celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Oct 3, 2014 14:01:38 GMT
PS. Linux upgrading is not without it's problems. Had a very frustrating time with an upgrade I just did. But it was specific to Firefox. Importing the bookmarks into the new Firefox didn't work using the recommended way, it couldn't read the file, but the file opens fine on older FF versions. I got it in, but it still has some very bizarre behaviour.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Oct 3, 2014 13:52:42 GMT
Many businesses that do upgrade, build one machine and then ghost it to all the others. Then install/reinstall special applications for certain classes. Alternatively, the may build several machines (multiple ways of doing this), and then ghosting each of those. It depends on the size and budget of the company. There isn't one standard way for all. Some, as has been said, just get new machines and sell/toss the old ones.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 5, 2014 3:58:49 GMT
Just to add my 2 cents from what I know of SELinux, and encryption and backdoors.It's not so much a backdoor that is worried about with SE Linux. The problem is with the algorithms. These are highly suspected to be using algorithms which the NSA has discovered as having weaknesses which reduce the order of complexity (solution space), but also that NSA knows that weakness and has penetration algorithms. It is very difficult to examine code or an algorithm and determine if it has a weakness in it's solution space. This can only be determined by a thorough testing of the algorithm. But this can only be done completely for simple solution spaces (which we don't want with security protocols). But with enough computing power and enough time testing one might find a class of algorithms with a weakness that reduce the time required to break a code. This is the reason for rewriting SELinux. NSA provided the algorithms, seeds, etc. with no explanation of proof of hardiness. Others have written a better explanation, than what I have here.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 25, 2013 18:41:49 GMT
Please, refrain from grouping *all* programmers in one bucket.
Some programmers understand a lot more than we are given credit for, as a group.
We aren't all kids or former kids with no social skills living in the basement of our mother's house living and breathing computer usage and failing to launch, as they say.
Beside, as a kid, I was a mad scientist, making all manor of crazy things (in bathtubs), even a useful not really nameless chemical once tamed by a guy named Noble (name misspelled so as not to trigger certain keywords for automatic capture by you know who, and I don't mean Tom Riddle).
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 25, 2013 16:05:57 GMT
Well, since I can't create a thread here, and not sure where to drop this. Here it goes. We need a place to drop the case files. This is a little old, but I'm going to try to cover stuff from where we were when PJ stopped. I'm not seeing this item in her list, although technically it happened before she shut down. Docket #737 ORDER DENYING MOTION TO COMPEL AND MOTION TO ENFORCE by Judge Paul S. Grewal denying 669 Administrative Motion to File Under Seal (psglc1, COURT STAFF) (Filed on 8/14/2013) docs.justia.com/cases/federal/district-courts/california/candce/5:2012cv00630/251113/737/Here's my summary and analysis. Samsung needed to have Apple financials in order to do a proper defense and calculation of the claimed infringement dollar figure. The court back in April of 2013 ordered Apple to comply and produce relevant documents. Apple refused. Apple objected. Apple waffled and whined and complained. Meanwhile the case rolled on, deadlines approached and the judge Lucy Koh has a history of denying late homework, err... filings. Ergo, Samsung had to rely on other means to do the calculations that were due. Now comes Samsung continuing to ask for these documents and the enforcement of the court order which Apple has so contemptuously failed to comply with (shades and memories of SCO antics). Some would say this is just good lawyering business. The judge, and both parties all agree that Apple should have produced these. That the law is clear on this, and that the court should order this to happen. But once again Judge Koh sides with Apple and denies the motion and to order enforcement of her own order. The reasoning is since Samsung was able to compose an estimate, based on some magic which isn't revealed, they don't need it. So Samsung can't argue the specifics which those documents would have produced. Additionally, in a sort of win for Samsung and a possible attempt to at least appear impartial and fair, Apple can't come back and say that Samsung has excluded too much damages, because Apple has incredulously said it can't produce the specifics. She all but call Apple a bunch of liars here. Or perhaps it was judge speak for "liar liar pants on fire" to Apple. I'm not saying she wasn't fair. But, she didn't even sanction Apple for failing to comply, and I'm sure she's really tired of this case and is doing the best she can to send it off into the NeverNeverland of Appeals. But again, maybe that's just good lawyering. Take all you can give nothing back. Or as Wendy says in Hook to Robin Williams (aka Peter Pan), "You've become a pirate!". Perhaps there is not much difference in the techniques of Pirates and Lawyers. I know plenty of Lawyers and Judges. All good men and women, but I wouldn't want to be their adversary, anymore than I would want to have to face a pirate. Lawyers after all are paid to win, and can often get away with things in court that the rest of us mere mortals can't. Feel free to correct any misunderstandings I've made. I'm attaching the PDF (available at the link above). I'll also look into seeing what I can do to start collecting the legal filings. But I'm a busy man, and so far don't see any place to post docs here (except as attachments). Also, if I'm going to start collecting legal docs from Lexis (who just had their can handed to them by crackers - oh joy) we'll need a way to raise some greenbacks to defray my expenses. ApplevSamsung_737.pdf (109.06 KB)
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 23, 2013 2:38:03 GMT
Sure enough, here it is! Even while they were negotiating with Stac for the software, they had another company modifying code of their own to Microsoft's specifications. In other words. MS already knew what Stac was doing because they got Stac to tell them, and then went to Stac's competitor and gave them the keys to Stac's kingdom. Holy Cow! That's even worse, than what I thought they had done! Of course we don't know what Microsoft's specifications were. Maybe I'm wrong, and they just wanted Doubledisk to put Microsoft's copyright notices inside the code. Or maybe, I'll win the next 400 million dollar Lottery. groklaw.net/pdf/iowa/www.iowaconsumercase.org/011607/4000/PX04253_A.pdf
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 23, 2013 2:26:27 GMT
You're right! All these years, I've believed the wrong story. What MS sued on was the fact Stac was using undocumented DOS calls. How MS ever won on this is simply amazing and further proof that the Courts are completely clueless about computer tech and shouldn't be allowed to rule on such things. DoubleDisk was a reverse engineered implementation of Stacker, or at least partly. Hence the reason MS was found guilty of patent infringement, since Doubledisk implemented the patents, which MS then bought and renamed Doublespace and thus "unintentionally" violated the patents. But before going to far check out this (apparently) Comes vs. MS email where MS requires the Doubledisk to do what Stacker does. 1992. techrights.org/comes-vs-microsoft/text/msg00179.html
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 22, 2013 16:40:09 GMT
The comment about stacker actually says the same thing. MS took Stacker changed a string inside the application and sold it as it's own. That's why they got slammed in court. MS completely and totally stole Stacker, in the most massive case of software copyright piracy ever, and no one at MS went to jail for this enormous, criminal act of stupidity on the part of BillG. Bill actually wrote the Micro-Basic interpreter from the specifications. I don't think he RE anything. It may be the only single creative software act he ever did. I won't take that away from him. Whatever else he did wrong, at one time he actually knew how to code without stealing from others. Not that I know for a fact BillG never REd anything, just not the things you've listed.
Anyway, that's my recollection, but I'm an old man and my memory was never the most fantastic. Unlike former SCO executives, I'll admit I'm wrong if you can show me some evidence Bill REd BASIC. It's one thing to ignore the advice of a tech, and another to ignore the advice of the head of the tech dept. Beside, you're totally forgetting that Caldera was a Linux company that bought parts of Unix. No, I won;t won;t allow anyone to say that Darl didn't KNOW Linux didn't infringe Unix. I'm sorry, just not believable.
Could some non-tech manager stubbornly refuse to accept Linux didn't infringe Unix. Absolutely. I'm just saying, in this ONE instance, it's not believable.
Lastly, I didn't state it before but REing is NOT a simple thing to do. Simple in theory. Simple in the beginning of the Software Revolution. But today programs are obfuscated, compressed, encrypted, and BIG. Anything can still be decompiled, spied, and REed. But if it was easy, then every piece of hardware out there would work perfectly and exactly in Linux as the way it does in Windows. But there is a lot of skill involved in the process.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 19, 2013 21:08:22 GMT
That is the end goal, of course. But we also can't yield the field to the enemy either. If we can keep up the killing of junk patents before they become patents, then the Trolls source will dry up as they run out of junk patents over time. Vigilance may be the only feasible solution for some time.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 19, 2013 19:42:49 GMT
My vote would be for a geeklog-type site. If being able to write well is a requirement, that leaves me out. But alas, I am like you, not enough time, a code hacker, and PJ has taught me most of what I know about the law. Although, I have some other sources of law learning. As far as getting into trouble. I don't see how that can really be an issue. We are merely stating opinions and our understandings. We aren't offering legal advice, and that needs to be made abundantly clear. The worst we can do is come out as wrong as FM but in the other direction. But I think we are all better at analyzing these cases than he is. Because he's being paid to twist it. we won't twist it intentionally, I hope. To me, the case reporting is one of the biggest parts, and the newspicks relevant to these topics. If we can revive the case reporting, the patent prior art searching (which can be done here and elsewhere) and the legal docs repository, we'll have accomplished much. If we have all that we ought to be able to draw in some analysts, and we can invite analysts to do a guest post here and there. Posting the reporting and the legal docs for us to dig into to search for things which are making incorrect statements is useful. We may not understand the law, but we can correct tall tales in relation to the tech and who,when and where the antagonists in cases are telling multiple conflicting stories. Apple and MS are definitely guilty of this. Telling one court one story and another story in a different court. These are the kinds of things we were helpful in doing for PJ. We just won't have her guidance. But we know some of what to look for now. As far as a leader if one steps up, that's great, but if not we can continue as we are. We're programmers mostly, and used to independently working or as a team.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 19, 2013 19:22:54 GMT
I'm sorry, my stomach isn't that strong. It would be great to have some experts explain it all for us. We might even be able to get some lawyers to answer some questions for us. There are a number of lawyers out there blogging. However, if we don't have any, we don't, and I don't think we should stop discussing these cases, or going and taking notes and getting the legal docs just because we don't have a PJ type analyst anymore. Yes, she leaves a humongous hole to fill, but this is still an important task. We can't let the likes of Florian be the only voice feeding the reporters. We have plenty of people as expert in reading these as him, and some much better. And while PJ has lots of experience advanced Law students also have plenty to offer as well. At least if they are getting passing grades. Still there's a lot we could do on our own, after all we've been following these cases for years and have intimate knowledge of the players. We'd likely have much better insight than news reporters who only follow a case for a day and then move on to something else, and maybe cycle back to the case another day. But they are most likely not deep-diving into the players in the case, as we have.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 19, 2013 14:53:55 GMT
As, I stated, I'd be willing to set up a host, but any host I set up would not have the kind of resiliency that going to a hosting company could provide. My servers are constantly under attack by crackers. I haven't had a successful intrusion in a decade. That one single intrusion was actually a test on my part to see how long it would take for an unpatched system to get hacked. But, I'm not under any illusions my currents systems are invulnerable, and a DDOS against either of my server would certainly bring them to a standstill. The large hosting companies have ways to deal with that. Not that they are all equally good at it.
I think Wayne has also offered up a hosting spot. I've offered to do the work and cost of an initial set up, on some hoster. But I'm not ready to solely cover the cost of maintaining one indefinitely.
Now, on the plus side of using one of my servers. It's my box. My rules. I could install TOR, modify the default encryption (I'm not really there yet on being able to do that, more on the need for that later in this post), install high level encryption, etc.
[This part is going off on a tangent off-topic topic, but somewhat relevant here] I'll probably put this in a new thread at some point, just wanted to get it down] Now, I mentioned changing the default encryption. It is highly suspected that: A) Intel's hardware random number generator may be compromised, and I've been saying for some time that it could not be trusted to be the only source of randomness in Linux. Linus has been poo-pooing that idea. B) The criteria for some of the encryption process has been proposed the NSA. There is some speculation that the algorithms chosen to support the calculations for key generation are weak in some respect and NSA has ways to defeat and crack any key generated from such calculations (elliptic curve cryptography). There are other methods that could be employed, It's a large space (maths wise that is). It may be that NSA has figured out a method of reducing the complexity of attacks on elliptic curve cryptography. Although jacking up the key length *may* be a viable way around that. However changing the algorithm from elliptic curve to something else would require any users of the system to also use the new method. Once I'm there with a new protocol. I'll post the source. Right now, I'm studying algorithms. It may be 3 months before I'm up to speed to write my own variant.
Of course the net result of all this is we would jump up pretty high on the NSA's watch list. Not sure, what else we could do *IF* we want to make a port of Groklaw that deals with PJs whole issue of protecting leakers and what have you. Of course, whether PJ realizes it or not, by switching her mail provider she heightened NSA's awareness of her, and made herself a more monitored person.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 19, 2013 4:37:11 GMT
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 18, 2013 22:45:00 GMT
Sorry Wayne, but I think you've overstated some things there. Darl, had to know there was no copying. Internal folk told them so. Secondly, I'm not certain Bill ever did any RE. For the Basic he had source code to start with. DOS he purchased for chump change, so got the source code. Windows was written in house with lots of stuff stolen from Apple and Xerox. Xerox code was available. word, I don't know.
Generally there wasn't much in the RE front for Windows. They would buy, if they could. Or better yet, get the company to give them detailed looks at stuff to help make the the app and DOS/Windows work better together. And hence not have to RE, but get the suckers to give you the code.
Now Stacker, that was a neat trick. That was RE, and copied and all they did was replace a string inside the code to make it look like a MS compression tool. That cost them, but not nearly enough in my book. That should have been a case of criminal copyright piracy and more, if you ask me. Someone should have gone to jail for that one.
|
|
celtichackr
Veteran Member
Hacker, geek, all around technoaddict. Amateur Scientist (well except for those pesky degrees).
Posts: 51
|
Authored by celtichackr on Sept 18, 2013 18:04:40 GMT
On the flipside. We've had a number of lawyers and retired lawyers on Groklaw commenting. Not to mention, many of us have not had any problem commenting about our understanding of things. It might not hurt if any of us write up our analysis of any case and the rest of us pick it apart. Of course one would have to be brave enough to post something he/she knows will likely get shredded by the community. We might even learn more by doing such posts.
The downside, is, the hive brain effect. We might also wind up going down some twisted inconceivable logic with no relation to legal reality. But, hell, we can't do any worse than Florian.
I say, "Cry Havoc, and let loose the Dogs of War!"
I'll even volunteer to dissect the first Court Opinion that gets posted. I bet I can do better than Florian or the general News Media. Although, I may pull a Steve Jobs and "steal" lots of ideas from any lawyer/paralegal who reports on it, or I can get to talk to me, as well as drawing from past articles relating to similar decisions.
I don't care if others shred some post I make. I can take positive, negative, constructive, and non-constructive criticism. It's only words.
|
|