From: "Boyd Stephen Smith Jr." <bss03@volumehost.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] 2 to 3??
Date: Tue, 17 Jul 2007 12:27:23 -0500 [thread overview]
Message-ID: <200707171227.23899.bss03@volumehost.net> (raw)
In-Reply-To: <14178ED3A898524FB036966D696494FB138F1E@messenger.cv63.navy.mil>
[-- Attachment #1: Type: text/plain, Size: 2138 bytes --]
On Tuesday 17 July 2007, burlingk@cv63.navy.mil wrote about 'RE:
[gentoo-user] 2 to 3??':
> TiVo did not allow modified, and therefore potentially
> Compromised, devices connect to their network.
More than that -- they don't allow the "compromised" devices to boot. Of
course, that's *required* to lay down the restrictions they want, since
one the device is booted from freely modified code, there's no method of
remote attestation to guarantee your aren't just pretending to be
a "genuine" device.
> This does not sound like theft of code, it sounds like sound network
> protocol.
So, sound network protocol validates the data sent, it doesn't require the
other end to be arbitrarily "trusted". Remember "trusted" is just DoD
speak for "allowed to violate security policy".
> If you wish to maintain a secure environment that is stable
> for thousands of users, and has a lot of money riding on it, you do
> not allow compromised devices to connect. It is that simple.
BS.
Second life allows any client to connect as long as they follow the
protocol. There's a wide variety of WoW hacks that modify the running
executable (a binary patch applied at runtime) that, while not allowed
under the EULA, work quite well on the real servers and have not increased
the number of server crashes or scheduled restarts.
Securing the network is not done by securing the remote devices. (You
don't need to trusted ethernet card to connect to a cisco router, or a
cable modem.) It is done by validating the data sent, having a
well-defined network protocol, and disconnecting clients that provide bad
data.
> The TiVo thing was completely within the word and spirit of the GPL.
It was *barely* within the word, and definitely not within the spirit of
the GPL. Don't beleive me? Ask anyone at the FSF or RMS himself. They
wrote the thing.
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
bss03@volumehost.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.org/ \_/
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2007-07-17 17:34 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-17 17:38 [gentoo-user] 2 to 3?? burlingk
2007-07-17 17:27 ` Boyd Stephen Smith Jr. [this message]
2007-07-18 12:38 ` Alan McKinnon
2007-07-18 14:13 ` Stroller
2007-07-18 16:15 ` Boyd Stephen Smith Jr.
2007-07-18 13:48 ` Stroller
2007-07-18 16:33 ` Boyd Stephen Smith Jr.
-- strict thread matches above, loose matches on Subject: below --
2007-07-19 14:37 burlingk
2007-07-19 6:13 burlingk
2007-07-19 5:59 ` Boyd Stephen Smith Jr.
2007-07-19 5:54 burlingk
2007-07-18 11:07 burlingk
2007-07-18 12:29 ` Dan Cowsill
2007-07-18 4:26 burlingk
2007-07-18 4:18 burlingk
2007-07-17 17:57 burlingk
2007-07-18 13:51 ` Stroller
2007-07-17 12:12 burlingk
2007-07-17 11:29 ` Abraham Marín Pérez
2007-07-17 10:14 burlingk
2007-07-17 10:42 ` Abraham Marín Pérez
2007-07-17 11:01 ` Graham Murray
2007-07-17 12:48 ` Stroller
2007-07-17 16:19 ` Volker Armin Hemmann
2007-07-18 13:13 ` Stroller
2007-07-18 17:40 ` Volker Armin Hemmann
2007-07-18 18:10 ` Boyd Stephen Smith Jr.
2007-07-18 22:34 ` Stroller
2007-07-18 23:48 ` Volker Armin Hemmann
2007-07-19 0:41 ` Boyd Stephen Smith Jr.
2007-07-19 2:10 ` Stroller
2007-07-19 1:58 ` Stroller
2007-07-17 17:14 ` Boyd Stephen Smith Jr.
2007-07-17 19:29 ` Mike Edenfield
2007-07-16 0:52 burlingk
2007-07-16 12:15 ` Mark Shields
2007-07-16 21:53 ` Jerry McBride
2007-07-17 1:26 ` Volker Armin Hemmann
2007-07-17 1:59 ` Boyd Stephen Smith Jr.
2007-07-17 1:26 ` Volker Armin Hemmann
2007-07-17 2:08 ` Henk Boom
2007-07-13 22:11 Jerry McBride
2007-07-13 22:27 ` Bo Ørsted Andresen
2007-07-18 9:28 ` b.n.
2007-07-18 16:23 ` Boyd Stephen Smith Jr.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200707171227.23899.bss03@volumehost.net \
--to=bss03@volumehost.net \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox