Sign in / up

* Posts by Had_to_be_said

5 publicly visible posts • joined 8 Mar 2013

RIP ROP: Intel's cunning plot to kill stack-hopping exploits at CPU level

Had_to_be_said
Reply Icon
Stop

Re: Looks sweet ...without the pseudo-security... of lock-in.

Uh... You do realize that doing the -EXACT- same thing, when it not only fails, but can be proven, logically, to be completely-erroneous (as well as extremely detrimental)... is -NOT- "persistence". It is pathologically-ignorant psychosis.

But then, I guess that's why... some seriously ignorant people supported "Bleeding the bad humors" out of desperately ill patients... until they died (from the "cure")... lasted so long in medical history.

Finally, by the way, the legal-definition for someone who's delusion is a clearly a demonstrable danger to themselves, and others, is... actually... "criminally-insanity". Just sayin'

0 0
Had_to_be_said
Reply Icon

Re: Looks sweet ...without the pseudo-security... of lock-in.

First, as to "signing"; its "security" is basically verifying that the original code is from "trusted" (I.E. "authorized") sources, without modification. The problem is that if any code, signed, or not, has these types of inherent flaws... which -IS-, and -HAS BEEN-, the case... time, and time, again... then "signing" simply becomes a means of "locking-in" code distribution, to "authorized"... I.E. "licensed"... software manufacturers. And, frankly, those interests who continually push this ("code signing") the most, actually have a long and very-well documented history of ABUSING, exactly this type of LOCK-IN. As well as, having an absolutely terrible history of releasing, and "signing" such flawed code, over, and over, again. So, there is -no- real "security" there, at all.

In short, flawed, (but, officially-authorized) code -IS- one of the major sources of software security compromises. And, this particular "security" fix [hardware-based STACK Bounds-checking] is aimed directly at protecting against such "flawed code", itself... without allowing a clearly demonstrated platform for further commercial "abuse".

And finally, frankly... based upon all the facts... it is completely nonsensical and offensive to make any assertion that the, vast numbers of highly-experienced, people who have come to oppose such "Signing", and "trusted computing", lock-in... are actually, simply wanting to be able to "steal", and/or compromise, software.

1 1
Had_to_be_said

Looks sweet.

It would seem to actually address the "problem"... incorporated in the code itself... before "bad code" (an insecure, flawed, or poorly-written, program) could be, externally, exploited.

And, it looks much better than the possibility of industry abuses caused by the "signing" and "Trusted Computing", lock-down, proposals usually put forth (as bolted-on afterthoughts).

3 1

Microsoft's mobile device management meltdown

Had_to_be_said
Reply Icon

Re: Why the fuss? Emotionally anti-Microsoft?

However...

There also huge numbers of dedicated IT professionals that have spent their collective-years working "under the hood", of the actual technologies. And therefore, who have had to repeatedly clean-up other people's, and company's messes. And, some of us have also spent many decades watching, and dealing with the, mediocre, and usually unethical, or even illegal, actions of this particular company [Microsoft]. In short, previously -unbiased- IT-professionals have had to continually deal with the problems that Microsoft has unnecessarily created, and inflicted, upon consumers and businesses... time, and time, again.

So, I'd have to say that trying to off-handedly dismiss, and insult, such a huge number of highly-motivated, experienced, professionals as merely "emotionally anti-Microsoft", is simply an example of pedantic, and sad, fanboi-ism. Which most would agree, would be far worse if... "involved in any decision making processes".

Just an observation.

2 0

Canonical announces Mir display server to replace X Windows

Had_to_be_said
Reply Icon
Facepalm

Re: @AC23:34 again wonders ... (was: @AC 04:45 (was: R.I.P. Ubuntu))

>> What part of "Canonical is a marketing organization, not an engineering organization" is difficult to understand?

How about the part where they are clearly making ENGINEERING decisions which completely ignore all of their previous MARKET successes AND are clearly undermining their own product AND seem to be really PISSING OFF MOST OF THEIR USERS for no logical reason? Pretty stupid MARKETING if you ask me.

0 0