In this article, I show how I set up a recently purchased USB external hard disk drive as a backup drive for my Linux desktop PC. I'll delete the default FAT32 partition, create a new partition, make a reiserfs filesystem, and show how to use rsync to backup your important data.
This is amazing. When warned of three new flaws in Word 2007, Microsoft were unimpressed.
a company spokeswoman ... "found that none of these claims demonstrate a vulnerability in Microsoft's Word 2007 or any part of the Microsoft Office System."
Nope, no vulnerability at all. In fact, how Word reacts to these previously unknown problems is part of a cunning plan ...
"In fact, the behavior observed in Microsoft Word 2007 in this instance is a by-design behavior that improves security and stability by exiting Microsoft Word when it has run out of options to try and reliably display a malformed Word document," the spokeswoman said.
So, how does Word 2007 improve "security and stability"? It crashes of course! How much more stable can you get? Well, how about just displaying a message which says: "I can't open this document." But let's put that aside for a moment and discuss what the customer is supposed to do next ... simple, just restart Word!
She went on to suggest that it is no big deal if Word 2007 did crash under those circumstances, a scenario that could lead to the loss of any unsaved data. "The sample code in [Aharoni's] postings cause Microsoft Word to crash, and users can restart the application to resume normal operations."
But what about that unsaved data? Well, you just typed it. Type it again!
German Interior Minister Wolfgang Schaeuble has confirmed plans to seek a change to the constitution to allow the state secret access to the computers of private individuals, in an interview published Thursday.
"Under certain conditions it must be possible for the Federal Criminal Police Office to search computers in secret," Schaeuble told the Handelsblatt newspaper.
To be honest I felt I was somewhat restrained in my analysis of the previous article. This sort of thing (surreptitious searching of a PC) can happen in two ways:
The government secretly installs a trojan
The vendor installs a backdoor
The problem with the first option is getting the anti-virus people on board. Only one of them has to step out of line (and proudly boast about it) to stop this from working. So this leaves the second option. With the second option (and with the first option, to be honest), only one or two possible candidate OSes spring to mind. Windows and MacOS. It simply isn't going to happen with Free/Open Source operating systems, because anyone can see the source and adjust it as they see fit. Furthermore, vendors who need to please their shareholders, and desperately want sales would love to have a "government approved" sticker on their product.
Either way, tech-savvy people will find ways around it. It's too risky not to, since crackers will find ways to use these loopholes for their own purposes - if there's a door, there will be a way to open it. By referring to the "tech-savvy", I also mean the people that the German government are supposedly targetting, so ultimately only the "innocent" will be running infected PCs. But as many of these types like to say when civil rights get eroded for political ends, "if you've got nothing to hide ..."
What the article really demonstrates is how stupid politicians and civil servants are when discussing anything other than their own field of expertise, which is politics, not IT. I wonder if the plans allow for police officers' and politicians' PCs to also be compromised in this way.
The article repeats a few things that often seem to get overlooked or ignored:
Windows is a security nightmare. The reason we all get thousands of spams, the reason that we have to run virus and anti-spyware checkers that slow our high-power electricity-guzzling scalding-hot PCs down to the speed of the ones they replaced, the reason that the whole Internet is bogged down with sending all those spams, the reason that criminals hold websites to ransom for millions of dollars a year: it is all Windows' fault.
It's because of the hundreds of millions of compromised PCs that form zombie armies, sending spams, participating in distributed-denial-of-service attacks and so on, all without their owners' knowledge. They still work, they're just a bit slower. Who notices? Next year, you just buy a faster one. (With Vista on it.)
Depressing how people will settle for mediocrity, isn't it?
Does DRM drive honest well-meaning people to piracy? Well, yes it does. Does it affect those who already use pirated music? No, not at all. So, who are the RIAA trying to target?
The following exchange occurs after the author tried to copy legally purchased, DRM-infected .WMA files into iTunes. After failing several times, he calls the support line for the company which sold the files to him:
"You don't understand," I said, "These files were not copied or pirated, I actually purchased them."
"Well" she responded, "You didn't actually purchase the files, you really purchased a license to listen to the music, and the license is very specific about how they can be played or listened to."
Now I was baffled. "Records never came with any such restrictions," I said.
Linux supports more devices "out of the box", than any other operating system ever has.
There are also a few very interesting paragraphs on the Linux USB code. (Greg Kroah-Hartman specialises on the kernel's USB subsystems, amongst others.) Here is a severely cut-down excerpt:
Linux now has the fastest USB bus speeds when you test out all of the different operating systems. We max out the hardware as fast as it can go, and you can do this from simple userspace programs, no fancy kernel driver work is needed.
Now Windows has also rewritten their USB stack at least 3 times ... each time they did a rework, and added new functions and fixed up older ones, they had to keep the old api functions around, as they have taken the stance that they can not break backward compatibility due to their stable API viewpoint. ... now the Windows core has all 3 sets of API functions in it, as they can't delete things. That means they maintain the old functions, and have to keep them in memory all the time, and it takes up engineering time to handle all of this extra complexity. That's their business decision to do this, and that's fine, but with Linux, we didn't make that decision, and it helps us remain a lot smaller, more stable, and more secure.
All of this, plus arguments against the "stable API" approach, plus more! Well worth a read.
It's a "huge conflict of interest" for one company to provide both an operating platform and a security platform, Symantec Corp. CEO John Thompson said during a keynote speech at the Cebit trade show in Hanover, Germany.
I don't think there's any conflict of interest here at all. Well, maybe there is as far as the consumer is concerned, but does that really matter? Sell a deficient product, then sell another deficient product which purports to make the first deficient product less deficient. Hey, why bundle it if you can make an extra buck by selling it?