* Posts by K. Adams

396 posts • joined 5 Sep 2008

Page:

Linux kernel purged of five-year-old root access bug

K. Adams
Black Helicopters

LFDE/2FA

> ...you can lean over and hit the power button on the front, reboot with only a bash shell as you kernel, remount the filesystem input/output, and reset the root password.

Ummm... Not quite. The "bash shell" is not a kernel; it does not provide access to any core, system-level functionality on its own. It requires at least a very minimal kernel to be loaded and running first, before it can do its thing.

> In fact, thinking about it, if you had physical access to the machine, and wanted to cause it harm, you could just hit it with a big axe.

Probably. Unfortunately, most people who would go through the trouble of obtaining physical access to the machine would probably find it to be a much more valuable item in working condition.

But yes, in principal, the kind of attack you describe will work, provided the mass storage device(s) used by the target machine isn't (aren't) encrypted.

However, a hardware keystroke logger interposed between the target machine's keyboard and the machine itself can easily help you get around the encryption issue.

Which is why I recommend that anyone who uses the latest Ubuntu-flavoured versions of GNU/Linux follow the instructions presented here:

-- Ubuntu Lucid Lynx 10.04 Full Disk Encryption with USB Key Authentication

-- http://lfde.org/wiki/index.php/Ubuntu_Lucid_Lynx_10.04_Full_Disk_Encryption_with_USB_Key_Authentication

... especially for laptop users (no warranties expressed or implied, and I didn't write the article at the link provided above), and periodically check your keyboards/mice to make sure they aren't being sniffed in some way.

Giant vulture menaces Scottish skies

K. Adams
Welcome

Dirk Gently's Flat

Of course we know where it went...

... It's waiting in Dirk's flat waiting to be turned back into a jet fighter.

I, for one, welcome our new transmogrified RAF bird-of-prey overlords.

Wiki crew launch attack on FBI official seal bluster

K. Adams
Big Brother

Representation

Since a Federal seal is a work of the United States government, it is not protected by Copyright, and therefore exists in the realm of Public Domain.

That being said, there *are* are regulations forbidding any person/organisation from establishing itself as a branch, employee, or representative of a Federal agency/bureau/department/government corporation when they do not have formal permission to do so. As indicated in the NYT article, the FBI is undoubtedly using a "prohibition of unlawful representation" ordinance to lean on Wikipedia.

This can be a tricky issue:

Wikipedia is using the seal as an element of fact in an (ostensibly) encyclopedic article ("This is the FBI's logo."), which means that it should be protected (at minimum) through Fair Use. On the other hand, the FBI could argue that since the seal is not eligible for Copyright protection in the first place, the Fair Use doctrine does not apply (i.e., their argument would be that Fair Use can only be applied against works that are Copyright-eligible).

Big Brother, for obvious reasons.

Liberal Google, Yahoo!, Apple hurting America claims Reagan

K. Adams

Unnecessary

@AC 19:36GMT: "Anybody looking for another reason not to by Dell, take a close look at the chart."

Don't need to, thanks. Have enough reasons already...

Paris, 'cause she never needs a reason for anything.

Next Gnome delayed until 2011

K. Adams
Badgers

Brief Respite from the Badgers

Thank $DEITY!

Gnome Shell is, IMHO, one of the most draconian rewrites of the GUI paradigm that has ever been foisted on the Gnome user community.

I used to be a big fan of KDE until KDE 4.x came out. At that point, I switched to Gnome. One of the reasons I've liked Gnome so much is that it has (to this point) seemed to be more stable and easier on resources than KDE 4.x, didn't overwhelm you with a buhzillion fiddly options, and (usually) shipped with common-sense defaults.

Sure, the current edition of Gnome is nowhere near as fast and light as LXDE or Fluxbox, or even Xfce (although Xfce has recently started to get a bit top-heavy as well), but it can work on pretty much any graphics card minted since, say, 2003-ish.

However, I can't say the same thing about Gnome 3.0 (especially Gnome Shell). It's almost guaranteed to **require** hardware-accelerated graphics to run properly, with all of it's "Hey! Let's shrink the whole desktop to make room for the Activities menu!" [**] and what-not, and likely strong acceleration to boot (read: nVidia G9x core / ATi R600 core, or better). Not even KDE, with all of its current resource requirements, is **that** bad.

Oh, and Clutter/Mutter (graphics toolkit/window manager toolkit) as used by Gnome Shell is incompatible with Compiz.

[**] Wanna see what I'm talking about? Then check here:

-- YouTube (GNOME 3: Gnome Shells)

-- http://www.youtube.com/watch?v=lQUuH2dIFHM

(Badgers, because Web2.0 tech is invading my GUI toolkit.)

Ballmer and Softies sacrifice sleep to catch iPad

K. Adams
Pint

"... with a promise you're now committed to catching up."

Funny, I said that just yesterday:

-- Comments: Microsoft biz stars won't shine in Wall Street web show

-- http://forums.theregister.co.uk/forum/1/2010/07/28/microsoft_pulls_presidents/

Any chance for a footnote? ;-)

Microsoft biz stars won't shine in Wall Street web show

K. Adams
Gates Horns

Irrelevant

It doesn't matter what Microsoft says, where it says it, when it says it, why it says it, and/or how it says it.

The fact is that Microsoft has dropped the ball too many times, and is playing catch-up in all of the sectors that matter. (Note that for purposes of discussion, "playing catch-up" could refer to market position, technological innovation, or both. It is possible that Microsoft is ahead of the competition in one aspect, but behind in another, and losing ground over time, even if a major player today.) To wit:

-- Search: Bing is playing catch-up to Google

-- Mobile Telecom: WinMob7 is playing catch-up to Android and i(Phone)OS

-- Portable Music: Zune is playing catch-up to the iPod and iTunes

-- Console Entertainment: XBox/XBox 360 is playing catch-up to Wii, and to a lesser extent, PS3

-- Utility Cloud Computing: Azure is playing catch-up to Amazon EC2 and RightScale

-- Virtualization: Hyper-V is playing catch-up to VMware ESX/vSphere, XenServer, and to a certain extent, Linux-KVM

-- Cloud Apps: Office Online is playing catch-up to Google Apps

Microsoft is still leading its competitors in certain sectors, but in my mind these market areas will become less and less relevant over time:

-- Browser: Collectively, Internet Explorer is still ahead of Firefox, Opera, Chrome, and Safari. However, if you compare individual versions, IE is at parity, or starting to fall behind.

-- Desktop: Windows still owns the vast majority of the desktop, laptop, and netbook market. However, the move to handheld and tablet Internet devices will seriously eat into PC market share, which will spell trouble for Windows licensing revenue. This is especially true on the consumer side, where browsing, simple messaging, e-book reading, music listening, video watching, and telephony are the six primary reasons for owning a compute device. For these six well-defined purposes, a full-fledged PC and/or "fat" operating system is overkill.

-- Office: Microsoft Office is still the dominant player in the word processing, spreadsheet, and presentation appsuite market. Even so, many sovereign states (especially in Europe and South America) are experimenting with (or have already moved to) FLOSS* alternatives like OpenOffice.org, and other government entities and businesses are trying out hosted application services like Google Apps.

Until recently, Microsoft seemed to be virtually invulnerable, having shrugged-off antitrust lawsuits in the U.S. and appeased European regulators with similar concerns. However, its political resilience hasn't translated into increased revenue: Microsoft announced its first-ever round of layoffs during the Great Recession, in order to protect its liquidity ratio, and as a hedge against market saturation.

Let's face it: We have entered the Post-Microsoft World. MS needs to focus on doing a few things, and doing those things very well, if it wants to remain relevant, and ultimately, to continue to exist. I am not saying that the company is (at present) in any danger of folding, or going bankrupt, or even unloading any of its assorted divisions -- it's sitting on a veritable pile of cash -- but it does seem to be having trouble navigating present market currents.

In short, the bandwagon has often already left, by the time Microsoft gets around to hopping on it.

*FLOSS = Free/Libre` Open Source Software

Removing SCADA worm could disrupt power plants

K. Adams
Headmaster

"... whenever a system running Siemens's SCADA software is attached to an infected USB stick."

Umm... Doesn't it make more sense to "attach the infected USB stick to the system"? (Well, maybe not in this case, but...)

I mean, SCADA systems can be quite large and heavy, after all.

Microsoft issues stopgap fix for critical Windows flaw

K. Adams
Boffin

!= code

The icon ** ISN'T ** designed to contain executable code, per se.

What's happening is that griefers and other miscreants have identified a flaw in the shortcut parsing mechanism that can be exploited by filling parameter fields within the shortcut with unexpected data.

These parameter fields are descriptors that are used to tell Windows what folder/file the shortcut points to, what application the target's MIME type is registered to, what image/bitmap to use to draw the shortcut's icon, things like that.

When the shortcut parser encounters this malformed data, instead of failing gracefully, the parser fails in such a way that causes the malformed data to be executed as machine code. This parameter-data-turned-machine-code can be used to do all sorts of nasty and/or unexpected things, depending on the privileges the code inherits from the parser, and/or the code's ability to break through the other layers of Windows' security subsystem.

This kind of attack can theoretically work on any OS with a modern, shortcut-and-icon-based GUI (including Linux and Mac OS X), ** IF ** the shortcut parser isn't up to snuff (in other words, is suffering from the same style of bug).

All you need to do is fill a *.desktop file (for a Linux desktop environment like GNOME or KDE) or resource fork (Mac OS X) with lots of specially-crafted extraneous data, and ** IF ** the GUI's shortcut / icon / *.desktop file / resource fork parser breaks in the right way, you ** MAY ** be able to exploit the situation to run arbitrary code.

Note that I am NOT saying that Linux or Mac OS X suffers from the same kind of hole. A lot of things need to fall into place in order to successfully exploit a weakness in any operating system component. I am speaking hypothetically, hence the prodigious use of the word ** IF **. No operating system is bullet-proof.

IBM preps z11 'system of systems' mainframe

K. Adams
Coat

Crispy Critters

There's actually an acronym for this kind of "complex instruction decoding on RISC microcode cores": CRISP.

-- [C]omplex [R]educed [I]nstruction [S]et [P]rocessor

Mine's the one with my Microprocessor Design and Engineering cheat sheet in the pocket.

Spotify ports its music streamer to Linux

K. Adams
Black Helicopters

"... issues regarding decoding of local music on the Linux platform"

AKA: due to "... the fact that there's no way we're gonna upset Big Media, by allowing the full-featured edition of our software to be used on an open platform that normally eschews pesky things like DRM."

RIM nemesis slaps patent suit on Apple, Google, Microsoft...

K. Adams
Stop

Don't Make It, Can't Keep It

Gawd, how I hate patent trolls, and the rife gamesmanship allowed by the USPTO...

I'm not against patents per se, but I am firmly of the belief that if you own a legitimate patent, you should have a finite period of time to start manufacturing, building, or creating a product based directly on that patent. At the end of that finite "fish-or-cut-bait" period, if you have not exercised your privileges in this regard, the patent is opened to the public domain.

Note that this "fish-or-cut-bait" period would be much shorter than for the current protection period, which to my mind would still be OK if you, as the patent owner, are actively pursuing manufacture of an item based on the patent.

I would also like to see a rule in which patents owned by public universities in the US would have to be sold at auction to the highest bidder within 2 to 5 years after the date the patent is officially awarded and assigned its number by the USPTO. The public university could, in the meantime, license the patent to recoup research/development costs, but when the patent is auctioned, the outstanding licenses would also be transferred to the winning bidder. The winning bidder must then commit to manufacturing a product based on the patent within the "fish-or-cut-bait" period outlined above, minus the time the patent was held by the university.

Private universities would be exempt from the forced-auction rule, if the university enters into a partnership with an outside company to manufacture and market a device based on the patent, and is the majority investor in said partnership.

General purpose business software (i.e., office applications) would not get invention patent protection. However, it could still qualify for copyright protection, and design patent protection (which covers the overall aesthetics of the software or individual elements of the software). Likewise, software which performs no tangible, physical function other than to manipulate data within the confines of a general purpose computer or computer network (such as email, web portal, or content delivery software) would also not be patentable.

Software which is used for the direct and native control of a physical device could conceivably be eligible for patent protection, but the nature of the "direct and native control" would have to be something tangible (like controlling a stepper motor which is an integral part of a machine).

Mathematical algorithms, including crypto algorithms (whether having entered into humanity's knowledge, or still awaiting discovery), being fundamental facts of nature, would not be patentable. Physical devices which use the algorithms as a native part of their functionality would, however, be eligible for patent protection.

Just my US$0.02...

Radiation warning labels for deadly mobes!

K. Adams
Coat

Everything is known to the State of California...

... to cause cancer and birth defects or other reproductive harm.

Jacket, because mine's the one with a copy of California Proposition 65 (1986) and a Chemical Abstracts Service registry in the pocket...

New attack bypasses virtually all AV protection

K. Adams
Boffin

Not so easy to fix if...

... the memory page allocation service is itself is exposed via the very same SSDT, though.

If you tell the SSDT to write data destined for user memory to a kernel-constructed/reserved page, then have the kernel copy the data from the kernel page to the user page (or adjust the pointers and page permissions - same difference), the SSDT still needs to provide information (or be provided information) about the page and security context switch, so that when the hooked service unwinds its call stack, the calling app knows where its data is.

Since the SSDT would still be involved, I don't see how writing the data back to a kernel-reserved page first would help anything...

Space Station lightsabre-sparring hoverdroids to be upgraded

K. Adams
Joke

Youth Driving in Space?

> ... to include a high-level programming language designed to let "non-specialists (eg high school students)" write useful "complex cluster flight algorithms" ...

Umm, bunches of reckless, show-off teenagers are bad enough at driving around on the ground. (I remember being one myself, on occasion, before I decided that I didn't like paying The Man to have fun...)

Now DARPA wants to hand these kids the keys to drive droids in space?

Hope DARPA's got good liability insurance; repairs to the ISS are **expensive**...

New ISS machine makes water from waste CO2

K. Adams
Thumb Up

Zero-G Nanodiamond

Since the graphite would be so pure, it would probably be perfect for conversion into zero-g nanodiamond matrices that could be used for things like constructing ultra-strong, ultra-clear window glass and other "supermaterials."

Vernor Vinge, Charles Stross, William Gibson, and other authors have all mentioned "diamond glass" as being a common material used for window panes in spacecraft and orbiting habitats...

K. Adams
Boffin

Radiative vs. Convective Cooling

> ... but surely something can be done by putting computing power outside the life supported areas.

One must keep in mind that up there in Low Earth Orbit, there is almost no atmosphere (i.e., zero, for practical purposes) outside of the spacecraft to allow for the efficient transfer of equipment-generated heat into a surrounding medium, which would then be carried away by kinetic and/or convective processes.

The only real way to get rid of the heat is by dissipating the energy into the surrounding near-vacuum "photonically" through a phenomenon known as "black body radiation:"

-- http://en.wikipedia.org/wiki/Black_body_radiation

Since direct thermal radiation into a surrounding "empty" void is a very inefficient process (compared to the kinetic/convective transfer of heat between two materials in close contact, like a PC's CPU heat sink with the surrounding atmosphere), heat generated by the station's equipment would build up very quickly if there wasn't a way to get rid if it in a timely manner.

The station maintains its temperature balance by using closed-loop water systems to carry excess heat to giant external radiating panels, which dissipates the heat as thermal (infrared) radiation.

Another way to use this excess heat would be to pass it across a thermocouple, so the excess heat could be converted into electricity for use in charging batteries and running low-power experiments. I wouldn't be at all surprised of the station already makes use of some of its excess heat for this purpose.

FBI calls for two year retention for ISP data

K. Adams
Big Brother

Or More Sinisterly...

It could also be interpreted that running a Tor exit node makes you a "de facto" ISP (since you would ostensibly be providing an Internet-based packet routing service), meaning that **you** yourself would be required to keep source/destination info as well...

Big Blue demos 100GHz chip

K. Adams
Joke

Still won't be fast enough...

... to run Crysis...

FCC boss stumps for free and open internet

K. Adams
Grenade

Packet Numbers vs. Numbers of Packets

I think the thing that we need cleared-up with regards to the Net Neutrality discussion is that a distinction needs to be made between protocols (i.e., content) and bandwidth (i.e., speed).

I have no problems with ISPs setting up a "tiered access" model, where the money you pay determines the max bandwidth accessible to your cable or DSL modem.

In other words, it should be well within an ISP's right to charge for Internet access according to some speed/bandwidth schedule, like:

-- $xx/month for 1.5Mbps down/384Kbps up

-- $yy/month for 3.0Mbps down/512Kbps up

-- $zz/month for 15Mbps down/768Kbps up

However, I **do not** believe that an ISP should be able to throttle my bandwidth, or move me into another access tier, based upon the content (i.e., type of packet) entering or exiting the cable/DSL modem at my business or residence.

I subscribe to an ISP because they are, ostensibly, an Internet Service Provider. They are to provide me with access to "The Internet" (caps intentional) as a whole, not "the ISP's version of the Internet." I pay them to pass packets I send upstream, and to pass packets I receive downstream.

They should not have the right to inspect the packets, determine their type, and then charge me based upon the structure, content, or source/destination of the packets, because at the bit-for-bit level, all packets are the same. To do otherwise is a gross invasion of privacy (and in some countries, runs afoul of wiretap laws - although the there is currently some "fuzziness" in the US regarding this particular point).

Secret code protecting cellphone calls set loose

K. Adams

I suspect...

... that the US' NSA, the UK's GCHQ, Russia's FSB, and China's MIIT "encouraged" the GSMA to "sell" them the rainbow tables for both A5/1 and A5/3 a long time ago...

Adobe: critical Acrobat flaw fix 4 weeks away

K. Adams
IT Angle

Re: How do I uncheck "Enable Javascript" on hundreds of desktops?

For Windows, run a BAT or CMD script on (user) login:

@echo off

reg add "HKCU\Software\Adobe\Adobe Acrobat\9.0\JSPrefs" /v bEnableJS /t REG_DWORD /d 0 /f

Congressmen steam over Wikileaks TSA breach

K. Adams
Flame

@The Indomitable Gall

"We all know that the US is a terrorist organisation."

Really? How about a side-by-side comparison of strategy and tactics, just so we can be clear on how terroristic we are:

Hijacks civilian aircraft and rams them into civilian/commercial buildings:

-- US: No Them: Yes

Leaves improvised explosives in public areas traversed by civilians and detonates them during high-traffic hours:

-- US: No Them: Yes

Engages in group ambush/guerrilla warfare tactics against legitimate (Red Cross/Red Crescent) medical and supply convoys:

-- US: No Them: Yes

Makes no attempt to distinguish between civilian and military targets and to reduce collateral damage:

-- US: No Them: Yes

Uses covert operations to target specific individuals suspected of being involved in deliberate attacks on civilians or civilian property:

-- US: Yes Them: Maybe

Uses both old and new media technologies as a means of recruitment and propaganda:

-- US: Yes Them: Yes

Encourages the elimination of fundamental rights and education for women:

-- US: No Them: Yes

Is in favor of establishing a dictatorial, authoritarian monarchy underpinned by so-called "religious" or "theocratic" principals:

-- US: No Them: Yes

/* sarcasm */ Yup. That's a score of 1.5/8 "the same," or about 18.75% "sameness" (based on the all-encompassing list above). We're **just like** Al-Quaeda, for sure...

This is not to say that there aren't any people within US Federal Government who do despicable things. There are; to declare otherwise would be naive. Like many of my country's citizens, I view its government with a measure of skepticism and cynicism. But on the whole, US-GOV isn't in the habit of running around murdering innocent people. (Trying to control and tax them, though, may be another story...)

Sequoia opens kimono with e-voting code handout

K. Adams
WTF?

"a modern language that's widely regarded as secure"

Huh?

A programming language doesn't make your product "secure." Using that language **properly**, by:

-- sanitizing input before passing it to a parser

-- destroying no-longer-needed object instances

-- checking for NULL pointers before performing a dereference

-- writing graceful exception handlers

-- avoiding deprecated features/methods

-- coding to the Principal of Least Privilege

-- etc.

(just a general list, some may not apply to C#) is what makes your product "secure."

Apple seeks OS-jacking advert patent

K. Adams
Alert

Chrome OS, Kiosks, etc. Already Infringers

Wow. Talk about a broad-based patent.

Just about any OS that can be rigged to boot directly into a browser that has all of its pop-up blocking, script protection, and other privacy settings disabled can be labeled as "infringing."

A Windows-based kiosk with IE set as the default shell, Google Chrome OS w/ pop-up blocking turned off, a Linux and Firefox/Iceweasel-based thin client, and a GPS unit with ad-supported real-time traffic updates would all qualify under the patent as written.

Not that I hope the patent finds actual use, of course...

SCO boots boss McBride

K. Adams
Linux

I wonder if they issued...

$ killall -u dmcbride

on the way out the door?

:-)

Nvidia fires off Fermi, pledges radical new GPUs

K. Adams
Joke

Three billion transistors...

... and it still won't be able to run Crysis, natch.

Microsoft and Intel port Silverlight to Linux

K. Adams
Jobs Horns

The Three EEEs

"Microsoft has already provided Intel with Silverlight source code and test suites."

Under NDA, no doubt...

"The effort with Intel has nothing to do with the developer community of broad Linux."

Sure it does. Microsoft failed in the smartphone and MID markets w/ regard to Windows Mobile, so it's trying to stage a comeback by maneuvering Intel into including Silverlight with Moblin.

Which means developers won't be writing Linux apps for Moblin; they'll be writing Windows Presentation Foundation apps instead.

A perfect example of the Three EEEs:

1. Embrace Linux (Moblin).

2. Extend it with Silverlight.

3. Extinguish native development.

Brilliant!

Google says Apple silenced its Voice

K. Adams
Coat

He said, she said...

The Fruit and The Goog sound like a pair of siblings blaming each other for the broken cookie jar in the kitchen, while Mom (the Feds) scowls in disapproval and Dad (ATandT) sits at the table reading the paper...

Perfect picture of the quintessential American Family!

Grabbing my coat as I sneak out the back door to avoid being drawn into the bickerfest...

Microsoft under threat from Linux - it's official

K. Adams
IT Angle

Not UNIX!

GNU/Linux isn't UNIX. It never claimed to be UNIX. Yet improperly-educated companies like SCO and Microsoft keep saying it's "a variant of UNIX." Sure, a Linux-based OS looks like UNIX, talks like UNIX, and is comfortable hanging around with UNIX, but at the core they don't have very much in common (kernel-wise) other than a fair amount of POSIX compliance...

It would be rather more correct to say that a Linux-based OS is "UNIX-like," as opposed to "a variant of UNIX."

KDE 4.3 promises polish, polish, polish

K. Adams
WTF?

Wrong Direction

Umm:

... a KDE-style API that the group said makes it easier to "temporarily elevate privileges for an application" ...

Aren't we heading down the wrong track here? I would think the last thing we would want to do is "make it easier" to elevate an application's priveleges. It would be much better to design the app so it doesn't require elevated priveleges in the first place (system "control-panel"-type software being the exception, of course).

UNIX and UNIX-like operating systems were originally designed to embrace the "Principle of Least Privilege," which means you only get what you need to do your job. Now the devs are writing APIs to actively sidestep this philosophy?

I used OS/2 because I didn't want to put up with the Swiss-cheese security model used by Windows. When people stopped supporting and/or developing for OS/2, I switched to GNU/Linux, because I still didn't (and don't) favour the way Windows handles security.

At this rate, pretty soon the only "secure" desktop is going to be a green screen talking to a cobwebby S/370 buried in the basement of some derelict warehouse...

Tiny typo blamed for massive IE security fail

K. Adams
Coat

Shadows of the AT&T Telecom Crash of January, 1990

These types of errors are all too easy to make...

Even something that should be "easy" to spot, like the improper nesting of "IF - THEN - ELSE" or "SWITCH - CASE" statements (to use pseudocode vernacular - I know C statements should be lowercase), can slip past trained eyes, only to come back and bite you in the ass sometime down the line.

For those who are old enough to remember (and who lived in the US at the time), an erroneously placed "BREAK" statement in a nested block of "IF - THEN - ELSE" C logic caused most of the AT&T's 4ESS telephone switching network to crash in January, 1990.

The "IF - THEN - ELSE" block was nested inside of a "SWITCH - CASE" block, with the "BREAK" statement residing inside the "ELSE" sub-block, when it should have resided **outside** of the "IF - THEN - ELSE" block entirely. The coding error had the effect of starting a race condition in a telephone switch accepting offloaded calls from another, heavily-loaded switch. This caused the backup switch to offload its calls to yet another switch, propagating the error through the network.

The Public Switched Telephone Network (PSTN) was brought to its knees in a matter of seconds, and wasn't fixed until AT&T reverted all of its 4ESS switches to an earlier version of code, some ten hours later.

So if it's easy for a key part of decision logic to slip past a trained programmer's eyes, it's understandable how something as small as a rogue ampersand can go undetected.

Mine's the one with the C Language Reference in the pocket...

Save journalism, online newspaper publishers beg EC

K. Adams
Megaphone

Blogging is the New Journalism

Blogging and Podcasting (collectively known as "PAJ" - Personal Area Journalism) are slowly but surely rendering the big production houses obsolete.

The entire News/Op-Ed industry is migrating to a freelance-type, report-as-you go content model.

The Blogger is the new "reporter," in the sense that he/she writes about what is happening around (or to) him/her.

The Aggregator is the new "Editor-In-Chief," in the sense that its search engine relevancy rankings are largely responsible for determine whose content is consumed by the Internet-at-Large.

Granted, a lot of the content out in the Blogosphere is completely vapid and useless, but some of it is extremely topical and/or very well researched.

And we are finding that in many cases in today's world, Bloggers "on the inside" can go to and/or report from places that the mainstream media houses can't (or aren't willing to) access. The current unrest in Iran is a good example of this: Even the U.S. State Department requested that Twitter postpone a systems maintenance cycle so election protest-related "Tweets" wouldn't get lost or bounced while the service was off-line...

DHS killing satellite self-spying program

K. Adams
Coffee/keyboard

Oh, look...!

It's Will Smith and Gene Hackman... I wonder what they're up to?

;-)

SCO inks last-second life-saving Unix pact

K. Adams
IT Angle

@Ashley: Why not?

The U.S. is doing the same thing with GM and Chrysler...

:-\ :-\ :-\

Ballmer clashes with Obama over US tax rules

K. Adams
Go

As much as I hate to agree with 'im...

... Ballmer's right on this one.

If you make money overseas, keep it overseas, invest it overseas, and use it overseas, you should pay taxes on that money to the overseas authorities.

And, for the sake of argument, let's say Ballmer does relocate all of Microsoft's HQ and Product Development offices from Redmond to a more tech-company-friendly country, like Ireland (i.e., Windows, Office, etc. would be wholly developed, authored, tested, and licensed for sale from within that country). The import tarrifs Microsoft would have to pay to the US could conceivably be quite a bit less than the additional income tax burden Obama is trying to push onto multinational companies.

I'm an admitted Linux fanboy, but every once in a great while the folks at M$ do make sense...

Of course, Microsoft could move to Mexico, and ship to the US and Canada and pay zip in tarrifs because of NAFTA. They'd probably have to pay quite a bit to the local Cartels for "protection," though...

Love on the buses: The S-100 and me

K. Adams
Coat

KayPros and Micro-C

Brings back memories of my Kaypro II with a customized BIOS provided by the folks at Micro Cornucopia Magazine. Those were heady days, when one could actually call up the magazine and speak personally with the likes of Dave Thompson, Larry Fogg, Bruce Eckel, and Scott Ladd. I wonder what they're up to now-a-days? Bruce is still writing programming textbooks, but I've lost track of the others... P.S.: I miss you guys!

My jacket's the one with the beat-up copy of Micro C. in the inside pocket...

US superputer nuke boffins puff mighty, arse-kicking GPU

K. Adams
Flame

Finally...

... A system that can run Crysis at full rez, with everything cranked to high!

:-p

Sun downgraded to Goldman Sachs sell list

K. Adams
Thumb Up

At least the important parts of Java...

... have gone FOSS.

So if Sun does go under, not all is lost.

Which would be a shame, since J. Schwartz is a pretty cool dude...

Seagate's small form factor screamer

K. Adams
Alert

Really pushing the areal density...

... squeezing 2.09 TiB onto those tiny little platter(s) ...

Who's got more cash? Apple or Microsoft?

K. Adams
Boffin

Market Cap vs. Liquidity

For Jobs & Co. to have US $4bn *more* stuffed between the mattresses than Ballmer's Behemoth shows just how much more nimble and trim Apple is compared to Microsoft.

Apple has a close to 4:1 market cap to liquid assets ratio. Microsoft's is more like 9:1.

I think a lot of this is due to the fact that Jobs isn't afraid to take an axe to under-performing products. For example, he cut PowerPC-based Macs out of the picture, and moved the OS X platform to Intel. It was painful in the short-term for users and app developers, but it has paid off in the long run. And having near-draconian control over the hardware that runs your OS helps, too...

Microsoft, on the other hand, has to write its OS to run across a wide range of hardware. In addition, it keeps dumping cash into relative failures like Windows Vista. And we all know how good that turned out to be...

Washington postpones historic vote

K. Adams
Paris Hilton

"Overhaul" = "It's the Customer Who Will Get Reamed"

Why do I get this feeling that whenever the Feds try to "overhaul" something, it'll be *me* who get his cylinder reamed?

Because we all know that the first thing that's gonna happen after the Universal Service and Intercarrier Compensation systems are "overhauled" is that the Telcos are gonna want to pass the implementation costs onto their customers...

Paris, because her phone bill's goin' up...

NASA mulls nuclear Moon reactor

K. Adams
Go

The three "Esses": Small, Simple, Safe

A fission reactor located at such a distant outpost would need to be small, simple, and safe, with high durability and a preponderance of graceful failure modes.

Thus, niceties such as control rods and primary coolant pumps are off the table.

One of the interesting designs that fit these criteria is the pebble bed fission reactor. Small, round slugs of radioactive material are encased within spherical graphite "pebbles", which are between a golf ball and bocce ball in size.

Toss a bunch o' pebbles in a sturdy sealed can, fill it up with an appropriate heat transfer fluid (in the physics/chemistry sense - such as steam), hook up some tubing to carry the fluid, and bury the whole kit in the backyard. Voila! A self-moderating, low-maintenance, unobtrusively quiet power plant. (Not that you would hear much outdoors on the Moon, but you get the idea...)

Cheers...

Lawyers slap Nvidia with chip glitch lawsuit

K. Adams
Boffin

Addendum: About SEC Filings

For those that are curious, the US-SEC mandates that all public companies under its jurisdiction file as follows:

-- Form 10-K: Detailed annual performance report - heavily audited

-- Form 10-Q: Quarterly performance report - may not be audited

-- Form 8-K: Report that must be filed within 4 business days of a materially significant incident

Cheers...

K. Adams
Stop

@RotaCyclic

While I agree that Class-Action lawsuits do nothing but add another layer of nice, green wallpaper to lawyers' bathrooms, I disagree with your assessment that the lawsuit has nothing to do with U.S. securities law...

As a public company, nVIDIA has a fiduciary obligation to notify its shareholders on a quarterly basis about incidents that may materially affect the business, so that investors may make ongoing, informed decisions about their holdings in the company.

I'd say that the nVIDIA Chip Fiasco falls squarely into that category. If nVIDIA did, in fact, know that there was a problem with its chips more than 6 or 9 months ago, and expected to take a big hit because of it, the incident should have been listed as a significant incident in nVIDIA's quarterly SEC (Securities and Exchange Commission) filings.

The lawsuit alleges that this chip problem wasn't disclosed in a timely manner, robbing investors of their ability to make informed decisions with regard to their holdings.

Personally, if you want to be nit-picky about it, the SEC should prosecute nVIDIA for fiduciary negligence. Any Class-Action lawsuits should be put on hold until the criminal implications are resolved.

Cheers...

Open source release takes Linux rootkits mainstream

K. Adams
Go

@Steve Dommett - WTF?

In regard to your missive:

----- quote -----

Immunity Inc. are based in Florida. As such, they are accountable under US law. If the yanks can extradite a UK resident (Gary McKinnon) for cracking, surely they are also capable of bringing someone to account who makes a rootkit toolkit to facilitate this crime? Or is being accessory to cybercrime not yet a felony?

----- endquote -----

Over on this side of the pond, the laws - and especially legal precedent set by the Courts -- often make a distinction between "making available" and "inciting illegal activity."

For example, in Electra v. Barker (US District Court, Southern District of New York; Case No. 05-CV-7340-KMK) -- a RIAA / P2P / copyright case -- the judge determined that (to paraphrase) making a copyrighted work available via P2P is NOT the same as offering to illegally distribute a copyrighted work (or encouraging others to illegally distribute a copyrighted work) within the context of the law as written by Congress ("Opinion and Order"; March 31, 2008; about page 18 and following).

And let's not forget Sony Corp. of America v. Universal City Studios, Inc. (US Supreme Court; Case No. 464 US 417; Initial hearing January 18, 1983; Reargued October 3, 1983; Decided January 17, 1984). In this case, the US Supreme Court held that a device or technology cannot be outlawed if it has substantial legal and legitimate uses. This case, again, was argued in the context of copyright, but the theory holds.

Immunity's DR product can be used for nefarious purposes. However, the software also has substantial legitimate uses: It is a tool that can be used by security administrators to see how well their computer networks and servers stand up to unauthorized penetration.

So the short answer is, basically, "No, Immunity will probably never be held as an accessory in the commission of Cybercrime."

Cheers...

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020