ODF Ahead in MA | WMF travesty | Security ie MedRecords | ReiserFS
Acting MA CIO Appointed, ODF A Go: "Re:Summary of What ODF is/means
(Score:5, Informative)
by Doug Coulter (754128) Alter Relationship on Friday January 06, @02:36PM (#14411655)
(http://clab.mystarband.net/)
Check out www.groklaw.net, which has been covering this and the M$ fud about it, as well as the SCO stuff. Basically, ODF is an open standard produced by a consortium of companies and released for public use with no patents, license fees or other encumberances. M$ could add support for it in a heartbeat (though it may not support all their bu...features) but is refusing to do so as that would place them in competition with the various other office suites that do support it -- and they might not win that one. After all, several of the suites that do support it are free as in free beer, as well as in free speech. M$ is responding that we should use their 'open' (but not really) new xml format that they don't even support yet, and which has various legal problems for implementors. Peter Quinn, the CIO who used to have the job, quit because of an M$ funded witchhunt that got him a lot of bad publicity and negative attention. Of course, he was later found to be guiltless, but that little retraction only made it to page four, rather than page one where the accusations were made... See groklaw for more detail."
---------------------------------
Re:Summary of What ODF is/means
(Score:5, Informative)-------------------------
[State of /Massachusetts as it recognizes it will need to be able to read it's digital files for decades, indeed centuries, into the future. MS Office and like applications have proven to be unable to read documents written by versions only a few years old.]
------------
Re:How "standard" is ODF?
(Score:4, Informative)Correct me if I am weong[sic], but ODF is only used by OOo and Suns Staroffice (which is the same thing, in a box, with phone support), so even though the format is open, which is undoubtably good, isnt it just locking into Sun because no one else reads / writes ODF?
OK, you're wrong. ODF is an open format, thus no lock-in. Anyone can and will implement it. Koffice and WordPerfect have both announced that upcoming versions of their products will support it. OpenOffice is open source, so any company can modify and sell support for it. Even MS can support the format easily, they just don't want to because the benefits it brings, like the ability to migrate easily to other formats, might not allow them to gouge customers as easily. The lock-in part of the
Moving to ODF is smart because it is not a lock-in. In five years when MA wants to evaluate new word processors, they can look at the features and prices of at least four different providers and choose the best fit, without worrying if they can read old files and without worrying about migration costs.
--------------xox eof
======================
One of the wisest comments I've heard on security was: security is the tax that the rest of us pay because some people are immoral.
Very true (Score:5, Insightful) by HangingChad (677530) 
on Friday January 06, @01:40PM (#14411163)
Another problem I've seen is execs granting themselves and their assistants way more access than they really need to do their job. It's a power issue for some of them. I run the company and should be able to get to anything.
That's not every company and SOX has made thinking about the consequences more attractive for the higher ups.
------------------
Too much trust...
(Score:5, Interesting)=================
Oblivious to the problem, or resigned to it?
(Score:5, Insightful) by Control Group (105494) on Friday January 06, @01:49PM (#14411265)
(http://www.livejournal.com/users/control_group)
on Friday January 06, @01:49PM (#14411265) (http://www.livejournal.com/users/control_group)
This sounds bogus to me.
I doubt many companies are "oblivious" to the insider threat, it's just considered an acceptable cost of doing business. For example, a grocery store I used to work at knew perfectly well that their employees were lifting candy from the bulk candy dispenser (to pick an example). But they also knew the money they lost on that was significantly less than the cost of installing cameras and paying someone to review the tapes, or than the cost in lost sales of eliminating the bulk candy dispenser. So, when someone was caught red-handed, they were read the riot act (at least) or outright fired (at worst), but no special effort was made to catch people.
I don't think the owners of that grocery store were business prodigies, either. My guess is that the same sort of logic applies to most employers: the cost of preventing the infraction is higher than the cost of allowing it. The truth of this is reflected in which industries do protect themselves against the "insider threat": places like casinos, where a successfully criminal insider could lose them huge quantities of money.
Meanwhile, the book seems to make the same suggestion a lot of security experts do: if a user doesn't need the technology, then don't let them use it. This sounds good, but it carries costs, too. First, of course, the cost of setting up and maintaining a network that enforces such policies. But second, the cost in employee morale, which cannot be discounted. Another job I had not all that long ago was in an office that didn't allow its employees to listen to talk radio. Music was fine, but talk radio was too much of a distraction. Since you didn't need it to do your job, you weren't allowed to have it.
The effect on morale was, to put it mildly, negative. Honestly, it's one of the reasons I didn't have the job for very long. Email and internet access are similar: employees have become accustomed, rightly or wrongly, to some personal use of these technologies. Take that away, and you're sure to end up with disgruntled employees, no matter how rational your reasons.
Moreover, it's a question of trust. If you demonstrate to all your employees that you don't trust them, odds are good you'll increase the number of employees who will live up (or down, if you prefer) to your expectation. At best, you'll incur the costs associated with high turnover rates. At worst, you'll fall victim to even more pernicious crime than you otherwise might have.
I guess the point is, it's not necessarily ignorance or even apathy that causes businesses to be vulnerable to insiders, it's simple cost/benefit analysis.
I doubt many companies are "oblivious" to the insider threat, it's just considered an acceptable cost of doing business. For example, a grocery store I used to work at knew perfectly well that their employees were lifting candy from the bulk candy dispenser (to pick an example). But they also knew the money they lost on that was significantly less than the cost of installing cameras and paying someone to review the tapes, or than the cost in lost sales of eliminating the bulk candy dispenser. So, when someone was caught red-handed, they were read the riot act (at least) or outright fired (at worst), but no special effort was made to catch people.
I don't think the owners of that grocery store were business prodigies, either. My guess is that the same sort of logic applies to most employers: the cost of preventing the infraction is higher than the cost of allowing it. The truth of this is reflected in which industries do protect themselves against the "insider threat": places like casinos, where a successfully criminal insider could lose them huge quantities of money.
Meanwhile, the book seems to make the same suggestion a lot of security experts do: if a user doesn't need the technology, then don't let them use it. This sounds good, but it carries costs, too. First, of course, the cost of setting up and maintaining a network that enforces such policies. But second, the cost in employee morale, which cannot be discounted. Another job I had not all that long ago was in an office that didn't allow its employees to listen to talk radio. Music was fine, but talk radio was too much of a distraction. Since you didn't need it to do your job, you weren't allowed to have it.
The effect on morale was, to put it mildly, negative. Honestly, it's one of the reasons I didn't have the job for very long. Email and internet access are similar: employees have become accustomed, rightly or wrongly, to some personal use of these technologies. Take that away, and you're sure to end up with disgruntled employees, no matter how rational your reasons.
Moreover, it's a question of trust. If you demonstrate to all your employees that you don't trust them, odds are good you'll increase the number of employees who will live up (or down, if you prefer) to your expectation. At best, you'll incur the costs associated with high turnover rates. At worst, you'll fall victim to even more pernicious crime than you otherwise might have.
I guess the point is, it's not necessarily ignorance or even apathy that causes businesses to be vulnerable to insiders, it's simple cost/benefit analysis.
--
I already trust my computer. My computer has no business 'wondering' whether it trusts me or not.
-kfg
==================
This book is total crap and their conclusions about trusted insiders are all wrong. I know this because a friend of mine who worked at the publishing house leaked me a copy a few months early...
never mind
------------------
I work in healthcare and one of my roles is to help in auditing.
The main issue is that most people can look at any patient. This is considered a "necessary evil" as sometimes unexpected clinicians might be looking at a patient's information and we don't want to block access in a life threatening situation. Instead, we review access after the fact, in addition to putting certain blocks in place:
=================
... There is one very powerful command code in WMF files. This command code means 'if something wrong happens, do the following: ...'. So the creator of the WMF file can make your computer do anything he/she wants by using this command code and deliberately creating an error condition afterward.
I already trust my computer. My computer has no business 'wondering' whether it trusts me or not.
-kfg
==================
whatever...
(Score:5, Funny) by revery (456516) <charles@@@cac2...net> on Friday January 06, @01:53PM (#14411287)
(http://ipods.freepay.com/?r=22383862)
<charles@@@cac2...net> on Friday January 06, @01:53PM (#14411287) (http://ipods.freepay.com/?r=22383862)
never mind
------------------
From a healthcare perspective
(Score:5, Interesting)The main issue is that most people can look at any patient. This is considered a "necessary evil" as sometimes unexpected clinicians might be looking at a patient's information and we don't want to block access in a life threatening situation. Instead, we review access after the fact, in addition to putting certain blocks in place:
- Unusual access is audited. This includes people looking at patients who happen to be employees, specific audits of local celebrities, and so on.
- Random audits. Periodically, someone will check to see what a random person is doing.
- Probation. New users are audited at certain points, to make sure they're not abusing their new power.
- Hiding patients Certain patients are hidden from most users - this might include celebrities, legal issues, or patients who have requested it.
=================
Re:You're missing the point, though
(Score:5, Informative) by CFrankBernard (605994) <frank@1STRAWwit.com minus berry> on Friday January 06, @03:14PM (#14411984)
(http://www.1wit.com/)
<frank@1STRAWwit.com minus berry> on Friday January 06, @03:14PM (#14411984) (http://www.1wit.com/)
The 27th? Security firm PivX was able to program an update for preEmpt that blocked all of the WMF exploit vectors on Win9x and higher without breaking anything. It was made available for its auto-updating clients on December 7th (2005-12-07).
--
My curiosity piqued too as I peeked over the peak and saw that they're there by their thar.\=
===================
My curiosity piqued too as I peeked over the peak and saw that they're there by their thar.\=
===================
From the Interview...
(Score:5, Interesting)So this is a design issue?
Yes, it is a design issue.
I would think the MS would have a department of crackers and hackers to try to do shit like this. Also, didn't any of the original developers think of this when they wrote it or did they think the exploit was so remote, that it'll never happen?
==================
Re:Microsoft can boost your notariety
(Score:5, Informative) The guy did not "remove one line of code." He used a DLL injection technique (documented by Richter in Advanced Windows Programming) that allows him to replace the registered address of a function in gd132.dll. This is not beginner coding, it works fine in principle but is not easy to pull off and have be reliable.
One problem, for instance, is that if some other hacker came along and reset the function pointer with their *own* dll, we'd be back to square one (tho that requires a greater level of system access). And the DLLs themselves don't have explicit control over when they get loaded, so they can't guarantee that they are first or last.
Microsoft's patch is nothing like his. They (I'm guessing) rebuilt gdi32.dll to actually turn the function into a no-op. Adequate testing by MS would have to include ensuring that all the various WMFs dynamically generated by the OS are not adversely affected.
One problem, for instance, is that if some other hacker came along and reset the function pointer with their *own* dll, we'd be back to square one (tho that requires a greater level of system access). And the DLLs themselves don't have explicit control over when they get loaded, so they can't guarantee that they are first or last.
Microsoft's patch is nothing like his. They (I'm guessing) rebuilt gdi32.dll to actually turn the function into a no-op. Adequate testing by MS would have to include ensuring that all the various WMFs dynamically generated by the OS are not adversely affected.
--
A piece of string walks into a bar...
===========
This particular problem has a deeper root. The problem is that the code is working as designed, and is well-designed to do what was intended. Or just do what OpenBSD does: Make writable memory non-executable, make executable memory non-writable. This bit of common sense is disappointingly rarely implemented.
===================
IIRC NCQ isn't 100% fully-baked on Linux yet, so even NCQ-capable controllers and drives won't take advantage of it yet. I just upgraded my home file server with NCQ-capable gear and I don't think it's using it yet, even though I'm running the latest kernel.
There are patches for libATA that enable NCQ, but they're not in the mainline yet.
The only thing worse than testing without the new technologies would be testing with half-baked implementations of them. Let's wait until NCQ is done before we try testing with it
A piece of string walks into a bar...
===========
Re:Root of the problem
(Score:5, Insightful) The problem is in what was intended. If your "feature" is a boneheaded security hole, no amount of good design and good coding can save you. All they will get you is a beautifully designed, perfectly coded boneheaded security hole.
-----------------------
Re:Why not scramble all DLL's and EXE's on the fly
(Score:5, Interesting) by Anonymous Coward on Friday January 06, @01:46PM (#14411212)
===================
Re:I would agree
(Score:5, Interesting) by lawpoop (604919) on Friday January 06, @12:16PM (#14410450)
(http://lawpoop.blogspot.com/ | Last Journal: Friday May 28, @05:51PM)
on Friday January 06, @12:16PM (#14410450) (http://lawpoop.blogspot.com/ | Last Journal: Friday May 28, @05:51PM)
I'm no expert by any means, but I think the idea behind the ReiserFS is breaking down the FS paradigm from the file level to the line level.
There is the classic example from the Reiser website. If your password file gets hacked, you have to ditch the whole file if you're using traditional file systems. You only know whether or not the file's been changed. However, with the Reiser system, it can tell you *what line*, and thus which user/password, was changed.
That's just a taste of where you can go with the ReiserFS. There are other things coming down the pipe; check out the reiser website for a better idea of the new features that ReiserFS promises.
There is the classic example from the Reiser website. If your password file gets hacked, you have to ditch the whole file if you're using traditional file systems. You only know whether or not the file's been changed. However, with the Reiser system, it can tell you *what line*, and thus which user/password, was changed.
That's just a taste of where you can go with the ReiserFS. There are other things coming down the pipe; check out the reiser website for a better idea of the new features that ReiserFS promises.
--
Computers are useless. They can only give you answers.
-- Pablo Picasso
----------------------------
It would be interesting to see the results of the same tests running against a SCSI drive system where there is less IO overhead to see if the results differ.
There are other considerations here as well. What about the I/O elevator's tuning options.
Yes, I'd much rather see this test occur against a SCSI drive or better yet against a RAM drive for pure software performance.
Cheers fellow slashdoters!
================
Computers are useless. They can only give you answers.
-- Pablo Picasso
----------------------------
Here's what's missing
(Score:5, Interesting) Here's what's missing. They forgot to tell you how well the drive performed after being used for 1 year, and having constantly moved data from one place to another, and constantly deleting and creating new data. It would have been a better test if the drive was about 75% full, with data from 2 years of use, and then the same tests were performed.
--
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
===============
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
===============
IDE Drives Cause other Overheads
(Score:5, Insightful) by j0ebaker (304465) on Friday January 06, @12:20PM (#14410491)
(http://www.dcresearch.com/joebaker | Last Journal: Wednesday May 05, @06:36PM)
on Friday January 06, @12:20PM (#14410491) (http://www.dcresearch.com/joebaker | Last Journal: Wednesday May 05, @06:36PM)
There are other considerations here as well. What about the I/O elevator's tuning options.
Yes, I'd much rather see this test occur against a SCSI drive or better yet against a RAM drive for pure software performance.
Cheers fellow slashdoters!
================
Re:SATA?
(Score:4, Informative) by MarcQuadra (129430) * on Friday January 06, @12:14PM (#14410434)
(Last Journal: Friday February 18, @06:04PM)
on Friday January 06, @12:14PM (#14410434) (Last Journal: Friday February 18, @06:04PM)
There are patches for libATA that enable NCQ, but they're not in the mainline yet.
The only thing worse than testing without the new technologies would be testing with half-baked implementations of them. Let's wait until NCQ is done before we try testing with it
posted by USSSlavebation @ 1/08/2006 11:41:00 am
0 Comments:
Post a Comment
<< Home