switch, and not usable in the same fashion as the iPod's swiping.

However, there is one thing that absolutely killed it, and it was as described above: The requirement to use special software to copy files to it. It also make the Zune pointless for schlepping files between places. The fact it used an oddball connector (very similar to the Apple 30 pin... but different) didn't help either. Yes, an iPod required iTunes (well, after MusicMatch was killed), but it mounted as a HDD and one could copy files to and from it at will.

One thing that took me by surprise with MP3 players was the initial capacity growth for a bit... then towards the end, all but the Zune and iPod Classic with 160 GB stayed in production. There were other players that had a good amount of capacity, but wound up being discontinued after a while. Good players which required zero drivers, and could either mount as a USB drive or use MTP to copy files.

Comment: Re:Harbingers? or just early adopters? (Score 1) 292 292

Exactly. Sometimes products fail because they there isn't a mass market for them at the time.

Take the Creative Nomad Jukebox which came out in ~2001, which is about the size of a CD Walkman, and shipped with six GB of space for tracks. It was a quite usable unit. However, it didn't really have a market because of its size, and lack of battery life. The original iPod was an incremental improvement over it... but brought decent battery life and a smaller size to the table, which is why Apple was initially successful with it.

Another example are smartphones. Windows Mobile was a very popular smartphone OS, but because it was designed around using a stylus, it became outdated the second the iPhone was announced. Even though it did more than the original iOS revs did for a few iterations, it wound up on the wayside eventually because the people coming into the smartphone market had expectations of finger-friendliness, online App Stores, and other items.

Comment: IMHO, can't hurt to have multiple social networks. (Score 1) 286 286

It can't hurt to have multiple social networks. Maybe some agreement can be reached that user@socialnet1 can do messaging and interaction with user@socialnet2 [1]. This way, no cat or food pictures pictures go unmissed.

Even without interaction between them, just having an alternative to what is out there is a good thing.

[1]: Reinventing E-mail, IRC, and NNTP pretty much.

Comment: Re:Throw it all out (Score 1) 448 448

The closest we came to that was the first NeXT machine which had an optical drive (or perhaps two), and initially, no hard drives.

Application level, we did have U3 for a bit, which would do similar... run a program, then it would exit when the USB flash drive was yanked.

I wouldn't mind some form of hypervisor where the desktop OS would be like ESXi, except with the ability to use the console for graphics with VMs. This way, it is a lot harder for a rogue program to jump from a client OS to hardware.

Comment: Re:This is a GODDAMN DISASTER! (Score 1) 178 178

With most other currencies, there is always the chance that once a payment is done, it can be taken away. For example, you sell something on $AUCTION_SITE, get paid via credit card, then find the CC company slurped the money back out, as the credit card owner has disputed the charge... now it is your job to sue the individual and get your cash back, although you were technically "paid".

Or, you get a check, cash it, and get a NSF charge because of it bouncing.

Even cash has this problem. You take a $20, only to find it is a $1 note, except someone cut and pasted a part from a higher denomination bill on that, or the bill could be an entire counterfeit.

The good and bad about BitCoin is that once the transaction is made and runs through the system, it is permanent. No backtracking. That currency has transferred hands irrevocably, and outside of breaking cryptographic protocols, there is no reversing it, so a wallet with coins can have them pulled out without the wallet's private key.

If one knows that, and always takes that into account, it makes one extremely leery of exchanges and "BitCoin bank accounts", because eventually, someone is going to make off with the goodies, and there is nothing anyone can do about it. Caveat emptor.

This doesn't mean BitCoin is perfect either. If you want to be sure you are not going to on the losing end of a double-spending, you have to run the entire blockchain before accepting a transaction, and this takes a lot of time and a good net connection. Any shortcuts only can cause grief in the long run. BitCoin was designed so you didn't have to trust anyone, so might as well take advantage of it.

Comment: Re:both will produce "literature"? (Score 4, Interesting) 50 50

With the boilerplate novels and cookie-cutter movies being cranked out, I wonder if a computer would eventually be a better writer/artist than what we have now.

One could even add music into the list as well, where a marketing person could click on an interface, randomly select what an album would have for songs, and the computer would create a band (name, color scheme), write the lyrics, compose the pieces, even pick people from YouTube who would become the band members. Or toss the physical band members, have an avatar like Miku and call it done. Pop music can just be relegated to a cronjob that fires off, weights lyrics on statistics gleaned from ad sites and news articles, makes the songs, mixes/masters the album, and spits out music for the music stores, no human effort needed in the creativity process.

Similar with movies. The computer would grab weighting on what social topics are being thought about when the movie is created (so the movie has some impact), create some characters, follow a meta-script to generate the dialog, generate terrain and scenery render the scenes and CGI action, and out pops a blockbuster hit at the push of a button, no actors needed.

Comment: Re:kernel developers on Macs - that would be me (Score 1) 357 357

I will give credit that Apple hardware is pricy.

However, Apple has one thing at the consumer [1] level... and that is very good CS. For someone nontechnical who is using their computer as their way of earning their living, if something glitches on a PC, generally they may rack up a hefty support bill. If they get an odd glitch on a Mac, Apple supports the hardware, OS, maybe even the application, so the infernal "everyone points fingers at each other" syndrome tends to be less of an issue.

With a new Mac, someone can pay a C-note and get a year's worth of handholding so they get some knowledge of how to do a task. For people like this, it isn't about the computer, it is using the machine to get the job done, be it music production, video editing, photography, or other items. For Slashdot readers, this isn't something that would be considered, but there are a lot of people who just want to buy the tool to do their work, even if it costs more. For example, MAC and Snap-On tools are more expensive than what comes off the boat to a Harbor Freight store... but the expensive tools tend to be better in the long run since they last longer, and if they do break, there is a no questions asked warranty. Similar with Macs.

[1]: Business level, it is completely different, because enterprise service is quite good from PC vendors... but this isn't relevant for most users.

Comment: Re:Looking to move off of iTunes (Score 1) 357 357

I'm the same way. If the music management program can tell the difference between 2-3 versions of the song, but are different remixes, as well as not overwrite the lossless version of a song with a MP3, I'm happy.

I used to worry about tags... but these days, I have so many other things on my plate that if some software can do the grunt work, so much the better.

Comment: Re:No way in hell (Score 1) 140 140

I hope that is the case. The fewer plug-ins, the better. Right now, if I wanted to watch a video on a web page, it may be in HTML5, it might be HTML+DRM, it may be in Quicktime, it might be in Silverlight, Java, RealAudio, or of course, Flash.

Even if we dispensed with all the plugins and the world magically ran on standards built in all browsers, there are always still security issues. Especially if they give any website it touches full access to hardware, which means it has the option of reflashing firmware or other nefarious tasks. All malware needs is a user context, or just the web browser's context (so it can use the browser for keylogging info in all windows.)

Browsers have to have more thought about security than even firewalls, because they have to deal thoroughly with untrusted, if not hostile code that can try to do anything (jam the CPU, spam dialogs.) The browser in itself really can't do it. It really needs help from the OS for separation, either via policies like SELinux or IE's Low context, or be placed in a sandbox or VM where all writes are virtualized safely away from the rest of the machine.

Comment: Re:No way in hell (Score 3, Interesting) 140 140

Here is the big question: How do the plugins (Flash, Shockwave, Java, Acrobat, DRM video players) run? Are they running in the same context as the browser (like current IE), run in a separate process (like Firefox), or run in a more isolated VM where each tab and window is in its memory space (Chrome)?

The Web browser is the first source of attack, and one of the primary means for malware to get on a system. Even with the low security context that IE had starting in Vista, that wasn't sufficient for isolation. It almost takes running the browser in a sandbox (sandboxie) or a complete VM (with its own filesystem) to protect a machine against browser weaknesses, just because a browser is always in constant contact with untrusted code.

I hope MS designs Edge with a lot more isolation (so a compromised add-on in one window can't attack another window or tab), because when designing a new browser is the only real time that they can do it right with security, as opposed to reactively fight fires, as with IE.

Comment: Re: Our saving grace, perhaps? (Score 1) 36 36

There has been a few cases where I've ended up doing a V2P migration (which is extremely rare, but usually for something that, by policy, has to be on its own hardware, or that I create the VM and get the app in place and tested, then image it to a machine's bare metal for production use via WIM or another mechanism.) I'm sure these will leave the VMWare client files running, but not doing anything, similar to how a Hyper-V to VMWare migration leaves the Hyper-V files present.

In fact, if one turns on Hyper-V in Windows 8 and newer, it might register as a VM to malware, even though it essentially is just a single instance.

Ideally, depending on environment, I've found that separating the system from programs under Windows is tough. Reinstall the system, and most programs will need to be reinstalled due to Registry entries missing. Some programs can allow this (mainly MMOs, oddly enough -- WoW, Rift, EQ, and EQ2 can be split off and run on a Windows instance without reinstallation), but most won't. So, for Windows, keeping one's data separate is more of a focus than splitting the application from the OS.

OS X has a similar issue (mainly because /Applications can't really be moved to a separate partition [2], but I could be wrong.) However, it is easy to move /Users to another partition.

Other operating systems, a system, application, and data separation makes sense. In AIX, this is something you are supposed to do, so you can have multiple rootvgs available [1]. Linux, it is good as well, since you can split /opt off and reinstall without affecting applications.

[1]: In high security installs of AIX, no process has root. UID 0 can be configured to be just a schmuck user. To update these where no process has the ability to install software, the rootvg needs to be rebooted, another instance of AIX loaded that will do the OS updates to the secure one, then the machine (or LPAR) gets booted back to the secure OS root.

[2]: Wish Apple would bite the bullet and add ZFS into OS X as a root filesystem (and not via FUSE.) This way, it really doesn't matter where what data is physically located where, other than the code for booting.

Comment: Re:BECAUSE IDIOTS PAY IT! (Score 1) 36 36

I read people saying the exact same thing about Macs, with statements that OS X is "100% secure". After recent events, I don't read much about that (although with the fact that most Mac programs are downloaded from a secure repo does help put the kibosh on Trojans.)

Linux isn't bulletproof. There are new programs that wind up even in enterprise distros that can wind up being avenues for remote attack. Plus, Firefox under Linux will behave the same if compromised just as Firefox under Windows does. I do agree the AdBlock/ghostery/noscript addons are the most important frontal defense, arguably more important than an AV program, but nothing is completely secure, not even on Linux.

This isn't to bash Linux... but it isn't invulnerable, especially if it started picking up traction on the desktop.

The price one pays for pursuing any profession, or calling, is an intimate knowledge of its ugly side. -- James Baldwin