a view of the world
[Most Recent Entries]
[Calendar View]
[Friends View]
Below are the most recent 25 friends' journal entries.
[ << Previous 25 ]
| Tuesday, November 10th, 2009 | |
bruce_schneier
|
1:26p |
Protecting OSs from RootKits
http://www.schneier.com/blog/archives/2009/11/protecting_oss.html Interesting research: "Countering Kernel Rootkits with Lightweight Hook
Protection," by Zhi Wang, Xuxian Jiang, Weidong Cui, and and Peng Ning.
Abstract: Kernel rootkits have posed serious security threats due to their stealthy manner. To hide their presence and activities, many rootkits hijack control flows by modifying control data or hooks in the kernel space. A critical step towards eliminating rootkits is to protect such hooks from being hijacked. However, it remains a challenge because there exist a large number of widely-scattered kernel hooks and many of them could be dynamically allocated from kernel heap and co-located together with other kernel data. In addition, there is a lack of flexible commodity hardware support, leading to the socalled protection granularity gap kernel hook protection requires byte-level granularity but commodity hardware only provides pagelevel protection.
To address the above challenges, in this paper, we present HookSafe, a hypervisor-based lightweight system that can protect thousands of kernel hooks in a guest OS from being hijacked. One key observation behind our approach is that a kernel hook, once initialized, may be frequently "read"-accessed, but rarely "write"-accessed. As such, we can relocate those kernel hooks to a dedicated page-aligned memory space and then regulate accesses to them with hardware-based page-level protection. We have developed a prototype of HookSafe and used it to protect more than 5, 900 kernel hooks in a Linux guest. Our experiments with nine real-world rootkits show that HookSafe can effectively defeat their attempts to hijack kernel hooks. We also show that HookSafe achieves such a large-scale protection with a small overhead (e.g., around 6% slowdown in performance benchmarks).
The research will be presented at the 16th ACM Conference on Computer and Communications Security this week. Here's an article on the research. |
scottbateman
|
3:28p |
|
dfwtx
[ trenthamfamily ]
|
11:46a |
Need Turkeys!
I'm trying to find the best deals on turkeys right now. I'm checking all of the store ads to see who has the best price and hoping that there are some stores that with a minimum purchase will do free turkeys. Reason? God's Food Pantry needs turkeys. We have money and they want the money to go to just that, turkeys! I'm not asking for anything from anyone here, just 'what have you seen' while out shopping. So while I'm doing my own investigation here, I'm going to utilize this community and see if anyone here has seen a really good deal on turkeys 8 to 10 pounds, not huge. We want to get as many as possible with the money we have. So... has anyone seen any really good deals? I want us to call the stores and see if they will discount the cost a bit since we're doing it for a food bank but I doubt we'll get very far with the big corporations. Thanks!!! |
hippie_chick
|
10:57a |
DWTS rants ahoy! Not watching or following the show? Mosey on along. :wink:
It's down to the wire. Down to five couples. One goes home tonight. Donny Osmond scored evenly with Aaron Carter last night. And I'm still fuming, because he was totally lowballed. They did a distinguished, technically good Viennese Waltz and got 9 8 9 that 8? Came from Len. He claimed he didn't like that it was "arty farty". What the HELL does that mean? It was no more "arty farty" than Mya's performance. They were actually on par with each other and all three give her 10s? ( Video and more rantage this way... )Nail biting time. Should they be called safe tonight, I need you guys to just do me a solid? Call in a vote for Donny & Kym come Monday showtime? The number is 1 800 868 3405 You can also vote online: http://abc.go.com/shows/dancing-with-the-stars . You have to register there to vote online but it's free and easy. Thank you for letting me vent! LOL! And thank you for your votes in advance!! Current Mood:  annoyedCurrent Music: Nothing |
scottbateman
|
11:03a |
|
myswendy
|
8:33a |
On the mend and on the rise
I've been on my steroid taper for about a week now. Finally, the "taper" part of that is kicking in. Finally, the worst of the hot sweats are tapering as well. At least I can say that at this moment before I take my morning pills. I'm so very grateful.
Particularly because I see that my front lawn needs mowing again. It's interesting to watch. Those advancing, stiff, vertical devils in making are slowly growing taller. But they're all a soft brown color, with little, splayed fingers about 2 inches long crowning them. So, actually, they look dead. But growing.
I apparently have zombies ascending on my lawn.
I'm getting out the mower. Current Mood:  relaxedCurrent Music: birds chatting on my chimneytop |
theferrett
|
9:06a |
Clarionniversary, October Wrap-Up
Stories Published This Month: " In the Land of the Deaf," by Electric Spec Teaser: I really wish you'd get yourself deafened, Geoff's wife Angie signed. It's just too dangerous out there.
The irony was, of course, that Geoff barely heard anything anymore; years of firing his gun in the line of duty had permanently damaged his eardrums. But he was on his way out the door to give the annual recruitment talk, which meant there was no time to argue Angie out of her damn fool ideas again...Comments on Publication: This is actually one of my favorite stories that I wrote in the first six months after Clarion, and I'm glad to see it find a home. I should also note that Electric Spec has an interesting blog that often critiques the first pages of submitted stories from an editor's perspective. Also, on an unrelated note, Diabolical Plots listed my story " Suicide Notes, Written By An Alien Mind" on his Best of Pseudopod Top 10 List. Neat! Stories Worked On This Month:- "Shoebox Heaven" (first draft). My Godson Andy's cat died, and so I wrote a story about him flying up to Heaven to find his kitty. It wound up being a horror story - though not, perhaps, from his perspective. Like any afterlife story, it runs into tricky bits with the mechanisms of Heaven, and preliminary critique from the fine folks at Viable Paradise suggest I need to be more explicit about my views of mankind, but I think it'll be quite nice shortfic when it's done.
- "Season to Taste" (fourth draft). My infamous "gay cannibal rhino" story. Much ripped out upon revision thanks to the helpful feedback from The Cajun Sushi Hamsters, wherein I really looked at the character motivations and made them all line up cleanly. Not sure if that made the story better, though I'll keep revising. There's something here. About glorious, beautiful cannibalism.
- "The Insecure Cyborg" (fourth draft). This one's a little weird, because I have an offer for it, but I have to revise out a controversial scene and replace it with something else. Difficult, but doable.
- A couple of minor starts and dribbles on stories with preliminary titles like "Love Shack" and "Cootie Quarantine."
October Acceptances: One. Being a superstitious man, I don't mention a sale before the contract is signed. That damn near killed me with the Asimov's sale, and it damn near killed me to wait five months before I could say that GUD Magazine picked up "In the Garden of Rust and Salt." Alas, it's in issue #6, and my friends ![[info]](http://l-stat.livejournal.com/img/userinfo.gif) funwithrage and ken_schneyer are in #5, so as wonderful as it is to be in GUD, I won't be next to my pals. Alas! And yay! October Rejections: A whopping eight. One of them, for "What Killed Tyra Herschel?" after saying the same things that everyone else did, convinced me to scrap the story and start over - nobody likes newscasts, apparently. One was for a reprint, so I don't feel too bad. One, from Ideomancer, had very kind, personal feedback; another, from Strange Horizons, told me that they just didn't buy the premise. The rest were generic rejections. Also, I've got one in a very long wait from F&SF, but I'm pretty sure it's lost in the mail. It's happened before. But you have to wait a while before following up. Currently In Circulation: "The Backdated Romance," "The Insecure Cyborg,""...At The End Of All Prophecy," "iTime," "Under the Thumb of the Brain Patrol," "Home Despot," "Amanda Rose's Travelling, Earth-Destroying Circus," "A Window, Clear As A Mirror," "Unreal Estate," "Slaves of Hollywood," "At The End Of The Chain" Overall: I just ran dry this month; nothing really seemed exciting to work on, though I had some great ideas. So I took off a week. I'm still on that break, and I feel the tugs of little stories aching at me, but I'm not sure whether the break is from laziness or just that the muse needs some time to recover from 1.3 years of writing constant stories. I dunno; I feel guilty either way. |
|
bruce_schneier
|
6:31a |
Is Antivirus Dead?
http://www.schneier.com/blog/archives/2009/11/is_antivirus_de.html Security is never black and white. If someone asks, "for best security, should I do A or B?" the answer almost invariably is both. But security is always a trade-off. Often it's impossible to do both A and B -- there's no time to do both, it's too expensive to do both, or whatever -- and you have to choose. In that case, you look at A and B and you make you best choice. But it's almost always more secure to do both.
Yes, antivirus programs have been getting less effective as new viruses are more frequent and existing viruses mutate faster. Yes, antivirus companies are forever playing catch-up, trying to create signatures for new viruses. Yes, signature-based antivirus software won't protect you when a virus is new, before the signature is added to the detection program. Antivirus is by no means a panacea.
On the other hand, an antivirus program with up-to-date signatures will protect you from a lot of threats. It'll protect you against viruses, against spyware, against Trojans -- against all sorts of malware. It'll run in the background, automatically, and you won't notice any performance degradation at all. And -- here's the best part -- it can be free. AVG won't cost you a penny. To me, this is an easy trade-off, certainly for the average computer user who clicks on attachments he probably shouldn't click on, downloads things he probably shouldn't download, and doesn't understand the finer workings of Windows Personal Firewall.
Certainly security would be improved if people used whitelisting programs such as Bit9 Parity and Savant Protection -- and I personally recommend Malwarebytes' Anti-Malware -- but a lot of users are going to have trouble with this. The average user will probably just swat away the "you're trying to run a program not on your whitelist" warning message or -- even worse -- wonder why his computer is broken when he tries to run a new piece of software. The average corporate IT department doesn't have a good idea of what software is running on all the computers within the corporation, and doesn't want the administrative overhead of managing all the change requests. And whitelists aren't a panacea, either: they don't defend against malware that attaches itself to data files (think Word macro viruses), for example.
One of the newest trends in IT is consumerization, and if you don't already know about it, you soon will. It's the idea that new technologies, the cool stuff people want, will become available for the consumer market before they become available for the business market. What it means to business is that people -- employees, customers, partners -- will access business networks from wherever they happen to be, with whatever hardware and software they have. Maybe it'll be the computer you gave them when you hired them. Maybe it'll be their home computer, the one their kids use. Maybe it'll be their cell phone or PDA, or a computer in a hotel's business center. Your business will have no way to know what they're using, and -- more importantly -- you'll have no control.
In this kind of environment, computers are going to connect to each other without a whole lot of trust between them. Untrusted computers are going to connect to untrusted networks. Trusted computers are going to connect to untrusted networks. The whole idea of "safe computing" is going to take on a whole new meaning -- every man for himself. A corporate network is going to need a simple, dumb, signature-based antivirus product at the gateway of its network. And a user is going to need a similar program to protect his computer.
Bottom line: antivirus software is neither necessary nor sufficient for security, but it's still a good idea. It's not a panacea that magically makes you safe, nor is it is obsolete in the face of current threats. As countermeasures go, it's cheap, it's easy, and it's effective. I haven't dumped my antivirus program, and I have no intention of doing so anytime soon.
This essay previously appeared as part of a point-counterpoint with Marcus Ranum. You can read his half here as well. |
theferrett
|
8:17a |
A Little Rawer And More Self-Revelatory Than Usual: My Addiction
I had to destroy several friendships before I realized I had an addiction. And like any addiction, even now I have to constantly guard against it, because the minute I let down my guard I stop existing and the addiction takes over. It’s not that my addiction is some separate entity, a Tyler Durden waiting to be unleashed; rather, it’s that an addiction is a habit so strong that, unless you consciously work against it, it will drag you down the same paths again and again. Time can teach you that those paths will destroy the most precious parts of your life. Experience can make resisting a near-involuntary effort, like putting your glasses on the same counter before you go to bed. Yet relax for a moment, and that desire will take the wheel. You will break promises, break people, shatter all the goodness in your life, simply because some portion of you is broken. You have an inherent desire, and Lord knows where it came from, but it wants to be satisfied all the damn time. It will wriggle inside you, subtly changing your behavior to make sure its goals are met. My addiction? NRE.
I think about this now because two weeks ago, I had a very good week. Two lovely women were flirting with me, it felt like some connection was being created, and every time I opened my inbox there was something new and friendshippy. The next week, that stopped. The people in question didn’t abandon me, but real life took over as they had other deadlines, and the emails stopped coming. And I crashed. I felt ludicrously depressed and unloved, even though things were stupidly good around me. I had a wife who loved me deeply, I had a house literally filled with good friends, I had two intelligent and beautiful girlfriends, and a load of people complaining that we never had time to spend together. Yet because last week two relationships had been flourishing, and this week had no new relationships, I felt like I was sliding backwards. I had two people last week, so this week should be three people, and the fact that I didn’t have that meant that I wasn’t any good and everyone hated me, and my God what the hell was wrong with me? That’s my addiction: New Relationship Energy. That addiction isn’t necessarily sexual, though it often is. I just like that charge of having a new friendship blossom out. I love falling into somebody new, and I love that thrill of knowing that someone really wants to talk to me so badly they’re thinking of me when I’m not there. I love that initial back-and-forth of OMG, HOW ARE YOU, LET’S TALK SOME MORE. That charge led me down some pretty dark paths when I was younger, because usually the quick fix for that was sex. That made me an absolute bastard when I was younger; if there was someone who I could be attracted to, why, I would be, because I loved having that connection. And if someone wanted me, well, I wanted to be wanted. And wham, sex. If those people who wanted me happened to be dating someone else, well… I’d like to say that I couldn’t resist, but that’d be a lie. I could have. But then my desires wouldn’t have been met, and I’d have felt terrible, and to avoid that feeling of isolation I did things I am distinctly not proud of. I tried to tell myself that the fact of the attraction should be enough - but in the depths of my stupidity, I couldn’t feel that. If there was a potential and it went by, I felt like it must have been an illusion. How could I know that they really liked me if we didn’t go all the way and explore that intimacy? Not the sex, though that almost invariably followed, but the intimacy of spending hours together talking and needing to know and finding out every nook and cranny of the other person. I couldn’t, wouldn’t, let it go, so I formed unhealthy connections. That hurt people. Sometimes I’d find myself getting into relationships with people who I knew were bad for me just because they, too, wanted that closeness. That hurt me. And then the NRE wore off and I’d need someone new to bond with, and so I’d spend all my time with someone else. I called it Tarzan-swinging. Just grasping from friend to friend. And if they dropped off the NRE train first (or just had the normal vagaries of life distract them), then I’d get panicky wondering what happened to our friendship. It sent my mind into tiny little spirals. And I’d do silly things in stupid efforts to make them “prove” we were still friends, performing embarrassing psychodramatic displays that I’m still ashamed of. As time went by, and my friends found it increasingly hard to defend me, I realized I wanted to be a better person, but didn’t know how. Thankfully, as usual, God provided. While stuck in a lonely town, I met a guy who was phenomenal, and he became my best and only friend. We hung out for hours, which was brilliant. Then, three months later, I met his girlfriend. Who was very cute, and we clicked, but I realized that I would ruin both this new friendship and my old friendship by trying to press for full-on closeness in the way I usually did. It would have interfered with their relationship, and I liked my pal so much that I didn’t want to ever do that. So I became friends with her, and close friends, but not the friendship that squeezed someone dry for that NRE fix. And that, thankfully, was my first step away from my stupidity. I’ve learned how to cope since then. Now, though I do have close friendships, I can stop at the edge and go, “All right, this doesn’t need to be a 24/7 lovefest where we constantly bare our souls. This can just be cool.” And in many ways, that’s better. I get to keep my wife (who I do constantly have that lovefest with), and have a variety of good friends, and I don’t cause upheaval when the honeymoon period ends and we slide into hey, howya doin’. Yet I still sense it there, lurking. I still backslide occasionally. And even now, I could do stupid harm. Those people I spent the two weeks talking to? I could do dumb stuff, like sending dumb emails that are a variant on DO YOU LIKE ME? I could try to force a relationship prematurely, which would lead to ruin as this force-grown friendship blossomed in cramped and awful ways. I could try to reach out to new people in attempts to get that charge. These days, I know. I know that it’s time to step away from the keyboard, and let it go. It’s unhealthy. And so I go back to bed, and I tell Gini what a doof I am, and she hugs me and I realize that this is what’s important. And it’s good. That tug, though, is always there. It’s been two decades learning my way around it, and it’s still twisting me in unseen ways. It could be argued, and I wouldn’t debate it too heavily, that to a large extent this very journal is a variant on reaching out for NRE. I ask for secrets and post comment-whore threads because, hey, it’s a connection. I like connections. Maybe too much. It’s not quite on the destructive level of an addiction like alcohol, thankfully, but it’s as insidious. You have to monitor. Some people think that I think things over too carefully, and perhaps I do, but that’s because I have to analyze my own behavior. If I’m not careful in my actions, I’ll look back and find that hey, it’s in the driver’s seat again. And for that, I must be vigilant in a way that people who don’t have this internal tugging can’t really understand. |
dfwtx
[ sarcazm ]
|
4:31a |
a question about roaches
i'm still pretty new to dallas and despite being a nyc transplant i have never encountered roaches in my native new york in any way remotely comparable to the way i have here. the first week of july i did a full perimeter lockdown with pesticides, and i have over 2 dozen traps and egg-thingies scattered throughout the apartment - not that these mutant monster roaches (and sometimes they FLY! WTF???!!) could fit more than an antenna into one. after the initial cleansing and the remaining unwanted residents were attacked with spray raid when they fled, i've only seen one about every other week, typically sluggish as hell from everything i've put down, and usually smaller, like a nymph. in the last week my roommate and i have seen two, and they're almost as fast as they were initially, and definitely as large. my question is this: when are the best times to declare a jihad on these evil creatures? should i do it once a season or twice a year? when do they like to invite themselves inside most often and which pesticides do you recommend for total annihilation of the species? thanks in advance. |
hippie_chick
|
12:01a |
|
| Monday, November 9th, 2009 |
melian
|
11:50p |
|
melian
|
11:33p |
|
melian
|
11:19p |
|
throwingstardna
|
10:01p |
|
melian
|
10:45p |
Snagged from writer_lilies
People Love That You Are Open and Confident
|
You're the type of person that's easy to get close to. You're very comfortable in your own skin.
You have no problem showing people who you are, and you're genuinely interested in them in return.
You are an accepting and involved friend. You are truly curious about what is going on in other people's lives.
You may be the first in your group of friends to express concern when someone is having a hard time or making bad decisions. It's only because you care so much.
|
Current Mood:  freezing |
melian
|
8:46p |
20 Little Known Facts About The Human Body (with commentary)
Why would I make comments about these facts? Something compelled me too. I couldn't help myself. Hay, it wouldn't be me, if it wasn't random. 1. A human being loses an average of 40 to 100 strands of hair a day. **Ask my husband, he'll tell it's more than that. I tie my hair back (in a ponytail or braid) and he still manages to come up with a wad of my hair on cleaning day. 2. A cough releases an explosive charge of air that moves at speeds up to 60 mph. **boom! 3. Every time you lick a stamp, you're consuming 1/10 of a calorie. **No calories? What's the point 4. A foetus acquires fingerprints at the age of three months. **That I didn't know. 5. A sneeze can exceed the speed of 100 mph. **sonic-boom 6. Every person has a unique tongue print. ** Really? Let's go as Gene Simmons if this is true. 7. According to German researchers, the risk of heart attack is higher on Monday than any other day of the week. **It's Monday! No bloody wonder people have heart attacks on Mondays. 8. After spending hours working at a computer display, look at a blank piece of white paper. It will probably appear pink. **ooh prudy colours 9. An average human drinks about 16,000 gallons of water in a lifetime. **Anyone want to put out a small forest fire? That or lock the door to the loo? 10. A fingernail or toenail takes about 6 months to grow from base to tip. **Funny, it seems to take forever for mine to grow. 11. An average human scalp has 100,000 hairs. **Look at #1. 12. It takes 17 muscles to smile and 43 to frown. ** Nah it doesn't. Only 2 for each, see - :) :( 13. Babies are born with 300 bones, but by adulthood we have only 206 in our bodies. **I thought it was304 bones? Oh well, shows what I know. 14. Beards are the fastest growing hairs on the human body. If the average man never trimmed his beard, it would grow to nearly 30 feet long in his lifetime. **Aren't beards great - for those who can grow one. I mean really, it's a great place to hid snackage when watching a movie. 15. By age sixty, most people have lost half of their taste buds. By the time you turn 70, your heart will have beat some two-and-a-half billion times (figuring on an average of 70 beats per minute.) **Why wait that long? I've heard some people who are younger than that and have no taste 16. Each square inch of human skin consists of twenty feet of blood vessels. **If you cut them, will they not bleed 17. Every human spent about half an hour as a single cell. ** ~~playing fake trumpets~~ It's a blood platelet? Is it a vein? No, it's Amoeba Man. 18. Every person has a unique tongue print. Every square inch of the human body has an average of 32 million bacteria on it. **Okay… was buddy who thought this one up listening to Jonathan Coulton? 19. Fingernails grow faster than toenails. **again with the nails... 20. Humans shed about 600,000 particles of skin every hour - about 1.5 pounds a year. By 70 years of age, an average person will have lost 105 pounds of skin. **That's almost as bad my response for #'s: 1 & 11 Current Mood:  *bored outta my skull* |
dfwtx
[ gracetx ]
|
3:10p |
Birthday cakes in Downtown Dallas
Does anyone know of any bakeries that do nice tasty birthday cakes? I want to set up a standing order for a birthday cake each month, but don't know of any bakeries in the downtown Dallas area. Recommendations that deliver are also good. |
melian
|
4:40p |
|
angyllina
|
3:35p |
|
|
bruce_schneier
|
12:15p |
John Mueller on Zazi
http://www.schneier.com/blog/archives/2009/11/john_mueller_on_1.html I have refrained from commenting on the case against Najibullah Zazi, simply because it's so often the case that the details reported in the press have very little do with reality. My suspicion was, that as in in so many other cases, he was an idiot who couldn't do any real harm and was turned into a bogeyman for political purposes.
However, John Mueller -- who I've written about before -- has done the research:
Recalls his step-uncle affectionately, Zazi is "a dumb kid, believe me." A high school dropout, Zazi mostly worked as doughnut peddler in Lower Manhattan, barely making a living. Somewhere along the line, it is alleged, he took it into his head to set off a bomb and traveled to Pakistan where he received explosives training from al-Qaeda and copied nine pages of chemical bombmaking instructions onto his laptop. FBI Director Robert Mueller asserted in testimony on September 30 that this training gave Zazi the "capability" to set off a bomb.
That, however, seems to be a substantial overstatement--not unlike the Director's 2003 testimony assuring us that, although his agency had yet to identify an al-Qaeda cell in the U.S., such unidentified entities nonetheless presented "the greatest threat," had "developed a support infrastructure" in the country, and were able and intended to inflict "significant casualties in the US with little warning."
An overstatement because, upon returning to the United States, Zazi allegedly spent the better part of a year trying to concoct the bomb he had supposedly learned how to make. In the process, he, or some confederates, purchased bomb materials using stolen credit cards, a bone-headed maneuver guaranteeing that red flags would go up about the sale and that surveillance videos in the stores would be maintained rather than routinely erased.
However, even with the material at hand, Zazi still apparently couldn't figure it out, and he frantically contacted an unidentified person for help several times. Each of these communications was "more urgent in tone than the last," according to court documents.
Clearly, if Zazi was able eventually to bring his alleged aspirations to fruition, he could have done some damage, though, given his capacities, the person most in existential danger was surely the lapsed doughnut peddler himself.
As I said in 2007:
Terrorism is a real threat, and one that needs to be addressed by appropriate means. But allowing ourselves to be terrorized by wannabe terrorists and unrealistic plots -- and worse, allowing our essential freedoms to be lost by using them as an excuse -- is wrong.
[...]
I'll be the first to admit that I don't have all the facts in any of these cases. None of us do. So let's have some healthy skepticism. Skepticism when we read about these terrorist masterminds who were poised to kill thousands of people and do incalculable damage. Skepticism when we're told that their arrest proves that we need to give away our own freedoms and liberties. And skepticism that those arrested are even guilty in the first place.
The problem with these arrests is that the crimes have not happened yet. So these cases involve trying to divine what people will do in the future. They involve trying to guess as to people's motives and abilities. They often involve informants with questionable integrity, and my worry is that in our zeal to prevent terrorism, we create terrorists where there weren't any to begin with.
Mueller writes:
It follows that any terrorism problem within the United States principally derives from homegrown people like Zazi, often isolated from each other, who fantasize about performing dire deeds. Penn State's Michael Kenney has interviewed dozens of officials and intelligence agents and analyzed court documents, and finds homegrown Islamic militants to be operationally unsophisticated, short on know-how, prone to make mistakes, poor at planning, and severely hampered by a limited capacity to learn. Another study documents the difficulties of network coordination that continually threaten operational unity, trust, cohesion, and the ability to act collectively. And the popular notion these characters have the capacity to steal or put together an atomic bomb seems, to put it mildly, as fanciful as some of the terrorists' schemes.
By contrast, the image projected by the Department of Homeland Security continues to be of an enemy that is "relentless, patient, opportunistic, and flexible," shows "an understanding of the potential consequence of carefully planned attacks on economic transportation, and symbolic targets," seriously threatens "national security," and could inflict "mass casualties, weaken the economy, and damage public morale and confidence." That description may fit some terrorists--the 9/11 hijackers among them. But not the vast majority, including the hapless Zazi.
EDITED TO ADD (11/9): This is the Michael Kenney paper that Mueller cites. |
|
moby_journal
|
6:46p |
|
|
bruce_schneier
|
6:59a |
Laissez-Faire Access Control
http://www.schneier.com/blog/archives/2009/11/laissez-faire_a.html Recently I wrote about the difficulty of making role-based access control work, and how reasearch at Dartmouth showed that it was better to let people take the access control they need to do their jobs, and audit the results. This interesting paper, "Laissez-Faire File Sharing," tries to formalize the sort of access control.
Abstract: When organizations deploy file systems with access control mechanisms that prevent users from reliably sharing files with others, these users will inevitably find alternative means to share. Alas, these alternatives rarely provide the same level of confidentiality, integrity, or auditability provided by the prescribed file systems. Thus, the imposition of restrictive mechanisms and policies by system designers and administrators may actually reduce the system's security.
We observe that the failure modes of file systems that enforce centrally-imposed access control policies are similar to the failure modes of centrally-planned economies: individuals either learn to circumvent these restrictions as matters of necessity or desert the system entirely, subverting the goals behind the central policy.
We formalize requirements for laissez-faire sharing, which parallel the requirements of free market economies, to better address the file sharing needs of information workers. Because individuals are less likely to feel compelled to circumvent systems that meet these laissez-faire requirements, such systems have the potential to increase both productivity and security.
Think of Wikipedia as the ultimate example of this. Everybody has access to everything, but there are audit mechanisms in place to prevent abuse. |
scottbateman
|
9:04a |
|
purplesquirrel
|
8:01a |
Yesterday's Tweets Automatically shipped by LoudTwitter |
[ << Previous 25 ]
|
*heh*
Tea. Earl Grey. Hot!
happy