Linux-Advocacy Digest #873, Volume #32 Sun, 18 Mar 01 17:13:03 EST
Contents:
Re: German armed forces ban MS software <gloat!> (Rex Ballard)
Re: IBM adapting entire disk storage line to work with Linux ("Chad Myers")
Re: In response to Windows Owns Desktop, Extends Lead in Server Market (Rex Ballard)
Re: Yet more XBox bogification... ("Chad Myers")
Re: German armed forces ban MS software <gloat!> (Mig)
Re: German armed forces ban MS software <gloat!> (Norman D. Megill)
Re: German armed forces ban MS software <gloat!> (Bloody Viking)
Volunteer Board Members Wanted for the Plex86 Software Foundation ("Keith Donaldson")
Re: GPL not being free doesn't mean that the license is invalid. (Pat McCann)
Re: IBM adapting entire disk storage line to work with Linux ("Gary Hallock")
Re: Humbled (Craig Kelley)
Re: which distribution? (Craig Kelley)
Re: German armed forces ban MS software <gloat!> (Craig Kelley)
Re: German armed forces ban MS software <gloat!> (Bloody Viking)
Re: German armed forces ban MS software <gloat!> (Chad Everett)
----------------------------------------------------------------------------
From: Rex Ballard <[EMAIL PROTECTED]>
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Date: Sun, 18 Mar 2001 20:58:13 GMT
This is a multi-part message in MIME format.
==============26464C234A998468A0741396
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Erik Funkenbusch wrote:
>
> What's there to gloat about? This means they won't use Linux either, since
> they claim they won't use *ANY* software developed in America, and much of
> Linux is developed in American by Americans.
Yes there are American developers, and it is unlikely that they will use
the
Red Hat distribution, which does include a number of "binaries only"
drivers
and utilities. On the other hand, SuSE is a German company that
publishes a
distribution which can be limited to source-only software.
SuSE has already won accounts at such companies as Deutche-Bank,
Deutche-Telekom,
and numerous government agencies. In some cases, Microsoft
countermeasures actually
pushed these clients to switch even more of their systems to SuSE Linux.
> Sure, they could examine the source themselves, but it doesn't sound like
> they're making informed decisions based on actual evidence, so I doubt they
> would disect Linux to prove to themselves that there aren't back doors.
They don't have to. SuSE has done a very good job of doing this for
them, and
is willing to provide assurances for a certain level of distributions.
In reality,
the most common hacker attacks on Linux are Denial of Service attacks.
With the
exception of some WebSphere customers who never bothered to generate a
unique private
encryption key (listed in the installation procedures as a critical step
- but who
reads manuals these days :-), there have been very few security hacks.
You have to
deliberately keep the doors open. Sure, if you have a userid of root,
with a password
of root, you will probably get cracked wide open, but then again, most
experienced
administrators know that one of the first things you should do is change
the name
of the super-user, set the password to something pretty hard to crack
(many companies
use randomly generated passwords exclusively). With OpenSSH you can
control your
certificates.
Microsoft openly admits that they have back-doors, which they claim to
use for
tracking software piracy. Given how difficult it is to purchase a
computer system
without Microsoft software, it's quite likely that Microsoft may have
other practical
uses for it's "back doors".
We know that Microsoft puts critical serial numbers in Word documents
shipped across
the internet. We know that these serial numbers can be used to ease the
cracking of
DES and RC5 encryption keys (having a known pattern eliminates the need
for a brute-force
hack).
We know that ActiveX controls can be used to read any file and have it
transferred to
any site, at a random interval after a site is visited. We know that
VBScript attachements
can be used to capture critical information and have it e-mailed to a
key location.
We know of nearly 40 viruses, and we know that Microsoft's "Solutions"
to these
viruses has been blocking filters that were ineffective at blockng even
more destructive
versions of the same core infrastructure.
> "Dave Martel" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > <http://www.theregister.co.uk/content/4/17679.html>
> >
> > German armed forces ban MS software, citing NSA snooping
> > By: John Lettice
> > Posted: 17/03/2001 at 18:59 GMT
> >
> > The German foreign office and Bundeswehr are pulling the
> > plugs on Microsoft software, citing security concerns,
> > according to the German news magazine Der Spiegel.
> > Spiegel claims that German security authorities suspect that
> > the US National Security Agency (NSA) has 'back door'
> > access to Microsoft source code, and can therefore easily
> > read the Federal Republic's deepest secrets.
This may be one of the reasons that Microsoft has managed to remain
above the law, immune to criminal prosecution, able to get swiss-cheese
settlements, and win appeals. Snitches are rarely "upstanding
citizens",
and often take advantage of their priviledged status. Hey, if Microsoft
can wire-tap the Bundeswehr and the Kremlin, we can overlook a few
hundred companies driven into bankruptcies and a little insider trading.
Microsoft might not even be aware of all the colorful characters on
staff.
Why do excessive favors when you can simply place a few operatives in
key
positions.
> > "The Bundeswehr will no longer use American software ... on
> > computers used in sensitive areas..."
It's a bit naive to think that not using Microsoft would stop the NSA.
On the other hand there's no point in turning yourself into an "open
book"
for every terrorist and extremist organization in the world. If a
high-school
kid from the Phillipenes can do 2.5 billion in damages, just imagine
what
could happen when a professional terrorist from Iraq or Libya decides to
"have a little fun".
I would hope that the U.S. follows suit. It would be a bit silly to be
the only
country whose banks, military, regulatory angencies, and financial
markets could
be tapped like a wide open book.
--
Rex Ballard
It Architect
http://www.open4success.com
==============26464C234A998468A0741396
Content-Type: text/x-vcard; charset=us-ascii;
name="rballard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Rex Ballard
Content-Disposition: attachment;
filename="rballard.vcf"
begin:vcard
n:Ballard;Rex
tel;cell:908-723-4008
tel;work:973-723-4008
x-mozilla-html:FALSE
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
fn:Rex Ballard
end:vcard
==============26464C234A998468A0741396==
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: IBM adapting entire disk storage line to work with Linux
Date: Sun, 18 Mar 2001 20:48:27 GMT
"GreyCloud" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Ed Allen wrote:
> >
> > In article <cCOs6.82336$[EMAIL PROTECTED]>,
> > Chad Myers <[EMAIL PROTECTED]> wrote:
> > >
> > >It's alright, laugh it up. I know you're really just jealous
> > >because you know that I'm right. You know that the only company
> > >who really takes Linux seriously (if that's what it really is)
> > >is IBM, and IBM has a poor track history with desktop and
> > >small-server OSen.
> > I suppose that is true if you have a secret definition for
> > "seriously" like Erik likes to do.
> >
> > How many more millions does Intel need to invest to qualify in
> > your private definition ?
> >
> > Lets not forget that AMD is encouraging Linux developers to use their
> > coming 64-bit chips. They don't qualify, why ?
> >
> > SGI does not qualify either. Why not ? They are planning to add
> > their NUMA technology and sell Itanium cluster machines.
> >
> > Then too, all the universities using Linux to put together their
> > own Supercomputers are not companies either.
> > http://www.vnunet.com/News/1113447
> >
> > What do you think the graduating students will recommend for use
> > at their new jobs ?
>
>
> Yes, a very excellent point!
It's a very common problem.
Universities using archaic or esoteric systems to teach their students,
and then when the students graduate and get out into the real world
where companies have to make money, they realize they know nothing
necessary to compete.
Meanwhile, the intelligent individuals who decided not to waste
their time on worthless university "computer science", and instead
decided to learn the hot technologies that pay well and are making
a fortune and are in high demand, even in today's economy.
Those students may suggest it to their employers, but their employers
will laugh because they know the truth about linux.
-c
------------------------------
From: Rex Ballard <[EMAIL PROTECTED]>
Subject: Re: In response to Windows Owns Desktop, Extends Lead in Server Market
Date: Sun, 18 Mar 2001 21:06:08 GMT
This is a multi-part message in MIME format.
==============F483916C15EFDB4BA0775D83
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Perry Pip wrote:
>
> When I download a Linux iso image, or install it over the net via
> apt-get, does that count as a "shipment"?
No. IDC only includes shrink-wrapped packages shipped to retail outlets
and sold,
and packages sold directly to corporate customers. You could purchase
one legal
copy of Red Hat 7.0 and call them for 300 liceneses - this would count.
Ironically, with Red Hat, you could actually purchase only one license,
and then
order 300 service contracts. I believe this would only count as one
license according
to IDCs measures. This would happen if support contracts are handled by
a different group
than the licenses.
> On Sat, 03 Mar 2001 02:34:03 -0500,
> Rex Ballard <[EMAIL PROTECTED]> wrote:
> >This is a multi-part message in MIME format.
> >--------------0E24C7E917FD4FA6B9A952A2
> >Content-Type: text/plain; charset=us-ascii
> >Content-Transfer-Encoding: 7bit
> >
> >I just found out that the IDC report measured Linux' 2% in terms of
> >revenue. This paints a very different picture. Since Linux costs
> >1/10th the price of Windows NT, and costs less than 1/5 the price of
> >Windows ME, Linux is actually approaching somewhere between 5 and 10 %
> >of the market in terms of unit volumes. This would be much more in line
> >with other estimates.
> >
> >Keep in mind that this would not include Cheap-bytes CDs, givaway CDs,
> >CDS included in books, or any other "Free" (unreported as license
> >shipments) version of Linux. This would also put the shipment estimate
> >closer to around 30 million copies shipped. Should be an interesting
> >year
> >for companies who are free to offer preinstalled Linux.
> >
> >Rex Ballard wrote:
> >>
> >> This one was particularly interesting since it covers all servers, this
> >> includes Linux, UNIX, NT, and WindowsNT and includes file and print
> >> servers, e-mail servers, and web servers. Notice that Linux with 27%
> >> and UNIX with 14% adds up to 41% of the total server market. This also
> >> only includes servers not capacities. Solaris systems such as the E-10K
> >> have up to 64 nodes, and the S-80 has 64 nodes that are several times
> >> faster than equivalent netfinity nodes.
> >>
> >> Patrick McAllister wrote:
> >>
> >> > Just posted as an fyi.......
> >> >
> >> > http://news.cnet.com/news/0-1003-200-4979275.html?tag=owv
> >>
> >> --
> >> Rex Ballard
> >> It Architect
> >> http://www.open4success.com
> >
> >--
> >Rex Ballard
> >It Architect
> >http://www.open4success.com
> >--------------0E24C7E917FD4FA6B9A952A2
> >Content-Type: text/x-vcard; charset=us-ascii;
> > name="rballard.vcf"
> >Content-Transfer-Encoding: 7bit
> >Content-Description: Card for Rex Ballard
> >Content-Disposition: attachment;
> > filename="rballard.vcf"
> >
> >begin:vcard
> >n:Ballard;Rex
> >tel;cell:908-723-4008
> >tel;work:973-723-4008
> >x-mozilla-html:FALSE
> >adr:;;;;;;
> >version:2.1
> >email;internet:[EMAIL PROTECTED]
> >fn:Rex Ballard
> >end:vcard
> >
> >--------------0E24C7E917FD4FA6B9A952A2--
> >
--
Rex Ballard
It Architect
http://www.open4success.com
==============F483916C15EFDB4BA0775D83
Content-Type: text/x-vcard; charset=us-ascii;
name="rballard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Rex Ballard
Content-Disposition: attachment;
filename="rballard.vcf"
begin:vcard
n:Ballard;Rex
tel;cell:908-723-4008
tel;work:973-723-4008
x-mozilla-html:FALSE
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
fn:Rex Ballard
end:vcard
==============F483916C15EFDB4BA0775D83==
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy,comp.sys.mac.advocacy
Subject: Re: Yet more XBox bogification...
Date: Sun, 18 Mar 2001 20:51:24 GMT
"Stephen S. Edwards II" <[EMAIL PROTECTED]> wrote in message
news:9933mv$4gc$[EMAIL PROTECTED]...
> [crossposted]
>
> Look, I have no particular hatred of Microsoft,
> but this is bullshit.
>
> First, we have this:
>
> http://boards.ign.com/message.asp?topic=3550576
> http://www.mikekraus.de/lol.jpg
>
> Then we have this:
>
> http://xbox.ign.com/news/32476.html
>
> Now, is there any mention of it on xbox.com?
>
> http://www.xbox.com:/News/
>
> Golly gee whiz, no.
>
> I'll defend WindowsNT where it's warranted, and I'll
> attempt to debunk statements that I think are untrue,
> but this sort of crap is inexcusable, and it looks like
> Microsoft is resorting to lying yet again, merely to boost
> sales. Pathetic. Absolutely pathetic.
So basically, some moron posts a lie to a message board,
and suddenly it's news and suddenly it's fact.
And remember, Adobe Photoshop is the ONLY application in
the ENTIRE WORLD which can produce lens flares, right?
So there they HAD TO HAVE touched it up?
Give me a fucking break.
Anyone can produce lens flares, and they probably
duplicated or reproduced whatever photoshop's lens
flare algorithm is, or close to it.
It's a non-issue really, it's its sad to see IGN
reporting this as "news".
-c
------------------------------
From: Mig <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Date: Sun, 18 Mar 2001 22:02:11 +0100
Chris Ahlstrom wrote:
> Chad Myers wrote:
>>
>> By this logic, they shouldn't use any OS, because all OSes are
>> subject to compromise if a trusted user runs a trojan application.
>> Especially Linux...
>
> He means "Especially Windows", folks.
Oh yeah... Almost forgot that Chad is the security expert that is trying to
improve on SSH :-)
------------------------------
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
From: [EMAIL PROTECTED] (Norman D. Megill)
Date: Sun, 18 Mar 2001 21:08:53 GMT
In article <[EMAIL PROTECTED]>,
GreyCloud <[EMAIL PROTECTED]> wrote:
>"Aaron R. Kulkis" wrote:
[snip]
>> I would also bet that, if that is the case, that M$ is required to give
>> the source to the Department of Defense in electronic form, AND give the
>> military the right to modify the source code for their own internal use.
>
>Yep, we do! When we purchased some VAXes we got source code,
>schematics, the whole works. Same for microsoft stuff. Of course
>agreements of non-disclosure and security protecting their proprietary
>software were in place. After reviewing their source code all I can say
>is that the mil. now calls it messy-dos!
It is true that selected organizations can get Windows source code. But
there is no way a few dozen or even a few hundred of the organization's
programmers could do an adequate audit of the source code. There is
simply too much source code. And what a waste; since the NDA prevents
sharing, each organization must duplicate the effort of the others.
Even Microsoft's entire body of programmers has demonstrated time and
again that they allow serious security holes to slip through.
There is no substitute for having thousands, possibly millions, of
programmers around the world scrutinize open source code for security
holes. Not even Microsoft's coffers can buy that kind of auditing.
--Norm
------------------------------
From: [EMAIL PROTECTED] (Bloody Viking)
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Date: 18 Mar 2001 21:12:02 GMT
[EMAIL PROTECTED] wrote:
: No. They are claiming there *may* be backdoors, and that this *possibility*
: is a risk not worth taking in certain situations.
Since you can't inspect the sourcecode with Windows, you can never be _sure_
there is no back door. Same with encryption software. This is why as a Yank, I
use only international versions of PGP. I do a sourcecode edit on the version
number (remove the "i") and compile.
I consider the intentional use of an "americanised" warez version of PGP to be
standard practice. International PGP would make for the ultimate file format!
I also use the biggest key available.
If I was in charge of data security in the EU, I would insist on at least 4096
keys on a closely inspected international PGP.
For security, having access to the sourcecode is important. That way, you can
inspect the code for yourself (or have a programmer you trust do it) before
you do the compile. This is where Linux with the wide-open sourcecode is an
excellent choice. Pretty hard to beat the security advantage of open source.
With PGP, given the bullshit with getting the Yank version, I don't trust it
as I'm not able to read the source well enough. That's not even mentioning the
hoops you get to jump through to get it. It's easier to download the
international version, edit out the "i" and compile away.
--
FOOD FOR THOUGHT: 100 calories are used up in the course of a mile run.
The USDA guidelines for dietary fibre is equal to one ounce of sawdust.
The liver makes the vast majority of the cholesterol in your bloodstream.
------------------------------
From: "Keith Donaldson" <[EMAIL PROTECTED]>
Subject: Volunteer Board Members Wanted for the Plex86 Software Foundation
Date: 18 Mar 2001 21:12:27 GMT
Volunteer Board Members Wanted for the Plex86 Software Foundation
The Organizing Committee of the Plex86 Software Foundation is looking for a
few talented and diligent volunteer board members to help us provide
organizational, legal, and financial support for Plex86 open-source software
projects (www.plex86.org).
The goal of the Plex86 project is to create an extensible open source PC
virtualization software program that will allow PC, and workstation users to
run multiple operating systems concurrently on the same machine. What makes
it challenging on the PC, is that the x86 processor is not "naturally"
virtualizable. That is to say, it was not designed to run multiple operating
systems concurrently. However, with some manipulation and use of system
level features, this can be done. The Plex86 environment makes the processor
virtualization more flexible and controllable than commercial products where
developers do not have access to the source code, such as VMware.
If you can contribute one evening a month and have skills or contacts that
can aid us in the management of funds, intellectual property, accounting,
publicity, fundraising or allocation of resources to projects, please
contact Keith Donaldson at 617.576.9555 or [EMAIL PROTECTED] to find out more
about whether this volunteer opportunity is right for you.
kd
------------------------------
Crossposted-To: gnu.misc.discuss,comp.os.ms-windows.advocacy,misc.int-property
Subject: Re: GPL not being free doesn't mean that the license is invalid.
From: Pat McCann <[EMAIL PROTECTED]>
Date: 18 Mar 2001 13:10:47 -0800
"Mart van de Wege" <[EMAIL PROTECTED]> writes:
> Ok John,
>
> What is your constant harping on the non-freedom of the GPL, crossposted
> to a linux group no less (where you can expect people to be pro-GPL),
> anything else but an attempt on your side to beat down our opinion?
> Think on this before you start criticizing other people, otherwise your
> argument is lacking internal consistency.
Please note the differences between beating down an opinion, beating
down a way of expressing an opinion, and beating down a person for
expressing their opinion or doing it poorly. Beating down a person
should usually be avoided outside pubs. The best way to reduce
someone's postings is to ignore she/he/it (say it fast).
As for the "linux [sic] group" thing, note that most of these threads
get started by someone saying something profoundly misleading about
copyleft and related topics, whether in g.m.d, c.o.l.a, or
alt.life.sucks. It usualy makes sense to post the pro where the con
was posted.
This is not meant to support harping about the misuse of "free(dom)".
------------------------------
From: "Gary Hallock" <[EMAIL PROTECTED]>
Subject: Re: IBM adapting entire disk storage line to work with Linux
Date: Sun, 18 Mar 2001 16:11:53 +0500
Crossposted-To: comp.os.ms-windows.nt.advocacy
In article <va9t6.87051$[EMAIL PROTECTED]>, "Chad Myers"
<[EMAIL PROTECTED]> wrote:
> Universities using archaic or esoteric systems to teach their students,
> and then when the students graduate and get out into the real world
> where companies have to make money, they realize they know nothing
> necessary to compete.
>
> Meanwhile, the intelligent individuals who decided not to waste their
> time on worthless university "computer science", and instead decided to
> learn the hot technologies that pay well and are making a fortune and
> are in high demand, even in today's economy.
>
> Those students may suggest it to their employers, but their employers
> will laugh because they know the truth about linux.
Actually, it is more likely that those students will be hired, in part,
because of their knowledge of Linux and Unix. That is exactly what is
happening where I work.
Gary
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Subject: Re: Humbled
Date: 18 Mar 2001 14:16:56 -0700
mlw <[EMAIL PROTECTED]> writes:
> mlw wrote:
> >
> > It is all smoke and mirrors. Truth be told, we are all jr high school students,
> > smoking pot in a basement.
>
> Wait... I thought someone may take that seriously. A sense of humor can
> ricochet if you are not careful. No, I am not in jr. high. I wrote my first
> computer program in 1977 on a PDP-8e, punch cards and all.
Commodore PET in 1982 or so for me.
Unless you count erector sets, that is.
I've read of the fabled PDPs, but still have never used them. My
first personal (mine) UNIX machine was one of Jobs' NeXT machines.
--
It won't be long before the CPU is a card in a slot on your ATX videoboard
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Crossposted-To: aus.computers.linux
Subject: Re: which distribution?
Date: 18 Mar 2001 14:18:52 -0700
Christopher Fardell <[EMAIL PROTECTED]> writes:
> Which is better Mandrake 7.2, Corel Linux original version or Redhat 6.2?
RedHat 6.2 (although I'd use 7)
> Which supports the most hardware?
Mandrake 7.2, although many don't like it (7.1 was better).
> which comes with the most software with it
Depends on what kind of software you're talking about.
--
It won't be long before the CPU is a card in a slot on your ATX videoboard
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Date: 18 Mar 2001 14:26:49 -0700
"Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> What's there to gloat about? This means they won't use Linux either, since
> they claim they won't use *ANY* software developed in America, and much of
> Linux is developed in American by Americans.
>
> Sure, they could examine the source themselves, but it doesn't sound like
> they're making informed decisions based on actual evidence, so I doubt they
> would disect Linux to prove to themselves that there aren't back doors.
Just curious: Why do you always go into Super Microsoft Defense Mode
every time something silly like this happens? If the NSA registry key
had nothing to do with the NSA, then Microsoft did a very poor job of
communicating it to the public and misunderstandings like this are
inevitable (if it is a misunderstanding).
Not only do you go into defense mode, but you must sneak in attacks on
Linux. Why? What does code verification of software on Linux have to
do with being unable to do the same under Windows? What is an
"informed decision" in your mind? Using Microsoft software
exclusivly?
--
It won't be long before the CPU is a card in a slot on your ATX videoboard
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: [EMAIL PROTECTED] (Bloody Viking)
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Date: 18 Mar 2001 21:28:44 GMT
Erik Funkenbusch ([EMAIL PROTECTED]) wrote:
: The difference is that I lock my door with commercial grade locks. I don't
: use a custom designed vault door.
You are missing a subtle point. With security against ordinary burglars,
ordinary locks suffice. The issue here is national security of the given users
being governments of nations.
While normal locks keep out normal burglars, normal locks won't keep a repo
man from getting into your car if you don't pay up. The difference is that a
repo man is a government sanctioned "car thief". They are allowed to use ANY
method needed to get that car - and you get to pay for any damage they cause!
"If you are stupid enough to buy a car on a loan and not attempt to pay up,
you'll find that ordinary security is grossly inadequate to keep that car. If
you can't pay up, you may as well call the bank and let them jave it in a
voluntary repo and hand over the keys.
National security is on a par with protecting a car from a repo man, so normal
security does not cut it. Now, the EU is wanting to protect data from a known
large rogue government - ours. Given our government's track record, it's easy
to see why the EU doesn't trust Windows with the possible back doors. Would
you trust your lock if the locksmith has a master key and you couldn't trust
him?
Do you REALLY trust Uncle Scam? Apparently, the EU doesn't, and I don't blame
them one bit, let alone one byte.
--
FOOD FOR THOUGHT: 100 calories are used up in the course of a mile run.
The USDA guidelines for dietary fibre is equal to one ounce of sawdust.
The liver makes the vast majority of the cholesterol in your bloodstream.
------------------------------
From: [EMAIL PROTECTED] (Chad Everett)
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: German armed forces ban MS software <gloat!>
Reply-To: [EMAIL PROTECTED]
Date: Sun, 18 Mar 2001 21:34:32 GMT
On Sun, 18 Mar 2001, Chad Myers <[EMAIL PROTECTED]> wrote:
>
>"Chad Everett" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> On Sun, 18 Mar 2001 02:06:22 -0600, Erik Funkenbusch <[EMAIL PROTECTED]> wrote:
>> >"CR Lyttle" <[EMAIL PROTECTED]> wrote in message
>> >news:[EMAIL PROTECTED]...
>> >> > The real truth is that Germany is still pissed that MS included
>> >Diskeeper
>> >> > technology whos CEO is a scientologist.
>> >> Already forgotten the "NSAKEY" backdoor? That was the "backup" key that
>> >> MS put in the OS in case they (they being MS) "forgot" the primary key
>> >> and needed to update your software.
>> >
>> >That would be the backdoor that one of the top cryptologists in the world
>> >says he doesn't believe exists.
>> >
>> >Bruce Schneier, author of Applied Cryptography and considered a formemost
>> >expert in cryptogrophy chimed in on the entire NSAKEY incident saying that
>> >the paranoia mongers arguments simply didn't make sense.
>> >
>> >http://www.counterpane.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI
>> >
>>
>> Thanks Erik. Your counterpane link has provided another two great reasons
>> for a foreign agency to make a decision to purge all Microsoft OSs from their
>> machines:
>>
>> Here's a snip from the Schneier link:
>>
>> First, if the NSA wanted to compromise Microsoft's Crypto API, it would be
>> much easier to either 1) convince MS to tell them the secret key for MS's
>> signature key, 2) get MS to sign an NSA-compromised module, or 3) install
>> a module other than Crypto API to break the encryption (no other modules
>> need signatures). It's always easier to break good encryption by attacking
>> the random number generator than it is to brute-force the key.
>>
>> Second, NSA doesn't need a key to compromise security in Windows. Programs
>> like Back Orifice can do it without any keys. Attacking the Crypto API still
>> requires that the victim run an executable (even a Word macro) on his
>computer.
>> If you can convince a victim to run an untrusted macro, there are a zillion
>> smarter ways to compromise security.
>>
>
>By this logic, they shouldn't use any OS, because all OSes are
>subject to compromise if a trusted user runs a trojan application.
>Especially Linux...
>
Ah, you have missed a key point in the "Second" case. Bet you can't tell
us what it is. You also completely ignored the "First" case.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.advocacy.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
