2200 posts • joined Monday 31st May 2010 16:59 GMT
Your assumption would be incorrect. For quite some time now the number of malicious domains being registered has /far/ outpaces the number of legitimate ones. A true whitelist versus blacklist comparison five years from now would likely find the whitelist an order of magnitude smaller than the blacklist.
It's one of the reasons I vote for the whitelist approach: there's simply no reasonable way to keep up with all the malicious or illegal traffic that's out there. We have reached that point where it’s actually /less effort/ to vet every website in existence than to try heuristics, pre-scanning, or educating users as to the quite literally THOUSANDS of different kinds of threats for MILLIONS of different malicious domains.
If there were only a few thousand, or even a few hundred thousand “bad” domains then a blacklist would make perfect sense. As it stands, even if you subscribe to myriad blacklists simultaneously you are exceptionally lucky if you get 75% coverage. The defences we have – from anti-malware and blacklists to heuristics – are inadequate. They aren’t coping with the onslaught, and if we don’t come up with a different approach they will fail.
That’s not an attempt to be a doomsayer on my part; it’s an observation based on decades of experience. We aren’t winning this war. In fact, despite all the advances in technology I would have to say that we are /less/ secure than we were ten eyen ago. While we are no longer vulnerable to the threats that existed then, there are at least an order of magnitude of new and interesting threats today.
Many of them aren’t even technological. They are social engineering traps. Phishing scams, password scams, or even things to trap you into take an endless series of surveys to pump some scammer’s numbers with a dodgy advertising company.
I believe we honestly are at the point that it is less effort to identify the legitimate traffic and discard all the rest. Even if building that list has to be done one site at a time.
I wonder if a security firm will be shopping for AMD?
I begin to wonder how many folks finish articles before commenting.
I’m guilty of it myself sometimes: jumping straight into the comments section without really being thorough on the reading part. There are a couple of things I’d like to point out to all the folks who are Heap Big Angry at the ideas in the article.
The first is that I in no way believed that whitelists should be /mandatory/. I think that they should be something that folks have the choice of opting into or not, as they see fit.
The second is that in some situations whitelists really do make sense. A great example being business internet usage. Businesses have very little reason to communicate with a lot of the dangerous, offensive or even borderline offensive sites out there. A global whitelist or five, run by companies who take the time to hunt down and verify the businesses behind the websites would go a long way towards separating the signal from the noise.
The third thing I’d like to bring to everyone’s attention is that this is not a suggestion as “the ultimate solution,” but rather as a replacement for the blacklists of domains currently used as part of any proper defense in depth. Yes, whitelisted sites can be compromised, (see Apple,) but that is where the other elements of your defense in depth are (hopefully) going to save you.
The goal is to minimize your exposure to compromised sites by only dealing with websites that meet whatever arbitrary standard defines the whitelist to which you are subscribing. In my perfect world, there would be several whitelist providers, all with different standards in order to meet the differing needs of the corporations and individuals who would like to subscribe to them.
Lastly, I’d like to talk about the censorship bit. Properly run, with very stringent standards set outright at the creation of the whitelist, and rigidly adhered to, it should be possible for anyone who feels they have been improperly left off of a whitelist to add themselves. If the whitelist explicitly states that they will not be adding porn sites to the list, then I am sure Bob’s BDSM website isn’t going to get on the list. That new toilet paper cleaning company trying to make a name for itself probably could get verified and added to the list.
Despite the anger, the beginnings of this process already exist. There are initiatives out there to certify websites, from various categories of /very/ thoroughly checked SSL certificates to “site seals” provided by various organizations who do the hard work of verifying the legal existence of the individuals or corporations behind the registration and operation of a domain.
Where this falls down is that firstly, no big push has been made to increase the number of websites participating in these ventures; very few sites are part of such programmers today.
Secondly, there is no way (currently) through either a browser plugin or firewall addition to limit yourself to viewing only websites which have passed muster at one of these verification organizations.
What I would like to see corporately is exactly that: if your website has passed muster with selected “site seal” checking organizations, we’ll let our users view it. If not, we’ll dump the user on a landing page that says “the website you want to view has not been certified and is potentially malicious.” It would then allow the user to click through, but would by default disable all scripts etc. from that domain.
Easy, pain-free browsing whereby we generally “trust” certified websites, and many warnings and default total distrust of websites that haven’t been checked out. Think of it sort of like noscript meets web of trust meets malwaredomains.com implemented as an opt-in right from the corporate firewall.
I am sure that looks like censorship to some, but don’t forget that censorship is something forced on people. What I am suggesting is not
And yes, I still schlep my files off with floppies. I will use it until it dies such that it can't be revived any more. It was my first >personal< computer. Not the family computer...mine. I owe my livelihood to that machine.
Now don’t get me wrong; I certainly have more modern gear…but this is the system that sits on my nightstand and awaits my various ponderings which amazingly, you folks actually read.
Boggles the mind.
Well there we go.
I think I've hit my limit on doses of the totally random for the week. I am currently in the middle of building 20 routing/VPN/firewall/etc. VMs, configuring a bunch of new domain controllers whilst fighting with Certificate Services, Office Communications Server and what I think are some bad routes on my ISP's side.
There is something completely surreal about working intensely for 12 hours on that, (in a city that's covered in chokingly thick smoke from the forest fires a province over,) and then popping up for a breather only to read an article like that.
My entire conscious mind just threw up a parse error, dumped the core and rebooted. Now I have to run memtest to see if there’s a bad DIMM up there which will take all bloody nig---zzzzzzzzzzzzzzzzzzz…….
Well Lewis, that was a deeply disturbin spin on what I think is probably a potentially very cool (and useful) technology.
I may not sleep well tonight. Carry on then...
Every comment I post here is posted from a VM hosted on that little home server. All my articles are proofed on that server.
It's an AMD Athlon II X3 400e. 45W TDP, but I've only ever seen it hit 90% load under some exceptional circumstances. (Those circumstances being when I am RDPed into a virtual machine hosted on that server, and using VNC from within that RDP session to manipulate VLC playing a 1080p video on the host operating system from teh software RAID 5 of 4 1.5TB disks.)
I think the 4 DIMMs eat more than the CPU on a regular basis.
The motherboard is an ASUS M48785M. Integrated video, decent but not spectacular everything else. No optical, crappy super-low-power single platter 2.5" OS disk, and 4x Seagate 1.5TB Junkers I had laying around that are probably the biggest power draw in the whole system.
PSU is a ridiculous Sea Sonic SS-400FL that I don't think I've ever actually head the fan spin up on. I use a Kill-A-Watt to judge my idle, average and fully loaded power draws.
Operating system is Windows Server 2008 R2 Standard; this raises the cost if you use it, but frankly you could do this on CentOS if you were less lazy. (I have a Technet Subscription, so…)
VMs are hosted using VMWare Server 2, and the native software RAID in Server 2008 R2 blows. (Another good reason to use Linux.) Seriously though, even though both my VMs have their VMDKs hosted off of the software RAID 5, the system is perfectly usable even whilst I am streaming a 1080p movie off of the system.
The chassis in use is an old Chenbro SR-107, for which I just happened to have a pair of hot-swap cages, but really, this rig will fid in a mini-tower that you can pick up at Joe Blow’s crappy electronics for $20.
She’s a little over a year old now, and I haven’t had any grief from her whatsoever. If you’re looking to build yourself a similar system and have any questions, drop me a line!
The PC kind of is dead. Well, not dead...but on life support. It's really been relegated to an enthusiast/highish end workstation role.
Consoles have largely killed off PC gaming. What is left of PC gaming is pretty niche, and a tragic amount of games are just console ports. (I am a PC gamer, and it pains me to admit this.)
Netbooks, Laptops, Smartphone and now Tablets have done for the "casual internet browsing" part. What little remains for "casual internet" consumption that is "PC"-like is being cannibalised by low powered Linux boxen. This category is also doing some brutal clean-up in the “multimedia consumption” space.
VDI and SaaS have basically done for the “general office work” category; hell, my network’s Wyse thin client deployment to covers exactly that is proof it works well. (60 VMs on 3 two-year-old servers, no problems at all.)
What does that leave? Workstation stuff like CAD, video editing, some audio editing and possibly programming. Higher-end video gamin or enthusiast stuff. The big “mainstream” uses of computing just don’t need PCs any more, and people are starting to drift away from them in droves. Even a lot of the workstation stuff can cheerily be done on mid-range notebooks today, and I am starting to see more and more of this work moving onto these more portable platforms.
So the PC isn’t completely dead, but we definitely witnessing its final decline. There are the golden years of the PC; savour them for they will not return. Computing has become so commoditised that it simply becoming an appliance, as found in smartphones or thin clients.
As to switching to SSDs…it will happen. Hell, it’s happening already. We long ago reached the point where you just don’t need the kind of space available in a modern magnetic drive to run your PC or computing appliance. Somewhere there has to be a big old bank of storage…but less and less that storage has to be in your laptop, your PC or your phone. More and more that can be in a NAS device at home or even in “the cloud.”
I don’t think Magnetic spindles will disappear, but the storage tiers of today will be redefined. I can be quite happy with 160GB of storage on my notebook or desktop, so long as I have a NAD somewhere to dump my media on. 160GB will run my OS and applications, even when it’s almost all Microsoft’s bloatware.
All new PCs, notebooks or compute appliances I have deployed in the past 6 months or so have SSD primary storage, and only a few of them have been backed by Magnetic spindles. Why? Because I don’t care if a client computer drops its disk. I can always reimage it, and frankly SSDs are cheap enough to use for these low-demand situations.
Just as we are watching the twilight years of the PC, magnetic are moving starkly into the realm of “bulk data provisioning” whilst SSDs take over primary systems provisioning roles.
For that matter, have you noticed Android? It’s a Linux distro…and it’s kicking some royal ass. Sure, not on desktops (yet,) but this is definitely “the year of Linux,” as we see Android take a Linux distro into the hands of millions of ordinary non-nerd consumers for the VERY FIRST TIME. It’s historic, and it’s gone unnoticed by the kind of people who believe that if it’s not desktop PC dominance, it doesn’t matter.
Desktop PC dominance is what doesn’t matter, because people are abandoning that form factor in droves.
We’ll see about the videophone thing. I’ve just picked up a set of wicked Asus Skype videophones and was duly impressed. They are seeing a lot of use now, and I suspect Apple’s facetime will make a dent there too. If for no reason other than it’s Apple and it has a captive audience of millions of sheeple.
Understand that I don’t say any of the above lightly. I am not a web 2.0 Silicon Valley new tech lover with a shiny hat. I’m a grumpy old luddite curmudgeon who is still bitter about the damned ribbon bar, and uses a 386 notebook running Word Perfect 5.1 and Lotus 123 to write my articles on. (I proof them on my Windows VM before submitting them, natch.)
Much as I lament, the 90s are dead. Neat shit happened in the 2000s, and a lot of us refuse to admit it largely because we can’t currently afford it. Step back though, and take a look at what other people are buying. Not the nerds with decades of jaded views on how things “should be,’ but Jow Bloe average consumer and Large Enterprise CTO. It is their choices which determine where the volume market is, and where all tech companies will focus their efforts.
Those efforts don’t lie in the PC, or any of the traditional ways of doing things to which we have grown so accustomed.
More’s the pity.
That's not true.
First off, if you take a look at the OpenVPN or UltraDNS full-on enterprise setups, they offer some really granular control over what will or won't be banned. They also offer both custom white and blacklists so that you can ban or unban websites as you feel is appropriate.
NortonDNS is young, but will most likely offer similar features; they are a commercial entity after all, and can't go around arbitrarily banning things without the ability to unban selectively or no one will buy their product.
Malwaredomains.com offers you a flat list of domains. What you choose to do with it is up to you; you can write a script that removes domains of your choice from that list. All of these organisations offer methodologies to have your domain removed from the list if you can prove you aren’t offering up Malware.
So it’s a form of VOLUNTARY censorship then. You can choose what you do and don’t want to be able to access through each of these methods, none of which you are forced to use in the first place.
Now, GoogleDNS on the other hand offers no such features. It simply is, and you either trust Google to know best, or you don’t. You don’t have to use GoogleDNS, but simultainiously you cannot customise what it delivers you. THERE lies your gaping hole through which true censorship might creep, and the big reason that it GoogleDNS didn’t make it into this article.
There is I think a distinct difference from the kind of censorship you are worried about, “they can just ban a domain and there’s nothing you can do about it if you use their service” (GoogleDNS) and the voluntary censorship offered by the services discussed in the article. Furthermore, it should be noted that each of these services publishes a list of which new domains are added on a regular basis such that you can identify any you wish to whitelist and do so.
For all of the above reasons, I don’t think you can wave the censorship banner at any of the services mentioned in the article.
Conventional warfare? You mean the type now being fought by robots? I’d not worry too much about being cannon fodder. I would fret about being collateral damage however…
Them's some harsh words there, friend. I can't speak for anyone else, but the otheros thing angered me and I don't even own a PS3. The issue isn't one of "just go buy more crap." Where would I put said crap? Why should I have to pay for the extra power/cooling/etc. of another piece of equipment when the only reason for it is the inadequacy issues of some Sony executive?
We should be moving away from this bullshit "locked device" proprietary game and towards a Steam-like "buy once, play/watch/run on whatever you want" licence.
I agree with the need for DRM in some form; people shouldn’t have a “right’ to pirate intellectual property. Still, it is companies like Sony who are holding useful, easy and CONSUMER FRIENDLY methods of doing so from actually hitting the market. Sony put out a piece of hardware called a PS3. Grand. Bully for them. That piece of hardware doesn’t belong to Sony, it belongs to the user. The user should be able to run whatever they want on it.
You want to be able to ensure that official PS3 software/games/media/whatever don’t get pirated? Make them require you to be logged in order to play. Don’t give me any crap about “what if I am away from the net.” There are plenty oh ways around it. A great example is Cities XL, which I have to fire up only once a month to retain it’s activation. Now if ALL my games/media/etc. were bound to an account somewhere that could be verified similarly, then I could use that content on whatever system I chose.
The hardware then could be free to be mine to do with as I please.
Ideally there would need to be some legislation in place to deal with what happens if a company changes authentication methodology or goes titsup.com, but THE NUMBER ONE COMPANY HOLDING US BACK FROM THIS IS SONY. They are the asswads who are throwing up roadblock after roadblock to solving this problem from every angle and bringing content consumption into the twenty first century.
So don’t get all over some dude’s ass because he actually wanted to run Linux on his PS3. It doesn’t make him a pirate, and it doesn’t make him a cheapskate. It probably just means he’s an enthusiast, or a dude living in a shoebox apartment without air conditioning who doesn’t want to run 15 bloody compute appliances just to satisfy some billionaire somewhere.
I apologise for the harsh tone of my rant, but the whole attitude that anyone who wants to actually own their devices and/or doesn’t want to play the stupid “be a dumb consumer that throws everything away every 18 months” is automatically a freetard.
I use a 386 laptop with Wordperfect 5.1 and Lotus 123 and I’m proud of it. I’d like to see any modern compute gear last that long and give as satisfactory a service life. Do thoughts like that make me a freetard too? Should I just “bah” like a sheep and sedately consume whatever I am told to?
I still haven't forgiven them for the rootkit incident. Or for that matter, killing the excellent minidisc format through greedy attempts to keep it totally proprietary. As the most backwards member of the RIAA and MPAA they also earn some hatred in my books for holding digital distribution business models back about three decades.
The PS3 thing wasn't even a blip on my radar as I had long since decided "no Sony ever."
Let’s try this again, with less late-night grammatical horror. Somewhere, a pedant earned his wings because of the original post.
Here’s the revised version:
A Neutron Star is basically a big old lump of neutrons at its center, where the extreme mass has compacted the matter so much that the protons and electrons have combined.
This "neutronium" is highly unstable, and tends to revert to normal matter if it works its way far enough from the core. There are also layers of material that on top of the neutronium that are not under so much gravitational stress as to convert into neutronium. The outer layers of the star probably look relatively normal by comparison.
Neutron stars, being so massive, may also have an accretion disk (much like a black hole.) From where we are, it would be virtually impossible to tell if a given star had an accretion disk or not (the star being powerful enough to outshine the disk) but if it did then that matter spiralling into the star would light the bugger up like a big magnetic candle.
In short: think of a neutron star as very close to a black hole. Unlike a black hole which is so dense as to have an event horizon, neutron stars are just the other side of that barrier. A lot of the weird things that happen near black holes happen near neutron stars. There is the exception that we can almost understand the physics of a neutron star because the entireties of the reactions are occurring on this side of the event horizon.
There is also a theory that a sufficiently massive neutron star could house a micro black hole at its core which would slowly grow in size as it consumed the neutron star from the inside out. Eventually for reasons that I only barely comprehend (and would take way to long to explain) this mixture hits a tipping point and actually /blows up/. (Or more accurately, blows the shell off the whole shebang while imploding, leaving a black hole surrounded by a cloud of gas and an expanding plasma shockwave.)
Then you get into the theories where they have to blow up /before/ becoming black holes. (An implosion wave similar to an implosion nuke compressing the core of the star past the neutronium stage into “oh shit physics broke” and creating a black hole.)
In short: once you start getting neutronium involved, we are approaching the very limit of our understanding of the universe.
I am sure Steven Hawking has it all figured out; he’s just biding his time until he releases a slew of books that tie our understanding of this mess up nicely. (After he is proven right that black holes evaporate. If he is proven right? Lots of debate there still.)
The point here is that of people getting in deep poo when someone says something UNTRUE about them. Someone accuses me of sexually harassing Jane Doe. In a court of law I theoretically am innocent unless proven guilty. In the court of public opinion, the lynch mob would be outside my door ready to string me up before I had my coffee and figured out what the hell was going on.
What would be my alternatives in this case? Sue the individual for defamation of character? That would Streisand effect me something fierce. Sure, I might get a few bent coppers out of the twatdangle in question, but I'd have to change my name and move to another province to get away from the media circus simply because our society has next to no privacy, libel or slander laws for regular Joes.
Now, if we had legislation that basically said “if you say something untrue about Joe that ruins his life, Joe gets to CLEAN YOU OUT” then this problem would be a little less one sided. I am not big on suing people as a solution to any problem, but the threat of being financially erased from existence might well prevent a few people from spreading lies and propaganda. Might even (though I doubt it) have a diminishing effect on bullying.
Hell though, we live in the GOOGLE ERA. Change your name at 21 and enjoy everyone knowing everything about you forever!
I am giving some serious thought to burning my PC and going to live in the woods.
I wholeheartedly agree the AMERICANS shouldn't be in Afghanistan. Pretty much exactly for the reasons you outlined. I’m Canadian, NOT American. I don’t have any faith whatsoever in America’s ability to any good even in their OWN country. If you read back in this thread I think you’ll find that my personal preference is to boot the Americans the hell out of that country.
I would prefer that Canada, the UK and various other allied nations returned to Afghanistan as UN Peacekeepers. The US could help with some funding, aid, supplies or even parking a carrier or two offshore for the nations in theatre to do their job. I honestly believe that if Canada, the UK and the rest were serving as UN Peacekeepers with the SOLE GOAL of shoring up the country enough that they can take care of themselves we could be done with Afghanistan in two years and be able to walk away knowing we did our best.
If the allies simply leave now the result will be a small holocaust. If we stay and let the Americans continue being cowboys the result might very well be the same. As you might find by actually reading my posts in this thread, my opinion on the Afghanistan issue isn’t black and white. There is a lot of nuance here because I am actually pretty well informed on the whole thing.
I don’t think the American government involvement has anything at all to do with helping the Afghani. That doesn’t mean that Canada, the UK or other allies don’t have different agendas. Sure, there’s a large helping of “the US said ‘jump’ and we said ‘how high.’” That said, there’s also differences in the overall national approach to things military. America is a very aggressive nation, and that plays out in their military presence. Canada by contrast is largely a peacekeeping nation. We prefer to do nation building and forge stable alliances rather than conquer or “project presence.”
The only problem with this is that if the Americans did leave, Canada the UK and all the others simply don’t have the resources to stabilise Afghanistan with out them. It’s a “damned if you do, and dammed if you don’t” problem. The locals don’t want us there, and they don’t want the Taliban there. They want both parties to GTFO, but they don’t have the training or the resources to secure their nation on their own.
The best way to stop screwing the Afghani isn’t to leave right now. It’s to hold the line long enough to train a local military and police force, hand then a heap of weaponry so they can defend themselves, put some time and effort into ensuring they have a working communications and education infrastructure, and then phase out our presence with the locals taking over the duties of protecting the local populace. An organised withdrawal rather than simply packing it all up tomorrow and leaving them to the wolves.
And we should be setting about that RIGHT NOW.
Low power AMD chips. Found a nice mobo wiht onboard video, low-power AMD tri-core that can back down to almost no use and an 80+gold PSU. Idle it noms somewhere south of 75W and fully loaded it noms about 150w.
It not only runs my NAS, but is beefy enough to serve as an HTPC whilst hooked up to my projector as well as hosting a pair of small personal virtual machines. The whole thing was maybe $500 CAD. (Without data drives.)
Beats the crap out of any home NAS i've seen...
Hear, hear! First things first: remove the damned vetoes from the UN Security Council. I think things would get significantly less a bucket of ass from there. Any time a motion comes up to do something that would be good for the world in general either the US, Russia or China vetoes it in an attempt to thwart one of the other three.
Take the toys away from the misbehaved children and let the rest of the world get on with the business of growing up.
Everyone adds an S. you'd think I'd be used to it by now, but it still causes some sort of involuntary twitch.
That said: CHANGE IS BAD. Maybe not for you or me, or even for the majority, but for every change that occurs SOMEONE loses out. That is why there is always someone fighting change. Think about it: the people with all the power and money right now have that money because of how the world works today. Change how the world works and they might well lose out.
Or, they might change it so that the milled masses lose out a little bit more, and they gain. Either way, Change is always bad for SOMEONE. The question is simply…
Re: Balmer and failure to execute.
I don't believe that Microsoft's business model absolutely requires high churn. I do believe it requires the ability to promptly react to threats from competitors or new markets. That requires nothing more than a strong R&D and probably a few isolated skunkworks projects in addition to that. Microsoft has the talent to go “oh, Apple released an iPad,” and then turn around 8 months later and absolutely wreck them.
The failure to do so is a failure to execute. There should have been Windows CE based ARM Microsoft Tablets making the rounds this July showing what hot shit they are in preparation for ruining Apple this Christmas. Do not bullshit me that it isn’t possible, the entire group that worked on the Kin project they just binned was available, and perfectly capable of taking their Kin OS to the next level, even if the Windows Phone 7 team were a being a giant sacks about keeping their code to themselves.
Windows Phone 7: To little too late. Microsoft should have seen that coming YEARS ago, but simply failed to devote the necessary resources. They didn’t have to act FIRST in this market, but they will be pummelled for acting LAST.
Microsoft’s failure to execute is huge. Vista? Office 2007? Exchange 2007 (festering pile of shite that it was, and so much more. A whole generation of products were released from this company, all of which left me deeply wanting to boil some people in oil.
Microsoft is broken into warring fiefdoms that are unable to co-operate with eachother, lack a single unifying vision and don’t have the ability to rapidly respond to change. There needs to be a slow, steady advancement of technology within the company that moves the colossus forward with frightening inevitability. There also needs to be a series of outlier R&D and consumer electronics groups the run around making REALLY COOL stuff that doesn’t quite have the enterprise polish on it yet. The version one guys.
These groups would produce something aimed at the consumer. It would have less features than a full blown enterprise product, but it would get out in time to match Apple, Google or whomever else was getting mindshare. That version one product then goes back to the “serious business” departments for Enterprise treatment and gets some serious polish. It gets rolled into the “frightening inevitability” update group by version three and becomes simply another cog in the Microsoft machine.
Similarly, if someone radically shakes up a market, (say tablets,) then Microsoft needs the ability to kick something OUT of the Enterprise steamroller and dump it right back into the hands of the frenetic consumer groups. Here they can pick up the ball and run it through some radical R&D in a short timeframe, reinvent the dochicky or application, release a product to match the competition and kick it back to the enterprise group.
Is Microsoft even REMOTELY capable of that? Hell no. They are disorganised and chaotic with no clue what’s going on. The whole company is completely disconnected from their customers and their reaction time is measured in decades.
Ballmer is the disease. If he wasn’t a complete tool he’d have recognised his company’s failure to execute and reorganised the whole bloody thing in order to compensate. Instead he’s shifted the deck chairs on the titanic a few times to absolutely zero effect. Every “reorganisation” hasn’t really done much to change company culture, and certainly hasn’t dealt with the “warring fiefdoms” issues.
@rahul re: Google DNS.
I have gotten a few e-mails on the subject of Google DNS. I will post into the comments what has been my cut-and-paste response so far:
Google’s DNS is relatively new. And it’s Google; privacy concerns abound when anything involves them. (Do no evil my ASCII.) Even putting the tinfoil hat aside, Google DNS is a completely different animal than all the rest. With OpenDNS or DNS Advantage you get some pretty decent control over what the DNS presented you looks like, from companies that specialise in the field. They have every reason to work together with everyone else to make their DNS the best it can possibly be. With Symantec, you have the results of all of Symantec’s various security arms as well as their crowdsourced and human-vetted site listing rolled out into a DNS source. If there is any one malware list I can trust pretty absolutely to be accurate, it’s Symantec. Similarly, malwaredomains.com has made a name for itself in the field and deserves respect and trust.
With Google, you get what the algorithm provides or “the competition is just a click away!” I am still trying to gather information about exactly where they get their malware lists, what level of trust to put into their DNS service, and trailing it on a few networks. So far I have had quite a few legitimate sites blocked with GoogleDNS including updates for my anti-malware application!
When I do talk about GoogleDNS, it will be after much through research so that I can do my best to put aside any prejudices or fears I might have about the gigantic goliath that has bought the Internet and focus solely on the technology. Then, given the mammoth size of the organisation backing the project, it will get an article all its own. At the moment however, I have many concerns regarding Google DNS and can’t actually recommend it to anyone just yet.
I decry the fact that password guessing or reset attacks are considered "hacking." That’s like saying running windows update on your home PC makes one a sysadmin. I know, I know...the term has been so used for over a decade now...but still...
Okay: it's late, and I really should be writing an article instead of responding to comments...but I'll bit on this one.
Aren’t all new services, products, business methods or what-have-you generally met with some fierce resistance somewhere and then covered in lawsuits of one variety or another? I’m not defending Google here – after the Googizon debacle they’ve lost my trust forever – but I am having trouble coming up with any remotely popular service or product in the past fifteen years or so that wasn’t covered in lawsuits.
I’d love to be wrong on this, and I whole heartedly admin that it could be a failure of imagination and/or memory on my part…but /CAN/ be innovated that would be both popular and not controversial? (Or alternately: has been innovated in the last 15 years or so and been both popular and not controversial.)
Enquiring minds want to know…
Let me try to make that a little shorter for you. I believe that Lewis Page's personal motto is:
Pragmatism before Pork.
I happen to agree with the sentiment. Carry on, Lewis!
I seriously suspect the size of the navy isn't what Lewis cares about. It's how the UK is (in)capable of using it that counts.
This will be a fun thread.
I will interject early with an off topic post: everyone take a breather before posting. Everything that can be said on this topic has been said already. In the mean time, life is full of things that are good and happy. In my case cats, coffee, and similar small enjoyments. I am sure you have such things as well…perhaps whatever you calming equivalent to petting a cat is should be undertaken /before/ the violent vitriol posting.
If not, well…
…have at ‘er gents.
Pint because there’s no popcorn icon, and this thread’s will probably be entertaining...
@A J Stiles
"A soldier in a foreign country, wearing the Queen's uniform and acting in the name of Her Majesty, ought to be held to a higher standard of behaviour than a private citizen in their own home, acting in no-one's name but their own."
Hear, hear! I couldn't agree more. Throw politicians and representatives of powerful companies in there too. That said, I again must say that release of any information that may cost lives, (be it about war or anything else) is not properly thought through.
Hold those who represent us to the flame and see if they are worthy, but remember that we don’t actually burn people to death as witches any more. Release of embarrassing information is one thing. Release of information that threatens lives something else entirely.
What is "the job?" According to all of my friends who have served, they want to see the Taliban beat back enough so as not to be a threat the local Afghanis can't deal with. Removal of the Taliban ability to make war on the locals, for all intents and purposes. They want to pull out of the country, but only once they are sure the locals can actually take care of themselves when they do.
This is a recurring theme, as many of these folks have seen exactly what the Talbian do when they "reclaim" territory. Several of these guys will never be the same (mentally) because of seeing it. I know for a fact the soldiers in question would never sleep well again if we just packed up and left that entire country to that fate.
We got into this war on false pretences. We fucked up big time. Now we’re stuck in a situation where if we just take our ball and go home then hundred of thousands if not millions of people are going to die some pretty goddamned awful deaths. I understand the moral outrage over our having to be there in the first place: hell, I share it! If we had left well enough alone these people wouldn’t be under this kind of threat. They wouldn’t be living the most open society, but they would be at risk of being slaughtered as collaborators.
I honestly can’t believe the number of people in this thread who are either A) so naive that they believe if we just left the Taliban would peacefully take over the country without harm to the locals and everything will be flowers and rainbows or B) are so morally self-righteous about the fact that this was a botched war from the beginning that they simply don’t CARE about what happens to the Afghanis.
It makes me sad to be of the same species as these people. I believe that human lives are worth more than the self-satisfaction of a few westerners.
So screw the Afghani, eh?
Our troops aren't dumb. They know they aren't there for any good reason; this war was started based on a series of lies, deceptions and misunderstandings. They should be told this because they are citizens of the countries they are fighting for, and deserve as we do the right to hold our politicians accountable for this fiasco.
What you, and so many commenttards here seem incapable of understanding is that no matter how broken the reason we got into this mess, we are there NOW. We have a responsibility to the people whose lives we ruined not to botch the job further. If you don't believe that, well, that is your right. It is also my right to think you and everyone else who believe the same are terrible people. You would callously throw away the lives of the Afghani people rather than try to fix the mess we created.
The best way to support our troops isn't to bring them home and inhumanely abandon the Afghani. It's to give the troops the resources they need to help the Afghani as quickly as possible and then get the hell out of there.
If that's a thumbs down in your mind sir, then again: so be it.
Being anti-wikileaks /on this particular issue/ doesn't make you pro-American. Being anti-American doesn't make you pro wikileaks.
In general, I think wikileaks has a good reason for existing and does a good job. I think they went too far on this particular issue and have risked lives. I also think that US.gov needs to be burned down and started over, preferably AFTER the American public has been educated to understand that the past fifty or so years of "yay capitalism, boo everything else" is lies, damned lies and propaganda.
That’s the problem with the internet, and increasingly with The Register. The commenttards seem completely unable to comprehend the concept that the people whose comments they are reading, complaining about or flaming might not be as black and white as they would often like to make the argument. Arguing something in binary is easy. If it’s not 1 then it must be 0. Throw in 2 in there and you increase the complexity quite a bit.
The concept of nuanced opinions that simply don’t seem to have a place in the middle of internet shitstorms, and this is what we have here. It’s sad really, that an issue as complex as wikileaks posting classified documents about an ongoing war as well as the inevitable issues surrounding why we are fighting the war, how we got into this mess and whether or not we have a responsibility to a nation we ruined all boils down a simple binary “I feel this person agrees/disagrees with my opinion.”
How can opinions on these sorts of issues POSSIBLY be that simplistic? Put any two people in a room; throw this topic in, and no matter how closely they would appear to agree on the surface you will find nuanced elements of agreement and disagreement in their take on the matter.
Still, this is the internet, LET THE THUMBSDOWN FLY.
Allow me then my moment of binary exultation: for any and all of you who believe that the fact we should not have been involved in this war in the first place is a valid reason to leave the Afghani people to be butchered I am ashamed to be a member of your species. Your callous disregard for human life sickens me.
If you want to bellyache about the hows and whys of getting into this ridiculous war, then go burn a politician or two. They at least deserve it. The Afghani people are innocent, and they don’t deserve to be abandoned by us simply because the political winds have changed.
How polished your halos must be, and how righteous your moral certainty. That you would throw away the lives of others for your own self satisfaction sickens me. Soldiers at least know what they are signing up for. The Afghani people weren’t given a choice.
I am /NOT/ trying to justify the fact that we are involved in this war. I am SURE AS HELL not trying to justify western imperialism. All that I ma saying is that in the particular case of Afghanistan, the whole thing was been such a clusterfuck for the very beginning that now we are stuck between a rock and a hard place.
We put these Afghani in the situation where they are now considered collaborators and traitors by the Taliban. Even if all they do is try to live their lives and ignore us, the Taliban consider them collaborators because they didn’t fight us to until they were all dead. So if we leave, the Taliban return and butcher EVERYONE.
Is it RIGHT That we put these people in this situation? HELL NO. Should he just take our ball and go home? HELL NO. What we should be doing is stop pussyfooting around with this political garbage and give our troops the resources they need to end this damned war quickly and decisively. The quicker we can bring this to an end the fewer lives lost and the quicker we can spend resources on training the Afghani to take care of themselves.,
If we were even HALFWAY decent as countries, we would be paying reparations to the new country for the next 50 years along with huge amounts of training and education to ensure that the locals never have to take this sort of shit from us or anyone else ever again.
Of course, that probably won’t happen because our politicians are asshats, but at this point I will settle for “ensuring the locals don’t end up another middle-east “cleansing” statistic.”
How this pile of internet trolls gets from that opinion that I am either supportive of US.gov or trying to explain away or excuse our involvement in Afghanistan I will never comprehend. I don’t give a rat’s ass about the politicians involved or their “Right” to have incriminating documents withheld.
If there is one person on this earth who DOES deserve to be burnt as a witch its Cheney, and all his cronies are not far behind. I call for war crimes tribunals, except – oh wait – the US apparently doesn’t believe in the international criminal court.
What I care about are my friends the soldiers on the ground, and the Afghani people who didn’t deserve ANY of this shit happening to them. Apparently however caring about anything other than the moral self-satisfaction of people who bitch on the internet is worth a squillion thumbs down.
So be it.
I am not going to go dig up names of informants and post them on the internet when the thrust of my entire beef with Ass. is that he posted names of informants on the internet. Think about this carefully for a second.
As for “character assassination of an inconvenient or embarrassing individual” you are completely and utterly wrong. I CACKLE WITH GLEE at the thought of the American government being embarrassed by the kinds of things that show up on Wikileaks. I don’t support US.gov, the American military, large corporations or any of that. The more embarrassing and politically inconvient someone is, the more I want to give my hard earned cash to their cause.
Where I draw the line is the instant anyone is put at risk. This would be no different than publishing a list of known sex offenders. Sure, there is a side that legitimately can say “we deserve a right to know/think of the children!” On the other hand, there are places in this world (even/especially in the US) where having your name on that list will get you lynched. When you consider a country like the US where you can be put on a sex offender’s list for sexting your significant other, then I would have some /very/ serious reservations about the release of that information.
Release a document however about how many sex offenders were living in a given area/the government lost track of/something else that doesn’t include personally identifiable information and I will be the first person to stand up for the right to do so.
Do you understand the difference here? Release of information that is embarrassing is one thing. Release of information that can endanger the lives of others is a different kettle of fish entirely.
At least it is to me: you are of course welcome to your own opinions on the matter.
@AC Re: "star spangled banner"
I think you are making some pretty big assumptions there buddy. I in absolutely /no way/ support US.gov, America or it's policy of capitalism colonialism. I do wholeheartedly support the right of the individuals who make up a country to be allowed to choose their own leaders and political system. If they choose capitalism, I will mourn. If they choose socialism, I will cheer. The choice should be theirs however.
Personally, I suspect that after decades of meddling in their affairs by foreign powers, the emerging regime will be FAR from compliant with the US, the EU, Russia or anyone else. Personally I have zero problem with that. I do have a huge problem with a forced theocracy just as I would a forced dictatorship of any kind.
I support my CANADIAN troops in theatre. Just don’t get me confused with someone who supports US.Gov. My beef with wikileaks is NOT support for US.Gov.
You are correct, I am as guilty of armchair criticism as anyone else. you believe that by publishing everything unredacted that this will "keep governments in check." I happen to disagree. First of all the regular Joe American citizen isn't reading what's posted. They're barely aware of the controversy at all. Secondly, there's nothing in those documents that shows anything untoward enough to get a politician or military leader in general. It's a lot of routine stuff that basically covers the disposition of troops, names of informants (and what they told us) as well as strategies, tactics, assessments etc.
Lots of stuff that frankly is helpful to the Taliban, or even to our troops in theatre, but doesn't tell the public at large anything. "There's a war. We do war-like things. We make some mistakes as anyone does, we get our ass handed to us periodically." There is information that hasn’t been published, it’s true. If there were information that were scandalous and could/should be getting politicians and military leaders into hot water /and didn’t compromise the troops on the ground/ then I would be the first person in line saying “this needs to be published.”
In fact, after the war has been fought and we as the public of the nations involved need to assess how it went down and what needs to change for next time I wholeheartedly believe that everything short of the names of the informants should be released whole hog. At that point it shouldn’t compromise any ongoing operations or provide strategists on the opposing side any details relevant to predict our moves. What it would do is allow is to see exactly what went on, and press for legislative changes if necessary.
Understand that I am not pro-war. I am certainly not pro-War-in-Afghanistan. In my personal opinion we should never have gotten into this mess in the first place, but we’re sort of stuck. Right now the locals are living in the middle of a war zone where terrible, TERRIBLE things like the wedding incident you describe happen. We leave and the Taliban reclaim the country and brutally subjugate the population, exacting some pretty horrific revenge for anyone who ever “collaborated” with the allies. (That is not a statement pulled out of my ass. The Taliban have done this more than a few times during the war already. Letting them reclaim the whole country would be unconscionable at this point.)
Let me put it more bluntly: the whole war in Afghanistan is a shitty damn situation. It was badly handled from the get-go, but what Ass. has done isn’t helping at all. Worse yet, it may well compromise individuals on our side. There were better ways to deal with this, and I frankly expected more from wikileaks.
Count me among the Canadians confused about how in the fnord we ended up there in the first place. We've been there how many years and I still have absolutely no clue how the hell we ended up fighting over that particular stretch of land. That said, we're there now; let's get the thing done and bring our men and women home. Personally, I think this war would be better run WITHOUT the Americans. If I had my way, we’d kick the yanks out, gather some real international support and return to Afghanistan in blue berets.
Soldiers come back from their tours knowing that other soldiers will be shipped out in their place. Many of them sign up for more than one tour because of what they see there. I can't speak to the Americans, but i know several Canadians who, upon completion of their tour, volunteered to return with the next group because they felt the job wasn't done.
Android users will accept that this is a malicious application and deal with it accordingly. If it were an iPhone app and had made it through the Holy Censurewall, it would be considered a feature, not a bug. (Okay, that’s flame bait because I’m irritable. I retract the statement.)
Of course, the Holy Censurewall does offer a far better chance that something like this would never be released for public consumption, but periodically apps are missed. I think the existence of apps like this does reveal the need for a middle ground to exist. Something more open, (or at least far more consistent) than the Holy Censurewall, yet not as “wild west” as the full-blown Android Market.
Perhaps Google should consider tinkering with the market a little such that you can choose to see “vetted” apps or “all” apps. Either that or a App Confidence Rating. Not the crowdsourced star rating that is easily gamed, but a rating similar to the Web Of Trust system. Just for apps instead of websites. Preferably this would be something where minions not only of the Chocolate Factory, but Symantec, Sophos, SANS and whomever else are trustable security types contribute to the ACR.
I don’t see why we have this whole new platform (smartphones with app stores) but we are making the same mistakes as twenty years ago on the desktop market. Why are “control-freak walled garden” and “free range sanity holocaust” the only two options?
Yeah, yeah…getting my coat.
The way this has all been explained to me is as follows: the information coming from the local informants is unbelievable valuable for keeping our folks alive. One of the big things that comes from these informants supposedly is information such as “what roads IEDs have been placed on.” Alternately “the bad dudes are planning to be here at this time” which has helped the allies avoid ambushes and the like.
If that information dries up then simply going out on patrol becomes far more risky. They do their best at all times to be on alert for IEDs, ambushes etc…but knowing beforehand where to look can ensure that they pack extra precautions. A UAV over flight, or taking an IED robot to sweep in front of the convoy.
This isn’t true in all areas of Afghanistan, but in some areas, particularly where the Canadians currently are, they are apparently quite reliant on this information, as there simply aren’t enough resources available to send up a UAV for every patrol, or send a crawler in front of every convoy. If we stop receiving this information then we have to make far less educated guesses about when to deploy the appropriate resources. This in turn leads to more of our guys getting blown up.
I am sorry if you don’t see the connection there, but that seems pretty cut and dried to me.
...are they still here? From all the media, you'd think Android was the only Linux left. (Well, I do use RHEL on the Enterprise side of life. In the IT circles at least you do hear quite a bit abotu Red Hat still.)
Good on them for innovating! Soon they will catch up to Android/Sense in terms of UI, but be an actual real Linux distro to boot! Now if only they had a decent marketing budget to take advantage of the fact that Microsoft's ability to execute anything recently has gone walkabout. The window of opportunity is now, and it won't be open long...
…eventually they’ll wise up and replace Ballmer.
Good luck Canonical!
These documents were CLASSIFIED. They are supposed not for public consumption because, at time of classification, they contained information that could compromise ongoing military activities. I am not saying that US.Gov doesn’t classify WAY too much material, but we aren’t talking about classifying where the money for the $40,000 hammer and the $10,000 toilet seat went. We’re talking about classifying information about ONGOING ACTIVITIES in an ACTIVE THEATER OF OPERATIONS. You don’t just release this information for your ego, and you sure as hell can’t expect the US military to help you break the law. (Release classified materials is a federal offence.)
On the flip side: there are processes in most civilised countries, (I am unsure if this is true of the US,) whereby a review of classified documents can be called for. It is usually an extension of what in Canada we would call the Freedom of Information and Privacy act. FOIP requests can be made to have documents (or at least redacted documents) declassified unless there is a currently valid Damn Good Reason for them to remain classified. This is the proper way to go about obtaining information about ongoing operations where the documents in question would put people’s lives at risk.
Releasing classified materiel whole hog and then after the fact saying “well, if you don’t like it, help us redact them” is bull****. If the US doesn’t have proper FOIP legislation, then THAT is the battle that Ass. should be fighting. If he cares at all about “the cause” and isn’t in it just for his ego then he should be fighting for expanded declassification and freedom of information rules. He should be declassifying information in a one-sided fashion.
Understand that I say this as someone who respects and reveres the right of the public to know what governments and corporations are up to. I believe in nothing so much as the rights of freedom of the press, and I revere no one so much as proper investigative journalists. You can read my past comments here on this site if you have doubts. What Ass. did was wrong. There simply are far better ways to go about this that don’t put my friends at risk.
I used to respect wikileaks
There is a difference however between leaking evidence of illegal activity on behalf of a government and putting lives at risk. I have several good friends currently posted in Afghanistan, and I really hope that this arrogant **** doesn't get them dead. Something like half the people I knew growing up have served there in the past few years, not all of them came back. Several that did come back didn’t exactly come back whole.
The thought that some douche might get people I care about dead just for his ego is almost too much to deal with. Very upset with this whole situation. What ever happened to wikileaks serving as a way to keep corporations and governments honest? The information in these leaks isn’t scandalous in the least; it isn’t evidence of anything untoward on behalf of the governments involved in this war. It’s a detailed list of who’s who and where; just the kind of information that the Taliban require to get our men and women dead.
Regardless of the how or why the war started, it is a WAR. We kill them, they kill us. We spend resources on converting folks on their side so they will leak us information, they do the same. In this case though, Ass. has revealed huge numbers of informants and classified activities to the Taliban whilst we learn nothing new from them. It’s a huge boon for the Taliban in that they can now target turncoats on their side as well as analyse the documents to extract information about how our side plans and executes strategies.
They may even be able to get a feel for which units serve which purposes, and lay traps to get rid of the particular thorns in their side. Understand me when I say I am no fan of the Americans, nor do I really think they should have gotten involved in the Middle East at all. I am however a proud supporter of Canada’s military, and I don’t want to see my friends get killed because of this Ass.hat.
We are at war here. If we simply packed up and left right now that country would be worse off than if we saw this thing through. Regardless of the origins of this conflict, the politicians or the money-grubbing corrupt corporations that are involved, the men and women out there dying on our behalf do deserve our support. The best possible thing we can do is help them end this war quickly and decisively so that they can finally come home, whilst knowing they did the best they could to leave Afghanistan capable of taking care of itself when they are gone.
The armchair critics of this war such as Ass. have absolutely no idea what is going on there. It’s easy to point fingers and publish documents, it’s another thing entirely to live in that country for months or years and be faced every day with exactly how different, hard and just overall BAD life in that country really is. I know some twat will come out of the woodwork and scream “if you want to support the soldiers, bring them all home tomorrow!” I promise you that would be one of the worst things you could do.
These men and women have lived in this country and seen what goes on there; I promise you that the majority of them would rather lay down their lives than abandon the locals to the wolves. If doesn’t take long living in theatre before you realise that you are truly fighting /for/ something. That the people in these towns and villages are people just like you, and they deserve to live free from fear as much as the armchair critics back home do.
It is my greatest regret in life that I wasn’t able to join Canada’s military, and fight alongside the men and women I grew up with. This isn’t because I agree with the wars we’ve gotten in to, or because I think war is at all a good thing. It’s because I care about these people and wish I could be watching their backs in what is a terribly hostile environment. It is also because I have spent a lot of time talking with those who have returned from Afghanistan, and I have gotten a very vivid picture of just how good we have it here. The folks in Afghanistan don’t have the means to win their own freedom, but by $deity they are trying. With our help, they just might succeed.
So long as egomaniacs like Ass. aren’t allowed to **** it up for everyone. Our soldiers, and the millions of people in that country are counting on it.
When your company name has become an invective, you have...arrived*?
"Someone just discovered a new security hole in $browser!"
"How bad is it? Important? Critical?"
"****. Well, I guess we are going to have roll out patches tonight..."
*For inverse values of "arrived."
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- BBC suspends CTO after it wastes £100m on doomed IT system
- Peak Facebook: British users lose their Liking for Zuck's ad empire