Here’s another post about a paper I’ve read recently. This time it’s not entirely for fun, but I still thought I’d write about this one, Adventures with a certain Xen vulnerability (in the PVFB backend). I’ve read a few security-related papers and articles. In general I’ve found that there’s a huge gap in quality (and sometimes rigor) between the practitioners and academia. This however is a paper that I found to be of good quality, while still being produced by a member of the former camp. Hopefully it will start a trend
I thought I’d start posting little notes about papers I read, especially if I find them interesting and worth reading. So here we go!
I read this paper on the bus this morning. I suspect I got it off Lambda the Ultimate a while back, printed it and then kept it in my bag for several months.
It’s been a while but my list of links to put out there is starting to get a
bit too long.
Here’s another example of how wrong the patent system is. We really
don’t need software patents in Europe! There seems to be some hope for
the situation in the States though. We need more stories like that!
Some Linux related things. I suppose “military intelligence” isn’t such an
oxymoron after all, at least not in Sweden. If you want to learn
Linux, here are some tips. If you are so unfortunate as to be a Linux
user forced to work on Windows then here are some tips for you.
There’s always some interesting things going on in the DRM world. How’s this
for a story? Large music company sticks dodgy software from small company on
CDs so that their customers’ unwittingly installs said software when trying to
play the CD on their computer. Then it turns out that the software is dodgy
and the large company is taken to court in class action suits all over the
world. Now, who’s to blame? The large company that made the amazingly bad
decision to treat their customers like criminals? Not if you’re Sony!
Here’s a bonus article on DRM, a bit of scare mongering surrounding
Microsoft’s use of “trusted computing”. Yes, technology can be used in bad
ways, but I doubt even Microsoft would be able to stick to such a bad use of
technology for long. Call me an optimist! I’m hopelessly late. Here’s
an excellent explanation of why DRM is so hard from a technical POV.
I’ve been hoarding links on how to opt outof theNHS database
here in the UK. They could turn out to be useful.
I realised I hadn’t put in one of these posts in a while. The level in my “To Blog” bookmark tag was dangerously high… here we go!
I really enjoy this, rather old article on superstitions in relation to computers. I never bothered counting my superstitions on Windows, but given that I’ve given up on understanding Microsoft’s products I suspect they run in the thousands.
Every developer needs Cenqua’s Commentator. I’m getting it as soon as I’ve saved the money. It’ll be the first piece of software that I pay for myself in years. Worth every penny though.
libgfshare. Please, go off and write some cool software using it. Please! If I were a FirefoxIceWeasel user I would use the Python sidebar. It looks so useful I might look into creating one for epiphany. If you’re considering doing something cool with PDF docs, have a look at extendedPDF. I think I’ve mentioned Rob Bradford’s GConf difftool in another post, or maybe not. Anyway, I’m hoping that’s the first step towards a tool that lets you export GConf settings between machines. Are you a Python web developer, Python Paste is yet another framework.
If you still believe that “do no evil” is enough then you won’t be interested in Google Watch. I however thing they should upgrade their slogan to “do good”, so I am interested.
I found the following post funny, but I’m probably the only one. Havoc doesn’t understand why distributed VCS is better then Subversion. I suppose that’s what happens when you are a famous FLOSS person that immediately gain submit access to any project one shows an interest in. For the rest of us; thank goodness for distributed VCS.
More old news, I don’t really see why I should worry about “identity theft” from someone rummaging through the rubbish in my wheely bins while the UK banks are so careless with client information.
With great power comes great responsibility. It’s sad when language designers don’t believe the developers deserve the responsibility. Here’s a post on the difference in attitude between C# and Python when it comes to empowering the developer.
Well, I actually do believe in the cheerleader defense for wireless networks. Anyone who has looked at software security knows that plausable deniability is much easier to achieve than locking down a system. IANAL but I still believe in the phrase “beyond reasonable doubt”.
Now, I wasn’t planning on running Vista on any of my private machines. After reading this, rather long, article on Vista’s EULA I’m absolutely certain of that. I’m almost thinking Microsoft is taking a piss out of their users. However, evidence is mounting that they aren’t. I can’t help but wonder how their “de-activation” will hold up in legal systems outside of the US. I also wonder how much further this distrust-your-user craziness in EULAs can be taken before users start reacting negatively.
Theo de Raadt sometimes has some very good things to say. His way of saying it is always entertaining though.
The US politicians have been busy. First they claim space. I predict it’s only a matter of time before DHS is given jurisdiction over space, effectively making the US an intergalactic power. At the same time they’ve been busy signing away the single most important idea in the US body of law, separation of powers, making US the Fourth Reich. It seems Constitution 2.0 is now a reality.
I wonder how long it’ll take until the message reaches the media and the politicians. Solve the basic problem rather than patching up the symptoms. Identity fraud will remain a growing problem as long as it’s possible easy to “become someone” by using documents that are sent regularly through the mail (i.e. bills).
Our “honourable” EU politicians are finally worrying about the right things when it comes to Microsoft. Microsoft is all about lock-in, they’ll use security to achieve it if they can. Microsoft is of course responding. I wonder if they’re ever going to inhabit the same world as I am? Vista creating 100000 new jobs? Only if changing the title of a position from “Windows XP Developer/Administrator/Shithead” to “Windows Vista Developer/Administrator/Shithead” counts as “creating a new job”. I think Linux Journal is too kind when they call it Microsoft’s Masterpiece FUD. I think it only shows just how desperate Microsoft is to get Vista out the door.
I couldn’t help but laugh out loud when reading this article trusted computing—Trusted computing a shield against worst attacks?. Let me see if I got it right. Phoneix Technologies, who happen to make a TPM module, pays analyst firm Trusted Strategies to have a report on digital attacks done. Then, surprisingly, the analysts come back and say that a TPM would have stopped most of those attacks. Who would ever read and put any faith in a report like this? Besides other analysts of course. I can’t help but think that the computer analyst firms are locked in a circle-jerk that’s paid for by computer companies. It is a very strange world we live in.
Thinking of writing a media app in Python? This seems like a good place to start.
Elmo is right, Britain really is the 51st state. I’ve noticed the very strange and one-sided relationship with the US before but this article on Britain’s nuclear weapons put that in a whole new light.
There seems to be some intelligence in North America. In Canada to be more specific. This is only the last article of quite a few on Canadian artists worrying about copyright. This is a little old, but still hilarious. Go CEA!
Some interesting articles on Net Neutrality by David Ernst and Andy Kessler. I’m slowly starting to lean towards letting the market sort this out without government intervention. The idea of labelling is especially appealing.
That something’s wrong in Microsoft is rather obvious given the amazing delay in releasing Vista/Longhorn (whatever it’s called this week). After listening to the LQ podcast I tracked down the MSDN blog entry mentioned in it, Broken Windows Theory. It’s an interesting look behind the curtain.
![[Digg]](http://therning.org/magnus/wp-content/plugins/bookmarkify/digg.png)
![[Reddit]](http://therning.org/magnus/wp-content/plugins/bookmarkify/reddit.png)
