Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Operating Systems Still Matter In a Containerized World

ka9dgx Hardened Operating Systems (129 comments)

Instead of trying to harden an OS, why not use a system designed to be secure from the start, one that supports multilevel security. The technology was created in response to data processing demands during the Viet Nam conflict, and perfected during the 70s and 80s.

about a week ago

Ask Slashdot: How Dead Is Antivirus, Exactly?

ka9dgx Bad Security Model in the first place (331 comments)

The root cause is that the security model of Unix that everyone copied isn't compatible with the modern world. The OS never asks what resources you want to allow a given program to access, instead it ass-u-me-s that it should have full run of everything, and just trusts the program to do the right thing.

So antivirus programs were invented to serve as a "no-fly-list" type system.... only programs on the list are stopped. This worked well until methods for changing the signature of programs got up to speed. Imagine a terrorist being able to make up a name before trying to buy/board a flight... this is where we are now.

Until we get the OS to ask what resources a program should be allowed... things will keep getting worse.

about two weeks ago

The Billion-Dollar Website

ka9dgx Re:Why dont we (194 comments)

Because 10% of a working system can't be measured. Even a 100% completed to spec system is worthless until it has actually been used for a while... when it will prove to need about 100% more work.

Most software projects fail, unlike construction, etc... engineering can't be applied.

about two weeks ago

Leaked Docs Show Spyware Used To Snoop On US Computers

ka9dgx Re:Zee Germans (135 comments)

What, the Wealthy Industrialists who funded a clearly insane person on the assumption they could control him?

about three weeks ago

Long-Wave Radar Can Take the Stealth From Stealth Technology

ka9dgx Long wave radar precision (275 comments)

The lowest frequency you could use to track a target should be on the order of one that results in the target being 1/2 wavelength. Given the F35 is 16 meters long, that works out to about 10 Mhz. I highly doubt there is an effective way to absorb/deflect a radar pulse at such a low frequency (and depth of penetration) in an aircraft.

I've known this since the 1980s... I highly doubt that I'm in any way unique. I expect there are a number of spread spectrum 30-50 Mhz radars out there, just for catching "stealth" targets.

about three weeks ago

How long ago did you last assemble a computer?

ka9dgx 8088 with clock generator chip (391 comments)

I designed and built my first embedded microprocessor project (for remote metering) using an 8088 and a 8284 clock generator chip, with some EPROM and static RAM back in the early 1980s.... I've been working on computers ever since.

about a month ago

In France, Most Comments on Gaza Conflict Yanked From Mainstream News Sites

ka9dgx Re:Meta-problem (512 comments)

How did this get down-voted? Settlement is a thing

about 1 month ago

In France, Most Comments on Gaza Conflict Yanked From Mainstream News Sites

ka9dgx Meta-problem (512 comments)

The big issue is that one group of refugees from an attempted Genocide is creating another group of refugees from their attempted Genocide.

All else is lies.

about 1 month ago

Favorite "Go!" Phrase?

ka9dgx Our Lady of Blessed Acceleration (701 comments)

"Our Lady of Blessed Acceleration, don't fail me now!" and/or

"Our Lady of Blessed Power Application, don't fail me now!"

about a month ago

Google Reader: One Year Later

ka9dgx I stopped reading so much (132 comments)

I just gave up, and read the following things
    email /.
    doc searls web log

and that's it. The internet was nice while it lasted.

about 2 months ago

Kids With Operators Manual Alert Bank Officials: "We Hacked Your ATM"

ka9dgx If this happened in the US (378 comments)

If this were a couple of kids in the US... they would both be on their way to Gitmo, the anti-rejection drugs the kid probably needs to stay alive wouldn't be addressed... then the remaining kid would probably go on a hunger strike in Solitary.

Oh... and someone at the Bank would be put in charge of a new "cyber security" division, with a big bonus and a corner office.

I wish we could be more like Canada some times.

about 3 months ago

The Coming IT Nightmare of Unpatchable Systems

ka9dgx Re:"Coming IT Nightmare?!?" (240 comments)

That doesn't address the issue of unintended side effects from existing bugs. I agree that a separate LAN can help mitigate things, but it doesn't eliminate the odd things that can happen in a world where code is trusted by default.

Imagine if your garage light switch would 1 out of every 1000,000 times, cause your roof to fall off your house.... this is the world of software that can do anything.

about 3 months ago

The Coming IT Nightmare of Unpatchable Systems

ka9dgx Trusted by default - right phrase, wrong context (240 comments)

The problem IS that things are trusted by default... but not in the way the author thought. If you trust every program you run by default, you are doomed. An operating system should NEVER trust anything by default... Linux, Windows, OSX all violate this principle. So do embedded devices base on some variant of them.

Never trust by default, and you stop having to worry about side-effects, and start deciding what the limits are ahead of time.

about 3 months ago

Microsoft Demos Real-Time Translation Over Skype

ka9dgx Re:Real Time Text to Speech to NSA (169 comments)

I find it interesting that an insightful mention of some spooks gets down voted at the same time some spammer shows up and spoils the story.

about 3 months ago

Do Embedded Systems Need a Time To Die?

ka9dgx Progress IS being made (187 comments)

I sit here in the Cassandra suite, watching the tech community finally waking up to the reality of the world. You are starting to panic because you know none of the operating system choices you have are viable for truly secure systems. Soon you will learn about Multi-Level Secure systems, Capabilities, and other features of the secure computing..

About 10 years from now, you'll get the hints the universe has dropped on you, and start implementing these systems.

About 10 years after that, some real old timers (or young punks who've read history) will point out that this stuff was actually figured out in the late 1960s, and early 1970s.

about 3 months ago

Europe's Cybersecurity Policy Under Attack

ka9dgx Re:Multi-Level Security? (22 comments)

Multi-Level Security was worked out in the late 1960s in order to allow computing both Secret and "Top Secret" information in the same computer at the same time. The use of the Bell-LaPadula model ensures that a lesser privileged user can never cause grief for a more privileged user. If we had Mutli-Level secure systems, we could safely run any program we want in a sandbox, and it could never, ever crawl back out of it.

The closest you're likely to approach is if you enable the MAC option in FreeBSD, which is experimental.

The Genode project aims to provide a capability based security system which can run Linux Apps... it is the best chance I see going forward for a truly secure system that isn't military grade. In such systems, you specify at run time exactly which files can be accessed by an application. This has the benefit of explicitly limiting the side effects of said application, and thus making for a far more secure system. You might be tempted to think this would make it unusable (as App-Armour tends to be)... but it doesn't have to be that way. In fact, it's possible to make apps behave almost identically, as far as the user is concerned, without compromising anything.

I think we're still 10 years out before people wake up and realize that our collective assumptions about computer security are wrong, and this needs a more rigorous, carefully engineered solution, instead of the layers of patch we currently employ. I'm hoping that my frequent postings on this subject are informative, and help shorten that timespan significantly.

about 4 months ago

Europe's Cybersecurity Policy Under Attack

ka9dgx Multi-Level Security? (22 comments)

Are any of these systems Multi-Level Secure? This stuff was figured out in the 1970s, we're still 10 years away from collectively realizing we needed it yesterday.

about 4 months ago


ka9dgx hasn't submitted any stories.



Some good discussion about cabsec

ka9dgx ka9dgx writes  |  more than 3 years ago

I was glad that there was some fruitful discussion about CApability Based SECurity (cabsec). I learned some things, and hopefully passed on some lessons as well. Thanks to all who joined in the comments in response to mine.


Pushing the iceberg

ka9dgx ka9dgx writes  |  more than 8 years ago I've gotten tired of the bias towards snarky bashing... and just used my 5 moderator points to help push the iceberg that is /. towards a more sane area of the sea. I hope others do the same.


Million Bit CPU?

ka9dgx ka9dgx writes  |  more than 9 years ago Ever wonder what would happen if you had a computer with 1,000,000 single bit processors? If I'm right, you might actually get one, for less than a buck, and it'll be darned useful.

Non Von-Neuman architectures are tough to wrap your mind around, but it can be worth it. I hope to find a few other people who can see the power of this idea, and bring it to realization.


Intellectual Property is EVIL

ka9dgx ka9dgx writes  |  more than 12 years ago As I stated in the forum..."Intellectual Property is a VIRUS. Once you accept the notion that you can license an idea, algorithm, or way of doing something (as opposed to the very narrow to a novel mechanical device), you've already given in.

We're slipping a long way towards corporate ownership of ideas, and the public discourse. This is one of the many embodyments of the forces of darkness, and should be fought tooth and nail.


I'm not depressed any more, now I'm just amused.

ka9dgx ka9dgx writes  |  about 13 years ago Ok, Now that they're trying AGAIN to do DivX, with rentable downloadable movies, I've realized that the boys at RIAA and otherplaces might have political power, and have severely warped reality to thier twisted view, and the STILL can't come up with a plan to grab some real power.

They've killed off the only hope of a mass distribution system for music which they could monitor or control (or... gasp... make some money off of), and in so doing killed off viral free advertising.

They're clueless morons, and... as it says about Earth in the Hitchhikers Guide to the Galaxy... Mostly Harmless


Soooo... slashdot does Journals now

ka9dgx ka9dgx writes  |  about 13 years ago Oh... a "permanent record"... I get to record my transient thoughts of the day, the questions I ponder, and maybe even get some feedback from others. This seems to be a cool idea, and might even generate some traffic, more than my home pages elsewhere, which I never seem to get around to updating.

I just finished reading "Hackers" by Steven Levy, and now I'm depressed... it seems that the true hackers are all gone, and there's noplace to find them anymore... maybe Slashdot is it, and I just don't recognize it... hard to be sure.

Well, there it is... a comment, to be preserved forever in the machine.


PS... you can edit them after the fact, a nice feature.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>