From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1IAqwi-0000Tj-PN for garchives@archives.gentoo.org; Tue, 17 Jul 2007 17:34:49 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l6HHWpi1017552; Tue, 17 Jul 2007 17:32:51 GMT Received: from ender.volumehost.net (adsl-69-154-123-202.dsl.fyvlar.swbell.net [69.154.123.202]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l6HHRe12011232 for ; Tue, 17 Jul 2007 17:27:40 GMT Received: from localhost (localhost [127.0.0.1]) by ender.volumehost.net (Postfix) with ESMTP id ACE9220847 for ; Tue, 17 Jul 2007 17:27:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at volumehost.net Received: from ender.volumehost.net ([127.0.0.1]) by localhost (ender.volumehost.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 9njGPSJ9ZqTk for ; Tue, 17 Jul 2007 17:27:38 +0000 (UTC) Received: from adsl-69-154-123-205.dsl.fyvlar.swbell.net (adsl-69-154-123-205.dsl.fyvlar.swbell.net [69.154.123.205]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ender.volumehost.net (Postfix) with ESMTP id 28F111D87B for ; Tue, 17 Jul 2007 17:27:38 +0000 (UTC) From: "Boyd Stephen Smith Jr." To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] 2 to 3?? Date: Tue, 17 Jul 2007 12:27:23 -0500 User-Agent: KMail/1.9.7 References: <14178ED3A898524FB036966D696494FB138F1E@messenger.cv63.navy.mil> In-Reply-To: <14178ED3A898524FB036966D696494FB138F1E@messenger.cv63.navy.mil> X-Eric-Conspiracy: There is no conspiracy Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart9056294.XTe4TqmFa1"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200707171227.23899.bss03@volumehost.net> X-Archives-Salt: 753a56e6-acfa-417c-91c4-709b41970f32 X-Archives-Hash: f93ee46cd3165ced61e5b12f6c45f4d2 --nextPart9056294.XTe4TqmFa1 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 17 July 2007, burlingk@cv63.navy.mil wrote about 'RE:=20 [gentoo-user] 2 to 3??': > TiVo did not allow modified, and therefore potentially > Compromised, devices connect to their network. More than that -- they don't allow the "compromised" devices to boot. Of=20 course, that's *required* to lay down the restrictions they want, since=20 one the device is booted from freely modified code, there's no method of=20 remote attestation to guarantee your aren't just pretending to be=20 a "genuine" device. > This does not sound like theft of code, it sounds like sound network > protocol. So, sound network protocol validates the data sent, it doesn't require the= =20 other end to be arbitrarily "trusted". Remember "trusted" is just DoD=20 speak for "allowed to violate security policy". > If you wish to maintain a secure environment that is stable=20 > for thousands of users, and has a lot of money riding on it, you do > not allow compromised devices to connect. It is that simple. BS. Second life allows any client to connect as long as they follow the=20 protocol. There's a wide variety of WoW hacks that modify the running=20 executable (a binary patch applied at runtime) that, while not allowed=20 under the EULA, work quite well on the real servers and have not increased= =20 the number of server crashes or scheduled restarts. Securing the network is not done by securing the remote devices. (You=20 don't need to trusted ethernet card to connect to a cisco router, or a=20 cable modem.) It is done by validating the data sent, having a=20 well-defined network protocol, and disconnecting clients that provide bad=20 data. > The TiVo thing was completely within the word and spirit of the GPL. It was *barely* within the word, and definitely not within the spirit of=20 the GPL. Don't beleive me? Ask anyone at the FSF or RMS himself. They=20 wrote the thing. =2D-=20 Boyd Stephen Smith Jr. ,=3D ,-_-. =3D.=20 bss03@volumehost.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'=20 http://iguanasuicide.org/ \_/ =20 --nextPart9056294.XTe4TqmFa1 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (GNU/Linux) iD8DBQBGnPv755pqL7G1QFkRAgbNAKCCxIljFpfU8zcZisw2eZisswPF/QCeJ5eZ 5M1WLVpIr/3Ava0frQG0jKg= =E2Wv -----END PGP SIGNATURE----- --nextPart9056294.XTe4TqmFa1-- -- gentoo-user@gentoo.org mailing list