Post #259,815
6/23/06 5:01:11 PM
|
Trusted applications
First problem: If I write my own software, how do I get the hardware to recognize it as trusted? If I can't, then I can't write my own software. If I can, then so can the bad guys. Technically, that's not a problem, or at least for the application layer. Application writers can submit their software to operating system vendors, who then verify it and use a secret hash algorithm to verify it at run-time. It'll be slow and costly but it will be trustable. Might be too expensive for niche and bespoke applications but it does lock out the bad guys. As for trust of the OS vendor: fortunately, such vendors maintain a strict, Chinese wall between OS and application divisions, do not copy then destroy products that might undermine their monopoly, do not insert odd code to generate spurious error messages and do not subvert system protocols to be incompatible with rival OSes. We can be certain they would not deliberately delay, needlessly query or create spurious rejection reasons. I see no technical problem at all.
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
|
Post #259,816
6/23/06 5:04:23 PM
|
For about five seconds ...
... I was thinking, "What the fuck have you been smoking?" Then you got more obvious.
I still think the biggest problem is that the only way this system can possibly work is if all the pieces work flawlessly, and none of the "good guys" are intentionally subverting the system for their own aims.
===
Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats]. [link|http://DocHope.com|http://DocHope.com]
|
Post #259,818
6/23/06 5:41:33 PM
|
Companies sticking to standards: SQL anyone?
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
|
Post #259,819
6/23/06 5:41:38 PM
6/23/06 5:42:24 PM
|
DPM
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
Edited by warmachine
June 23, 2006, 05:42:24 PM EDT
|
Post #259,825
6/23/06 6:41:04 PM
|
You see no technical problem because you're an idiot
Suppose that I write a program whose job, when executed, is to emulate running other programs. If the hardware trusts my program, then anyone who wants can write programs on top of it.
Seems like a strange thing to do, huh? Easy enough to avoid it, let's just ban such programs.
Congratulations, you've just banned Java, Perl, .NET, Python, PHP, JavaScript, Smalltalk, Lisp, etc, etc, etc.
Incidentally the idea that application writers have to submit their software to operating system vendors is laughable. No intelligent company wants to do that. Competitors of said vendors might as well shoot themselves in the head, it will be marginally faster and substantially less painful. Normal companies don't want the development overhead and will be understandably unhappy about having to submit their code for third party inspections.
I'm with Drew. What are you smoking, and would you mind shipping a good supply to Mr Patient's house by next Friday?
Regards, Ben
The great masses of people ... will more easily fall victims to a big lie than to a small one. -- Adolf Hitler
|
Post #259,830
6/23/06 6:59:00 PM
|
Your sarcasm detector is broken.
|
Post #259,831
6/23/06 7:02:36 PM
|
D'oh
The great masses of people ... will more easily fall victims to a big lie than to a small one. -- Adolf Hitler
|
Post #259,834
6/23/06 7:06:52 PM
|
Severely.
Especially since Drew talked about the sarcasm in his post.
*boggle* :-)
Regards,
-scott anderson
"Welcome to Rivendell, Mr. Anderson..."
|
Post #259,838
6/23/06 7:29:41 PM
|
I'm tired. It happens.
The great masses of people ... will more easily fall victims to a big lie than to a small one. -- Adolf Hitler
|
Post #259,841
6/23/06 8:04:47 PM
6/24/06 7:04:35 AM
|
Emulators and SDKs only run trusted, signed code...
except on developer versions of the OS. Non-developer OSes won't talk to developer OSes. Except for specific, license activations of the developer OS by the vendor servers. And no self-signing by anyone.
To prevent hackers changing code and fooling hash signature detectors, the hash algorithm must be secret. Therefore, OSes don't share hash algorithms. Portable, Java code, for example, must be submitted to the vendor of each OS it might run on. That includes the libraries you're using.
I can see a pool of trusted, code inspection companies, which notify all the vendors. To avoid the potential scandals of application writers paying their inspectors, the vendors must pay them. To avoid OS vendors stealing from the system by watching what other application vendors sign, all vendors must pay. To avoid the smaller OS vendors subsidizing the larger ones, the payment is in proportion to the number of deployed, signed programs on each OS. The products of payers will refuse to talk the products of non-payers. And for anti-terrorism purposes, code inspectors must be vetted by any country's secret service that cares.
Independent code inspectors avoids the danger of larger OS vendors delaying inspection to damage other companies. An OS vendor can withold all payments if they believe the code inspector is being lax and allowing unstable or malicious junk. After all, it is their reputation on the line as they're signing the software. With OS competition, the cash flow of inspectors should survive one vendor witholding payment. In the event of a dispute, it goes to court under contract laws.
As I said before, I see no technical problems.
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
Edited by warmachine
June 24, 2006, 07:04:35 AM EDT
|
Post #259,846
6/23/06 8:49:29 PM
|
He wasn't being sarcastic!
He was being stupid.
So you've just decided to destroy all home brew software. All of it.
|
Post #259,847
6/23/06 8:56:49 PM
|
He was too!
|
Post #259,848
6/23/06 9:00:30 PM
|
He's doing it very deadpan if he is
|
Post #259,849
6/23/06 9:04:08 PM
|
Well, Duh.
|
Post #259,851
6/23/06 9:43:47 PM
|
Peter's right. Americans don't get sarcasm.
He was being VERY sarcastic and very dry. But obviously so in my opinion.
Regards,
-scott anderson
"Welcome to Rivendell, Mr. Anderson..."
|
Post #259,865
6/23/06 10:17:30 PM
|
So we need a sarcasm compiler
Which would be cool.
----------------------------------------- Impeach Bush. Impeach Cheney. Do it now.
|
Post #259,872
6/23/06 10:28:12 PM
|
ICLRPD (new thread)
Created as new thread #259871 titled [link|/forums/render/content/show?contentid=259871|ICLRPD]
Smile, Amy
[link|http://kevan.org/brain.cgi?Amy%20Rathman|Pics of the Family]
|
Post #260,287
6/28/06 2:24:53 PM
|
And, of course, you'll submit it to the OS vendor...
jb4 "So don't pay attention to the approval ratings that say 68% of Americans disapprove of the job this man is doing. I ask you this, does that not also logically mean that 68% approve of the job he's not doing? Think about it. I haven't." — Stephen Colbert, at the White House Correspondent's Dinner 29Apr06
|
Post #259,894
6/24/06 6:44:19 AM
|
Course I was being sarcastic!
I stated that there are no technical problems right after describing a logistical, commercial and political nightmare scenario. How can anyone possibly think that this is a viable solution, let alone think that I meant it? Is this not 'Run! Get out while you can!' material (accepting that it can never happen)?
That reminds me - I need to add a bit more about how OS vendors won't subvert the process.
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
|
Post #259,895
6/24/06 6:48:50 AM
|
Don't forget Homeland Security.
|
Post #259,896
6/24/06 7:05:59 AM
|
Send it to InfoWorld when you're done.
|
Post #259,897
6/24/06 7:09:56 AM
|
No thanks. Anyone is free to steal my scenario.
Matthew Greet
Choose Life. Choose a job. Choose a career. Choose a family. Choose a fucking big television, choose washing machines, cars, compact disc players and electrical tin openers. Choose good health, low cholesterol, and dental insurance. Choose fixed interest mortgage repayments. Choose a starter home. Choose your friends. Choose leisurewear and matching luggage. Choose DIY and wondering who the fuck you are on a Sunday morning. Choose sitting on that couch watching mind-numbing, spirit-crushing game shows, stuffing fucking junk food into your mouth. Choose rotting away at the end of it all, pishing your last in a miserable home, nothing more than an embarrassment to the selfish, fucked up brats you spawned to replace yourself. Choose your future. Choose life... But why would I want to do a thing like that? I chose not to choose life. I chose somethin' else. And the reasons? There are no reasons. Who needs reasons when you've got heroin? - Mark Renton, Trainspotting.
|
Post #260,020
6/26/06 10:34:03 AM
|
Now you *are* smoking something
How can anyone possibly think that this is a viable solution, let alone think that I meant it? Ever since the government started treating 1984 as a playbook instead of a warning, I think we lost any chance to believe "no one could think X is viable".
===
Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats]. [link|http://DocHope.com|http://DocHope.com]
|
Post #260,022
6/26/06 10:50:09 AM
|
"Surprise Attack" covered this.
[link|http://times.discovery.com/tvlistings/episode.jsp?episode=1&cpi=109122&gid=0&channel=DTC|Why Intelligence Fails: Suprise Attack] on the Discovery Channel. The biggest reasons why it fails are: 1) Refusal to consider new threats, and 2) Hubris.
"Japan won't attack us, because ..." "Egypt won't attack us, because ..." "Bin Laden won't use airplanes to attack us, because ..."
Cheeers, Scott.
|
Post #260,023
6/26/06 11:02:18 AM
|
Time to rename CIA to CDA
You don't gather intelligence, you gather data. You use intelligence to analyze the data and decide what to do with it. (Okay, you should do that.) To talk about "the latest intelligence on Iraqi weapons capabilities" makes no sense.
Now that I've thought about this some -- I noticed it a while ago, but didn't attach too much significance -- I'm probably going to notice how badly it skews our interpretation of public statements from those in the "intelligence community".
===
Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats]. [link|http://DocHope.com|http://DocHope.com]
|
Post #259,844
6/23/06 8:44:30 PM
|
Make it part of the compile process.
|
Post #259,861
6/23/06 10:08:54 PM
|
Like what Kernigan did with his self fixing compiler?
That'd be a good one.
-- [link|mailto:greg@gregfolkert.net|greg], [link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwetheyFreedom is not FREE. Yeah, but 10s of Trillions of US Dollars? SELECT * FROM scog WHERE ethics > 0;
0 rows returned.
|
Post #259,873
6/23/06 10:34:40 PM
|
Nope
It would have to submit the code to the approving authority before allowing the next step. Give 6 months for security review before continuing.
|
Post #259,878
6/23/06 10:48:56 PM
|
Wonderful idea!
Who wanted short code-compile-run-debug cycles during development anyways?
Cheers, Ben
The great masses of people ... will more easily fall victims to a big lie than to a small one. -- Adolf Hitler
|
Post #259,890
6/24/06 4:04:44 AM
|
<muntz>Ha ha</muntz>
Peter [link|http://www.no2id.net/|Don't Let The Terrorists Win] [link|http://www.kuro5hin.org|There is no K5 Cabal] [link|http://guildenstern.dyndns.org|Home] Use P2P for legitimate purposes! [link|http://kevan.org/brain.cgi?pwhysall|A better terminal emulator]
|