Berkeley CSUA MOTD:Entry 25261
Berkeley CSUA MOTD
2018/09/20 [General] UID:1000 Activity:popular

2002/7/2 [Computer/SW/Apps/Media, Computer/SW/OS/Windows] UID:25261 Activity:kinda low
7/1     Ross Anderson on TCPA/Palladium:
        \_ What a chill wind from Redmond blows...
2018/09/20 [General] UID:1000 Activity:popular

You may also be interested in these entries...
2013/6/26-8/13 [Computer/SW/WWW/Browsers, Computer/Networking, Computer/Domains] UID:54697 Activity:nil
6/26    This ones for you psb -ausman
        \- that's pretty good. i wish someone had put the idea to be before i saw
           it on the internet, so see if i'd have put the 9 justices in the same
           boxes. JOHN PAUL STEVENS >> All the sitting justices. --psb
        \- that's pretty good. i wish someone had put the idea to be before i
2013/3/21-5/18 [Computer/SW/WWW/Browsers, Computer/SW/Apps/Media] UID:54632 Activity:nil
3/21    Browser Plug-In you must get: Ghostery. It gets rid of a bunch of
        ad trackers on a web site, resulting in really fast load times.
        For example, a typical media site will require 10-15 trackers
        (you know, those URLs that track your activities so they can
        target you better). Ghostery kills them.
        \_ This has been working well for me, and breaks fewer things
2012/11/18-12/18 [Recreation/Celebrity, Politics/Domestic/911, Computer/SW/Apps/Media] UID:54537 Activity:nil
11/16   Anonymous responds to be labeled a "terrorist" by Isreali media:
2013/3/25-5/18 [Computer/SW/OS/Windows] UID:54639 Activity:nil
3/25    It's strange that only every other Windows version is a hit.
        NT 4.0: hit
        2000:   flop
        XP:     hit
        Vista:  flop
        7:      hit
2013/2/19-3/26 [Computer/SW/OS/OsX] UID:54611 Activity:nil
2/19    I program a lot by sshing to a Linux cluster.  So I'm used to using
        Xemacs to code.  This works fine from a Linux or Windows workstation,
        but sometimes I have to use a Mac.  On Mac, the meta is usually
        bound to option, but that often doesn't work over ssh for some reason.
        This makes using emacs a real pain.  Any suggestions on how to fix it?
        (Other than "use vi")
2012/3/15-6/1 [Computer/SW/Languages, Computer/SW/OS/Windows] UID:54340 Activity:nil
3/15    Why does MS put double-quotes around the '8' in Windows Server 8, like
        the following?
        - Windows 8
        - Windows Server "8"
        \_ Because when they didn't do it, code didn't see the '\0'
           and went over?  Looks better than '8','\0' *shrug*
2012/2/23-3/26 [Computer/SW/OS/Windows] UID:54312 Activity:nil
2/23    fixboot wrote FAT boot sector to my WinXP hard drive.  How can I convert
        the drive back to NTFS?
        \_ Does C:\WINDOWS\system32\convert.exe work?
2011/12/21-2012/2/6 [Computer/SW/Editors/Emacs, Computer/HW/Laptop] UID:54269 Activity:nil
12/21   In Emacs, how do I make it so that it will resize its screen
        when the maximum resolution of my monitor changes? When I
        use my laptop, my emacs is too big (and I can't resize it
        because the bottom-right corner is not accessible).
        \_ Which OS?  Can't you drag the top border (not a corner) to resize
           the height to be smaller?
2011/12/23-2012/2/6 [Computer/Rants] UID:54271 Activity:nil
        Oh noes! What Would Bill Gates Do?
           Microsoft to Transition Corporate IT to Google Apps
2011/11/27-2012/1/10 [Computer/HW/Drives] UID:54244 Activity:nil
11/27   CalMail has been down for a few days (hardware failure and database
        corruption -- sounds like fun!) and is starting to come back online.
        Looks like they're planning to outsource all campus mail to either
        Google Apps or Microsoft 365 as part of Operational Excellence.
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
2011/5/19-7/30 [Computer/SW/Security] UID:54110 Activity:nil
5/19    Uh, is anyone still using this? Please mark here if you post and
        haven't added this yet. I'll start:
        \_ person k
        \_ ausman, I check in about once a week.
        \_ erikred, twice a week or so.
        \_ mehlhaff, I login when I actually own my home directory instead of
Cache (8192 bytes)
Swedish, 10 Finnish, 11 Hungarian, 12 Greek, 13 Hebrew and 14 French. See also the 15 Economics and Security Resource Page which gives a lot of background to the issues raised here. The 16 Trusted Computing Group (TCG) is an alliance of Microsoft, Intel, IBM, HP and AMD which promotes a standard for a more secure' PC. In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running. Trusted computing' was the original one, and is still used by IBM, while Microsoft calls it trustworthy computing' and the Free Software Foundation calls it 17 treacherous computing'. Hereafter I'll just call it TC, which you can pronounce according to taste. Other names you may see include TCPA (TCG's name before it incorporated), 18 Palladium (the old Microsoft name for the 19 version due to ship in 2004) and 20 NGSCB (the new Microsoft name). Many observers believe that this confusion is deliberate - the promoters want to deflect attention from what TC actually does. TC provides a computing platform on which you can't tamper with the application software, and where these applications can communicate securely with their authors and with each other. The original motivation was 21 digital rights management (DRM): Disney will be able to sell you DVDs that will decrypt and run on a TC platform, but which you won't be able to copy. The music industry will be able to sell you music downloads that you won't be able to swap. They will be able to sell you CDs that you'll only be able to play three times, or only on your birthday. TC will also make it much harder for you to run unlicensed software. In the first version of TC, pirate software could be detected and deleted remotely. Since then, Microsoft has sometimes denied that it intended TC to do this, but at 22 WEIS 2003 a senior Microsoft manager refused to deny that fighting piracy was a goal: Helping people to run stolen software just isn't our aim in life', he said. TC will protect application software 23 registration mechanisms, so that unlicensed software will be locked out of the new ecology. Furthermore, TC apps will work better with other TC apps, so people will get less value from old non-TC apps (including pirate apps). Also, some TC apps may reject data from old apps whose serial numbers have been blacklisted. If Microsoft believes that your copy of Office is a pirate copy, and your local government moves to TC, then the documents you file with them may be unreadable. TC will also make it easier for people to rent software rather than buy it; So if you stop paying for upgrades to Media Player, you may lose access to all the songs you bought using it. For years, Bill Gates has dreamed of finding a way to 24 make the Chinese pay for software: TC looks like being the answer to his prayer. Governments will be able to arrange things so that all Word documents created on civil servants' PCs are born classified' and can't be leaked electronically to journalists. Auction sites might insist that you use trusted proxy software for bidding, so that you can't bid tactically at the auction. Cheating at computer games could be made more difficult. In its simplest form, applications may be designed to delete pirated music under remote control. For example, if a protected song is extracted from a hacked TC platform and made available on the web as an MP3 file, then TC-compliant media player software may detect it using a watermark, report it, and be instructed remotely to delete it (as well as all other material that came through that platform). This business model, called traitor tracing, has been researched extensively by Microsoft (and others). In general, digital objects created using TC systems remain under the control of their creators, rather than under the control of the person who owns the machine on which they happen to be stored (as at present). So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if she refuses. Given such possibilities, we can expect TC to be used to suppress everything from pornography to writings that criticise political leaders. The gotcha for businesses is that your software suppliers can make it much harder for you to switch to their competitors' products. At a simple level, Word could encrypt all your documents using keys that only Microsoft products have access to; Such blatant lock-in might be prohibited by the competition authorities, but there are subtler lock-in strategies that are much harder to regulate. So I won't be able to play MP3s on my computer any more? Microsoft says that TC won't make anything suddenly stop working. But a recent software update for Windows Media Player has caused 25 controversy by insisting that users agree to future anti-piracy measures, which may include measures that delete pirated content found on your computer. Also, some programs that give people more control over their PCs, such as 26 VMware and 27 Total Recorder, are not going to work properly under TC. So you may have to use a different player - and if your player will play pirate MP3s, then it may not be authorised to play the new, protected, titles. It is up to an application to set the security policy for its files, using an online policy server. So Media Player will determine what sort of conditions get attached to protected titles. I expect Microsoft will do all sorts of deals with the content providers, who will experiment with all sorts of business models. You might get CDs that are a third of the price but which you can only play three times; You might be allowed to lend your copy of some digital music to a friend, but then your own backup copy won't be playable until your friend gives you the main copy back. Creeping digital lockdown will make life inconvenient in many niggling ways; This could all be done today - Microsoft would just have to download a patch into your player - but once TC makes it hard for people to tamper with the player software, and easy for Microsoft and the music industry to control what players will work at all with new releases, it will be harder for you to escape. Control of media player software is so important that the EU antitrust authorities are 28 proposing to penalise Microsoft for its anticompetitive behaviour by compelling it to unbundle Media Player, or include competing players in Windows. TC will greatly increase the depth and scope of media control. TC provides for a monitoring and reporting component to be mounted in future PCs. The preferred implementation in the first phase of TC emphasised the role of a Fritz' chip - a smartcard chip or dongle soldered to the motherboard. The current version has five components - the Fritz chip, a curtained memory' feature in the CPU, a security kernel in the operating system (the Nexus' in Microsoft language), a security kernel in each TC application (the NCA' in Microsoft-speak) and a back-end infrastructure of online security servers maintained by hardware and software vendors to tie the whole thing together. The initial version of TC had Fritz supervising the boot process, so that the PC ended up in a predictable state, with known hardware and software. The current version has Fritz as a passive monitoring component that stores the hash of the machine state on start-up. This hash is computed using details of the hardware (audio card, video card etc) and the software (O/S, drivers, etc). If the machine ends up in the approved state, Fritz will make available to the operating system the cryptographic keys needed to decrypt TC applications and data. If it ends up in the wrong state, the hash will be wrong and Fritz won't release the right key. The machine may still be able to run non-TC apps and access non-TC data, but protected material will be unavailable. The operating system security kernel (the Nexus') bridges the gap between the Fritz chip and the application security components (the NCAs'). It checks that the hardware components are on the TCG approved list, that the software components ...